Search criteria
47 vulnerabilities found for Unified Communications Manager Session Management Edition by Cisco
CERTFR-2025-AVI-0553
Vulnerability from certfr_avis - Published: - Updated:
Une vulnérabilité a été découverte dans les produits Cisco. Elle permet à un attaquant de provoquer un contournement de la politique de sécurité.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
L'éditeur précise que les produits affectés sont des versions limitées, nommées Engineering Special (ES), qui ont été distribuées uniquement par le centre d'assistance technique de Cisco.
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Cisco | Unified Communications Manager Session Management Edition | Unified Communications Manager Session Management Edition versions 15.0.1.x antérieures à 15SU3 ou sans le correctif de sécurité ciscocm.CSCwp27755_D0247-1.cop.sha512 | ||
| Cisco | Unified Communications Manager | Unified Communications Manager versions 15.0.1.x antérieures à 15SU3 ou sans le correctif de sécurité ciscocm.CSCwp27755_D0247-1.cop.sha512 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Unified Communications Manager Session Management Edition versions 15.0.1.x ant\u00e9rieures \u00e0 15SU3 ou sans le correctif de s\u00e9curit\u00e9 ciscocm.CSCwp27755_D0247-1.cop.sha512",
"product": {
"name": "Unified Communications Manager Session Management Edition",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Unified Communications Manager versions 15.0.1.x ant\u00e9rieures \u00e0 15SU3 ou sans le correctif de s\u00e9curit\u00e9 ciscocm.CSCwp27755_D0247-1.cop.sha512",
"product": {
"name": "Unified Communications Manager",
"vendor": {
"name": "Cisco",
"scada": false
}
}
}
],
"affected_systems_content": "L\u0027\u00e9diteur pr\u00e9cise que les produits affect\u00e9s sont des versions limit\u00e9es, nomm\u00e9es Engineering Special (ES), qui ont \u00e9t\u00e9 distribu\u00e9es uniquement par le centre d\u0027assistance technique de Cisco.",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-20309",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-20309"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0553",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-07-03T00:00:00.000000"
}
],
"risks": [
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans les produits Cisco. Elle permet \u00e0 un attaquant de provoquer un contournement de la politique de s\u00e9curit\u00e9.",
"title": "Vuln\u00e9rabilit\u00e9 dans les produits Cisco",
"vendor_advisories": [
{
"published_at": "2025-07-02",
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-cucm-ssh-m4UBdpE7",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-ssh-m4UBdpE7"
}
]
}
VAR-201405-0244
Vulnerability from variot - Updated: 2024-07-23 22:12The do_ssl3_write function in s3_pkt.c in OpenSSL 1.x through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, does not properly manage a buffer pointer during certain recursive calls, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors that trigger an alert condition. OpenSSL is prone to denial-of-service vulnerability. An attacker may exploit this issue to crash the application, resulting in denial-of-service conditions.
The oldstable distribution (squeeze) is not affected.
For the stable distribution (wheezy), this problem has been fixed in version 1.0.1e-2+deb7u9.
For the testing distribution (jessie), this problem has been fixed in version 1.0.1g-4.
For the unstable distribution (sid), this problem has been fixed in version 1.0.1g-4.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0198 http://advisories.mageia.org/MGASA-2014-0204.html
Updated Packages:
Mandriva Business Server 1/X86_64: 0960978623ce1a63b660860f11a273cd mbs1/x86_64/lib64openssl1.0.0-1.0.0k-1.3.mbs1.x86_64.rpm a1f2e8359b1823df2bbf4cef25ed0fa5 mbs1/x86_64/lib64openssl-devel-1.0.0k-1.3.mbs1.x86_64.rpm 9caf8ee1e9151cd22cc8bbbcec6ddc64 mbs1/x86_64/lib64openssl-engines1.0.0-1.0.0k-1.3.mbs1.x86_64.rpm e7e8655dcdfcf3499b5d3280a7023beb mbs1/x86_64/lib64openssl-static-devel-1.0.0k-1.3.mbs1.x86_64.rpm 34ef39c4e07e20ed081ff466b744e6b1 mbs1/x86_64/openssl-1.0.0k-1.3.mbs1.x86_64.rpm 4c4315e35972686c692a095851d42cd4 mbs1/SRPMS/openssl-1.0.0k-1.3.mbs1.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security.
HP Insight Control server deployment packages HP System Management Homepage (SMH) and HP Version Control Agent (VCA), and HP Smart Update Manager (SUM) and deploys them through the following components. This bulletin provides the information needed to update the HP Insight Control server deployment solution. HP has provided manual update steps if a version upgrade is not possible; if users wish to remain at v7.1.2, v7.2.0, or v7.2.1.
Note: It is important to check your current running version of HP Insight Control server deployment and to follow the correct steps listed below. For HP Insight Control server deployment v7.2.2, users must upgrade to v7.3.1 and follow the steps below to remove the vulnerability. That Security Bulletin with instructions on how to upgrade to v7.3.1 can be found here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_n a-c04267749
HP Insight Control server deployment users of v7.1.2, v7.2.0, v7.2.1 should take the following steps to remove this vulnerability.
Delete the files smhamd64-.exe/smhx86-.exe" from Component Copy Location listed in the following table, rows 1 and 2. Delete the files "vcax86-.exe/vcaamd64-.exe from Component Copy Location listed in the following table, rows 3 and 4. Delete the files hpsmh-7.*.rpm" from Component Copy Location listed in row 5. In sequence, perform the steps from left to right in the following table. First, download components from Download Link; Second, rename the component as suggested in Rename to. Third, copy the component to the location specified in Component Copy Location. Table Row Number Download Link Rename to Component Copy Location
1 http://www.hp.com/swpublishing/MTX-e8076c2a35804685ad65b2b1ba smhamd64-ccp023716.exe \express\hpfeatures\hpagents-ws\components\Win2008
2 http://www.hp.com/swpublishing/MTX-3395d737d98f42149125b9bb05 smhx86-cp023715.exe \express\hpfeatures\hpagents-ws\components\Win2008
3 http://www.hp.com/swpublishing/MTX-8aefeaf490284a7691eca97d13 vcax86-cp023742.exe \express\hpfeatures\hpagents-ws\components\Win2008
4 http://www.hp.com/swpublishing/MTX-c0d32bac154a4d93839d8cd1f2 vcaamd64-cp023743.exe \express\hpfeatures\hpagents-ws\components\Win2008
5 http://www.hp.com/swpublishing/MTX-bd9a1cf60e344c549c4888db93 Do not rename the downloaded component for this step. \express\hpfeatures\hpagents-sles11-x64\components \express\hpfeatures\hpagents-sles10-x64\components \express\hpfeatures\hpagents-rhel5-x64\components \express\hpfeatures\hpagents-rhel6-x64\components
Download and extract the HPSUM 5.3.6 component from ftp://ftp.hp.com/pub/softlib2/software1/pubsw-windows/p750586112/v99793
Copy all content from extracted ZIP folder and paste into \eXpress\hpfeatures\fw-proLiant\components Initiate Install HP Management Agents for SLES 11 x64 on targets running SLES11 x64. Initiate Install HP Management Agents for SLES 10 x64 on targets running SLES10 x64. Initiate Install HP Management Agents for RHEL 6 x64 on targets running RHEL 6 x64. Initiate Install HP Management Agents for RHEL 5 x64 on targets running RHEL 5 x64. Initiate Install HP Management Agents for Windows x86/x64 on targets running Windows.
HP Insight Control server deployment users with v7.2.2:
Please upgrade to Insight Control server deployment v7.3.1 and follow the steps below for v7.3.1.
HP Insight Control server deployment users with v7.3.1:
Perform steps 1 - 4 as outlined above for users with HP Insight Control server deployment v7.1.2, v7.2.0, and v7.2.1. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201407-05
http://security.gentoo.org/
Severity: High Title: OpenSSL: Multiple vulnerabilities Date: July 27, 2014 Bugs: #512506 ID: 201407-05
Synopsis
Multiple vulnerabilities have been found in OpenSSL, possibly allowing remote attackers to execute arbitrary code.
Workaround
There is no known workaround at this time.
Resolution
All OpenSSL users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/openssl-1.0.1h-r1"
References
[ 1 ] CVE-2010-5298 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-5298 [ 2 ] CVE-2014-0195 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0195 [ 3 ] CVE-2014-0198 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0198 [ 4 ] CVE-2014-0221 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0221 [ 5 ] CVE-2014-0224 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0224 [ 6 ] CVE-2014-3470 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3470 [ 7 ] OpenSSL Security Advisory [05 Jun 2014] http://www.openssl.org/news/secadv_20140605.txt
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201407-05.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . These vulnerabilities include:
-
The SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" also known as "POODLE", which could be exploited remotely resulting in disclosure of information.
-
HP StoreVirtual VSA Software 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4130 600GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4130 600GB China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 1TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 450GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 1TB MDL China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 450GB China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 900GB China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 FC 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 FC 900GB China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 2TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 3TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 450GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 600GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4630 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4730 600GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4730 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4730 FC 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 450GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 900GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 1TB MDL SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 3TB MDL SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 450GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4335 China Hybrid Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4335 Hybrid Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 4TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4130 600GB China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4130 600GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 1TB MDL China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 1TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 1TB MDL SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 450GB China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 450GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 450GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 900GB China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 900GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 FC 900GB China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 FC 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4335 China Hybrid SAN Solution 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4335 China Hybrid Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4335 Hybrid SAN Solution 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4335 Hybrid Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 2TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 3TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 3TB MDL SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 450GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 450GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 4TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 600GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 600GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4630 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4730 600GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4730 600GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4730 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4730 900GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4730 FC 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
BACKGROUND
CVSS Base Metrics ================= Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector
CVE-2010-5298
4.8 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
4.0 (AV:N/AC:H/Au:N/C:N/I:P/A:P)
CVE-2014-0076
4.0 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1.9 (AV:L/AC:M/Au:N/C:P/I:N/A:N)
CVE-2014-0195
7.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVE-2014-0198
5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
CVE-2014-0221
5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
CVE-2014-0224
6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVE-2014-3470
5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
CVE-2014-3566
3.1 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)
CVE-2016-0705
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Information on CVSS is documented in
HPE Customer Notice HPSN-2008-002 here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499
RESOLUTION
HPE recommends applying the following software updates to resolve the vulnerabilities in the impacted versions of HPE StoreVirtual products running HPE LeftHand OS.
LeftHand OS v11.5 - Patches 45019-00 and 45020 LeftHand OS v12.0 - Patches 50016-00 and 50017-00 LeftHand OS v12.5 - Patch 55016-00 LeftHand OS v12.6 - Patch 56002-00
Notes:
These patches enable TLSv1.2 protocol and upgrades the OpenSSL RPM revision to OpenSSL v1.0.1e 48. These patches migrate Certificate Authority Hashing Algorithm from a weak hashing algorithm SHA1 to the stronger hashing algorithm SHA256. Summary
VMware product updates address OpenSSL security vulnerabilities.
- Relevant Releases
ESXi 5.5 prior to ESXi550-201406401-SG
-
OpenSSL libraries have been updated in multiple products to versions 0.9.8za and 1.0.1h in order to resolve multiple security issues.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2014-0224, CVE-2014-0198, CVE-2010-5298, CVE-2014-3470, CVE-2014-0221 and CVE-2014-0195 to these issues. The most important of these issues is CVE-2014-0224.
CVE-2014-0198, CVE-2010-5298 and CVE-2014-3470 are considered to be of moderate severity. Exploitation is highly unlikely or is mitigated due to the application configuration.
CVE-2014-0221 and CVE-2014-0195, which are listed in the OpenSSL Security Advisory (see Reference section below), do not affect any VMware products. For readability the affected products have been split into 3 tables below, based on the different client-server configurations and deployment scenarios. Applying these patches to affected servers will mitigate the affected clients (See Table 1 below). can be mitigated by using a secure network such as VPN (see Table 2 below).
Clients and servers that are deployed on an isolated network are less exposed to CVE-2014-0224 (see Table 3 below). The affected products are typically deployed to communicate over the management network.
RECOMMENDATIONS
VMware recommends customers evaluate and deploy patches for affected Servers in Table 1 below as these patches become available. Patching these servers will remove the ability to exploit the vulnerability described in CVE-2014-0224 on both clients and servers. VMware recommends customers consider applying patches to products listed in Table 2 & 3 as required.
Column 4 of the following tables lists the action required to remediate the vulnerability in each release, if a solution is available.
VMware Product Running Replace with/ Product Version on Apply Patch ============== ======= ======= ============= ESXi 5.5 ESXi ESXi550- 201406401-SG
Big Data Extensions 1.1 patch pending Charge Back Manager 2.6 patch pending
Horizon Workspace Server GATEWAY 1.8.1 patch pending Horizon Workspace Server GATEWAY 1.5 patch pending
Horizon Workspace Server DATA 1.8.1 patch pending
Horizon Mirage Edge Gateway 4.4.2 patch pending Horizon View 5.3.1 patch pending
Horizon View Feature Pack 5.3 SP2 patch pending
NSX for Multi-Hypervisor 4.1.2 patch pending NSX for Multi-Hypervisor 4.0.3 patch pending NSX for vSphere 6.0.4 patch pending NVP 3.2.2 patch pending vCAC 6.0.1 patch pending
vCloud Networking and Security 5.5.2 patch pending vCloud Networking and Security 5.1.2 patch pending
vFabric Web Server 5.3.4 patch pending
vCHS - DPS-Data Protection 2.0 patch pending Service
Table 2 ======== Affected clients running a vulnerable version of OpenSSL 0.9.8 or 1.0.1 and communicating over an untrusted network.
VMware Product Running Replace with/ Product Version on Apply Patch ============== ======= ======= ============= vCSA 5.5 patch pending vCSA 5.1 patch pending vCSA 5.0 patch pending
ESXi 5.1 ESXi patch pending ESXi 5.0 ESXi patch pending
Workstation 10.0.2 any patch pending Workstation 9.0.3 any patch pending Fusion 6.x OSX patch pending Fusion 5.x OSX patch pending Player 10.0.2 any patch pending Player 9.0.3 any patch pending
Chargeback Manager 2.5.x patch pending
Horizon Workspace Client for 1.8.1 OSX patch pending Mac Horizon Workspace Client for 1.5 OSX patch pending Mac Horizon Workspace Client for 1.8.1 Windows patch pending Windows
Horizon Workspace Client for 1.5 Windows patch pendingOVF Tool 3.5.1 patch pending OVF Tool 3.0.1 patch pending
vCenter Operations Manager 5.8.1 patch pending
vCenter Support Assistant 5.5.0 patch pending vCenter Support Assistant 5.5.1 patch pending
vCD 5.1.2 patch pending
vCD 5.1.3 patch pending vCD 5.5.1.1 patch pending vCenter Site Recovery Manager 5.0.3.1 patch pendingTable 3 ======= The following table lists all affected clients running a vulnerable version of OpenSSL 0.9.8 or 1.0.1 and communicating over an untrusted network.
VMware Product Running Replace with/ Product Version on Apply Patch ============== ======= ======= ============= vCenter Server 5.5 any patch pending vCenter Server 5.1 any patch pending vCenter Server 5.0 any patch pending
Update Manager 5.5 Windows patch pending Update Manager 5.1 Windows patch pending Update Manager 5.0 Windows patch pending
Config Manager (VCM) 5.6 patch pending
Horizon View Client 5.3.1 patch pending Horizon View Client 4.x patch pending Horizon Workspace 1.8.1 patch pending Horizon Workspace 1.5 patch pending
ITBM Standard 1.0.1 patch pending ITBM Standard 1.0 patch pending
Studio 2.6.0.0 patch pending
Usage Meter 3.3 patch pending vCenter Chargeback Manager 2.6 patch pending vCenter Converter Standalone 5.5 patch pending vCenter Converter Standalone 5.1 patch pending vCD (VCHS) 5.6.2 patch pending
vCenter Site Recovery Manager 5.5.1 patch pending vCenter Site Recovery Manager 5.1.1 patch pending
vFabric Application Director 5.2.0 patch pending vFabric Application Director 5.0.0 patch pending View Client 5.3.1 patch pending View Client 4.x patch pending VIX API 5.5 patch pending VIX API 1.12 patch pending
vMA (Management Assistant) 5.1.0.1 patch pending
VMware Data Recovery 2.0.3 patch pending
VMware vSphere CLI 5.5 patch pending
vSphere Replication 5.5.1 patch pending vSphere Replication 5.6 patch pending vSphere SDK for Perl 5.5 patch pending vSphere Storage Appliance 5.5.1 patch pending vSphere Storage Appliance 5.1.3 patch pending vSphere Support Assistant 5.5.1 patch pending vSphere Support Assistant 5.5.0 patch pending vSphere Virtual Disk 5.5 patch pending Development Kit
vSphere Virtual Disk 5.1 patch pending Development Kit vSphere Virtual Disk 5.0 patch pending Development Kit -
Solution
ESXi 5.5
Download: https://www.vmware.com/patchmgr/download.portal
Release Notes and Remediation Instructions: http://kb.vmware.com/kb/2077359
- References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0198 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5298 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470
https://www.openssl.org/news/secadv_20140605.txt
- Change Log
2014-06-10 VMSA-2014-0006 Initial security advisory in conjunction with the release of ESXi 5.5 updates on 2014-06-10
- Contact
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
security-announce at lists.vmware.com
bugtraq at securityfocus.com
fulldisclosure at seclists.org
E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055
VMware Security Advisories http://www.vmware.com/security/advisories
VMware Security Response Policy https://www.vmware.com/support/policies/security_response.html
VMware Lifecycle Support Phases https://www.vmware.com/support/policies/lifecycle.html
Twitter https://twitter.com/VMwareSRC
Copyright 2014 VMware Inc. All rights reserved. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04347622
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c04347622 Version: 2
HPSBHF03052 rev.2 - HP Network Products running OpenSSL, Multiple Remote Vulnerabilities
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2014-06-20 Last Updated: 2014-11-20
Potential Security Impact: Remote Denial of Service (DoS), code execution, unauthorized access, modification of information, disclosure of information
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP Network Products running OpenSSL. The vulnerabilities could be exploited remotely to create a Denial of Service (DoS), execute code, allow unauthorized access, modify or disclose information.
References:
CVE-2010-5298 (SSRT101561) Remote Denial of Service (DoS) or Modification of Information CVE-2014-0198 (SSRT101561) Remote Unauthorized Access CVE-2014-0224 (SSRT101593) Remote Unauthorized Access or Disclosure of Information
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. Please refer to the RESOLUTION section below for a list of impacted products.
NOTE:
All products listed are impacted by CVE-2014-0224. This is the vulnerability known as "Heartbleed". HP Intelligent Management Center (iMC) is also impacted by CVE-2014-0198 and CVE-2010-5298.
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2010-5298 (AV:N/AC:H/Au:N/C:N/I:P/A:P) 4.0 CVE-2014-0198 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2014-0224 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION On June 5th 2014, OpenSSL.org issued an advisory with several CVE vulnerabilities. HP Networking is working to release fixes for these vulnerabilities that impact the products in the table below. As fixed software is made available, this security bulletin will be updated to show the fixed versions. Until the software fixes are available, HP Networking is providing the following information including possible workarounds to mitigate the risks of these vulnerabilities.
Workarounds
HP Networking equipment is typically deployed inside firewalls and access
to management interfaces and other protocols is more tightly controlled than in public environments.
Following the guidelines in the Hardening Comware-based devices can help
to further reduce man-in-the-middle opportunities:
http://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=
c03536920
For an HP Networking device acting as an OpenSSL Server, using a patched
OpenSSL client or non-OpenSSL client eliminates the risk.
Protocol Notes
The following details the protocols that use OpenSSL in Comware v5 and
Comware v7:
- Comware V7:
Server:
FIPS/HTTPS/Load Balancing/Session Initiation Protocol
Client:
Load Balancing/OpenFlow/Session Initiation Protocol/State Machine
Based Anti-Spoofing/Dynamic DNS
- Comware V5:
Server:
CAPWAP/EAP/SSLVPN
Client:
Dynamic DNS
Family Fixed Version HP Branded Products Impacted H3C Branded Products Impacted 3Com Branded Products Impacted
12900 Switch Series 12900_7.10.R1109 12900_7.10.R1005P07 JG619A HP FF 12910 Switch AC Chassis JG621A HP FF 12910 Main Processing Unit JG632A HP FF 12916 Switch AC Chassis JG634A HP FF 12916 Main Processing Unit
12500.0 12500_5.20.R1828P04 12500_5.20.R1828P04-US JC085A HP A12518 Switch Chassis JC086A HP A12508 Switch Chassis JC652A HP 12508 DC Switch Chassis JC653A HP 12518 DC Switch Chassis JC654A HP 12504 AC Switch Chassis JC655A HP 12504 DC Switch Chassis JF430A HP A12518 Switch Chassis JF430B HP 12518 Switch Chassis JF430C HP 12518 AC Switch Chassis JF431A HP A12508 Switch Chassis JF431B HP 12508 Switch Chassis JF431C HP 12508 AC Switch Chassis JC072B HP 12500 Main Processing Unit JC808A HP 12500 TAA Main Processing Unit H3C S12508 Routing Switch(AC-1) (0235A0GE) H3C S12518 Routing Switch(AC-1) (0235A0GF) H3C S12508 Chassis (0235A0E6) H3C S12508 Chassis (0235A38N) H3C S12518 Chassis (0235A0E7) H3C S12518 Chassis (0235A38M)
12500 (Comware v7) 12500_7.10.R7328P03 JC085A HP A12518 Switch Chassis JC086A HP A12508 Switch Chassis JC652A HP 12508 DC Switch Chassis JC653A HP 12518 DC Switch Chassis JC654A HP 12504 AC Switch Chassis JC655A HP 12504 DC Switch Chassis JF430A HP A12518 Switch Chassis JF430B HP 12518 Switch Chassis JF430C HP 12518 AC Switch Chassis JF431A HP A12508 Switch Chassis JF431B HP 12508 Switch Chassis JF431C HP 12508 AC Switch Chassis JC072B HP 12500 Main Processing Unit JG497A HP 12500 MPU w/Comware V7 OS JG782A HP FF 12508E AC Switch Chassis JG783A HP FF 12508E DC Switch Chassis JG784A HP FF 12518E AC Switch Chassis JG785A HP FF 12518E DC Switch Chassis JG802A HP FF 12500E MPU H3C S12508 Routing Switch(AC-1) (0235A0GE) H3C S12518 Routing Switch(AC-1) (0235A0GF) H3C S12508 Chassis (0235A0E6) H3C S12508 Chassis (0235A38N) H3C S12518 Chassis (0235A0E7) H3C S12518 Chassis (0235A38M)
11900 Switch Series 11900_7.10.R2111P04 JG608A HP FF 11908-V Switch Chassis JG609A HP FF 11900 Main Processing Unit
10500 Switch Series (Comware v5) 10500_5.20.R1208P09 10500_5.20.R1208P09-US JC611A HP 10508-V Switch Chassis JC612A HP 10508 Switch Chassis JC613A HP 10504 Switch Chassis JC614A HP 10500 Main Processing Unit JC748A HP 10512 Switch Chassis JG375A HP 10500 TAA Main Processing Unit JG820A HP 10504 TAA Switch Chassis JG821A HP 10508 TAA Switch Chassis JG822A HP 10508-V TAA Switch Chassis JG823A HP 10512 TAA Switch Chassis
10500 Switch Series (Comware v7) 10500_7.10.R2111P04 JC611A HP 10508-V Switch Chassis JC612A HP 10508 Switch Chassis JC613A HP 10504 Switch Chassis JC748A HP 10512 Switch Chassis JG820A HP 10504 TAA Switch Chassis JG821A HP 10508 TAA Switch Chassis JG822A HP 10508-V TAA Switch Chassis JG823A HP 10512 TAA Switch Chassis JG496A HP 10500 Type A MPU w/Comware v7 OS
9500E S9500E_5.20.R1828P04 JC124A HP A9508 Switch Chassis JC124B HP 9505 Switch Chassis JC125A HP A9512 Switch Chassis JC125B HP 9512 Switch Chassis JC474A HP A9508-V Switch Chassis JC474B HP 9508-V Switch Chassis H3C S9505E Routing-Switch Chassis (0235A0G6) H3C S9508E-V Routing-Switch Chassis (0235A38Q) H3C S9512E Routing-Switch Chassis (0235A0G7) H3C S9508E-V Routing-Switch Chassis (0235A38Q) H3C S9505E Chassis w/ Fans (0235A38P) H3C S9512E Chassis w/ Fans (0235A38R)
7900.0 7900_7.10.R2118 JG682A HP FlexFabric 7904 Switch Chassis
7500 Switch Series 7500_5.20.R6708P09 7500_5.20.R6708P09-US JC666A HP A7503-S 144 Gbps Fab/MPU w 24p Gig-T JC697A HP A7502 TAA Main Processing Unit JC698A HP A7503S 144 Gbps TAA Fab/MPU w 24p GbE JC699A HP A7500 384Gbps TAA Fab/MPU w 2p 10-GbE JC700A HP A7500 384 Gbps TAA Fabric / MPU JC701A HP A7510 768 Gbps TAA Fabric / MPU JD193A HP 384 Gbps A7500 Fab Mod w/2 XFP Ports JD193B HP 7500 384Gbps Fab Mod w/2 XFP Ports JD194A HP 384 Gbps Fabric A7500 Module JD194B HP 7500 384Gbps Fabric Module JD195A HP 7500 384Gbps Advanced Fabric Module JD196A HP 7502 Fabric Module JD220A HP 7500 768Gbps Fabric Module JD238A HP A7510 Switch Chassis JD238B HP 7510 Switch Chassis JD239A HP A7506 Switch Chassis JD239B HP 7506 Switch Chassis JD240A HP A7503 Switch Chassis JD240B HP 7503 Switch Chassis JD241A HP A7506 Vertical Switch Chassis JD241B HP 7506-V Switch Chassis JD242A HP A7502 Switch Chassis JD242B HP 7502 Switch Chassis JD243A HP A7503 Switch Chassis w/1 Fabric Slot JD243B HP 7503-S Switch Chassis w/1 Fabric Slot H3C S7502E Ethernet Switch Chassis with Fan (0235A0G4) H3C S7503E Ethernet Switch Chassis with Fan (0235A0G2) H3C S7503E-S Ethernet Switch Chassis with Fan (0235A0G5) H3C S7506E Ethernet Switch Chassis with Fan (0235A0G1) H3C S7506E-V Ethernet Switch Chassis with Fan (0235A0G3) H3C S7510E Ethernet Switch Chassis with Fan (0235A0G0) H3C S7502E Chassis w/ fans (0235A29A) H3C S7503E Chassis w/ fans (0235A27R) H3C S7503E-S Chassis w/ fans (0235A33R) H3C S7506E Chassis w/ fans (0235A27Q) H3C S7506E-V Chassis w/ fans (0235A27S)
HSR6800 HSR6800_5.20.R3303P10 HSR6800_5.20.R3303P10-US JG361A HP HSR6802 Router Chassis JG362A HP HSR6804 Router Chassis JG363A HP HSR6808 Router Chassis JG364A HP HSR6800 RSE-X2 Router MPU JG779A HP HSR6800 RSE-X2 Router TAA MPU
HSR6800 Russian Version HSR6800_5.20.R3303P10.RU JG361A HP HSR6802 Router Chassis JG362A HP HSR6804 Router Chassis JG363A HP HSR6808 Router Chassis JG364A HP HSR6800 RSE-X2 Router MPU JG779A HP HSR6800 RSE-X2 Router TAA MPU
HSR6602 HSR6602_5.20.R3303P10 HSR6602_5.20.R3303P10-US JG353A HP HSR6602-G Router JG354A HP HSR6602-XG Router JG776A HP HSR6602-G TAA Router JG777A HP HSR6602-XG TAA Router
HSR6602 Russian Version HSR6602_5.20.R3303P10.RU JG353A HP HSR6602-G Router JG354A HP HSR6602-XG Router JG776A HP HSR6602-G TAA Router JG777A HP HSR6602-XG TAA Router
6602.0 6602_5.20.R3303P10 6602_5.20.R3303P10-US JC176A HP 6602 Router Chassis H3C SR6602 1U Router Host (0235A27D)
6602 Russian Version 6602_5.20.R3303P10.RU JC176A HP 6602 Router Chassis H3C SR6602 1U Router Host (0235A27D)
A6600 6600.RPE_5.20.R3303P10 6600.RSE_5.20.R3303P10 6600.RPE_5.20.R3303P10-US 6600.RSE_5.20.R3303P10-US JC177A HP 6608 Router JC177B HP A6608 Router Chassis JC178A HP 6604 Router Chassis JC178B HP A6604 Router Chassis JC496A HP 6616 Router Chassis JC566A HP A6600 RSE-X1 Main Processing Unit JG780A HP 6600 RSE-X1 Router TAA MPU H3C RT-SR6608-OVS-H3 (0235A32X) H3C RT-SR6604-OVS-H3 (0235A37X) H3C SR6616 Router Chassis (0235A41D)
A6600 Russian Version 6600.RPE_5.20.R3303P10.RU 6600.RSE_5.20.R3303P10.RU JC177A HP 6608 Router JC177B HP A6608 Router Chassis JC178A HP 6604 Router Chassis JC178B HP A6604 Router Chassis JC496A HP 6616 Router Chassis JC566A HP A6600 RSE-X1 Main Processing Unit JG780A HP 6600 RSE-X1 Router TAA MPU H3C RT-SR6608-OVS-H3 (0235A32X) H3C RT-SR6604-OVS-H3 (0235A37X) H3C SR6616 Router Chassis (0235A41D)
6600 MCP HSR6602_5.20.R3303P10 HSR6602_5.20.R3303P10-US JC177A HP 6608 Router JC177B HP A6608 Router Chassis JC178A HP 6604 Router Chassis JC178B HP A6604 Router Chassis JC496A HP 6616 Router Chassis JG778A HP 6600 MCP-X2 Router TAA MPU. JG355A HP 6600 MCP-X1 Router MPU JG356A HP 6600 MCP-X2 Router MPU H3C RT-SR6608-OVS-H3 (0235A32X) H3C RT-SR6604-OVS-H3 (0235A37X) H3C SR6616 Router Chassis (0235A41D)
6600 MCP Russian Version HSR6602_5.20.R3303P10.RU JC177A HP 6608 Router JC177B HP A6608 Router Chassis JC178A HP 6604 Router Chassis JC178B HP A6604 Router Chassis JC496A HP 6616 Router Chassis JG778A HP 6600 MCP-X2 Router TAA MPU JG355A HP 6600 MCP-X1 Router MPU JG356A HP 6600 MCP-X2 Router MPU H3C RT-SR6608-OVS-H3 (0235A32X) H3C RT-SR6604-OVS-H3 (0235A37X) H3C SR6616 Router Chassis (0235A41D)
5920 Switch Series 5900AF-5920AF_7.10.R2311P01 5900AF-5920AF_7.10.R2311P01-US JG296A HP 5920AF-24XG Switch JG555A HP 5920AF-24XG TAA Switch
5900 Switch Series 5900AF-5920AF_7.10.R2311P01 5900AF-5920AF_7.10.R2311P01-US JC772A HP 5900AF-48XG-4QSFP+ Switch JG336A HP 5900AF-48XGT-4QSFP+ Switch JG510A HP 5900AF-48G-4XG-2QSFP+ Switch JG554A HP 5900AF-48XG-4QSFP+ TAA Switch JG838A HP FF 5900CP-48XG-4QSFP+ Switch
5830 Switch Series 5830_5.20.R1118P09 5830_5.20.R1118P09-US JC691A HP A5830AF-48G Switch w/1 Interface Slot JC694A HP A5830AF-96G Switch JG316A HP 5830AF-48G TAA Switch w/1 Intf Slot JG374A HP 5830AF-96G TAA Switch
5820 Switch Series 5800-5820X_5.20.R1808P25 5800-5820X_5.20.R1808P27-US JC102A HP 5820-24XG-SFP+ Switch JC106A HP 5820-14XG-SFP+ Switch with 2 Slots JG219A HP 5820AF-24XG Switch JG243A HP 5820-24XG-SFP+ TAA-compliant Switch JG259A HP 5820X-14XG-SFP+ TAA Switch w 2 Slots H3C S5820X-28C 14 port (SFP Plus ) Plus 4-port BT (RJ45) Plus 2 media modules Plus OSM (0235A37L) H3C S5820X-28S 24-port 10GBASE-X (SFP Plus ) Plus 4-port 10/100/1000BASE-T (RJ45) (0235A370)
5800 Switch Series 5800-5820X_5.20.R1808P25 5800-5820X_5.20.R1808P27-US JC099A HP 5800-24G-PoE Switch JC100A HP 5800-24G Switch JC101A HP 5800-48G Switch with 2 Slots JC103A HP 5800-24G-SFP Switch JC104A HP 5800-48G-PoE Switch JC105A HP 5800-48G Switch JG225A HP 5800AF-48G Switch JG242A HP 5800-48G-PoE+ TAA Switch w 2 Slots JG254A HP 5800-24G-PoE+ TAA-compliant Switch JG255A HP 5800-24G TAA-compliant Switch JG256A HP 5800-24G-SFP TAA Switch w 1 Intf Slt JG257A HP 5800-48G-PoE+ TAA Switch with 1 Slot JG258A HP 5800-48G TAA Switch w 1 Intf Slot H3C S5800-32C - 24-port 1BT Plus 4-port (SFP Plus ) Plus 1 media slot (0235A36U) H3C S5800-32C-PWR - 24-port 10/100/1000BASE-T (RJ45) Plus 4-port 10GBASE-X (SFP Plus ) Plus 1 media module PoE (0235A36S) H3C S5800-32F 24-port 1000BASE-X (SFP) Plus 4-port 10GBASE-X (SFP Plus ) Plus media module (no power) (0235A374) H3C S5800-56C 48-port 10/100/1000BASE-T (RJ45) Plus 4port 10GBASE-X (SFP Plus ) Plus media module (0235A379) H3C S5800-56C-PWR 48-port BT Plus 4 port (SFP Plus ) Plus media module (0235A378) H3C S5800-60C-PWR 48-port BT Plus 4-port SFP Plus 2 media modules Plus OSM (0235A36W)
5500 HI Switch Series 5500.HI_5.20.R5501P02 5500.HI_5.20.R5501P02-US JG311A HP HI 5500-24G-4SFP w/2 Intf Slts Switch JG312A HP HI 5500-48G-4SFP w/2 Intf Slts Switch JG541A HP 5500-24G-PoE+-4SFP HI Switch w/2 Slt JG542A HP 5500-48G-PoE+-4SFP HI Switch w/2 Slt JG543A HP 5500-24G-SFP HI Switch w/2 Intf Slt JG679A HP 5500-24G-PoE+-4SFP HI TAA Swch w/2Slt JG680A HP 5500-48G-PoE+-4SFP HI TAA Swch w/2Slt JG681A HP 5500-24G-SFP HI TAA Swch w/2Slt
5500 EI Switch Series 5500.EI-4800G_5.20.R2221P05 5500.EI-4800G_5.20.R2221P04-US JD373A HP 5500-24G DC EI Switch JD374A HP 5500-24G-SFP EI Switch JD375A HP 5500-48G EI Switch JD376A HP 5500-48G-PoE EI Switch JD377A HP 5500-24G EI Switch JD378A HP 5500-24G-PoE EI Switch JD379A HP 5500-24G-SFP DC EI Switch JG240A HP 5500-48G-PoE+ EI Switch w/2 Intf Slts JG241A HP 5500-24G-PoE+ EI Switch w/2 Intf Slts JG249A HP 5500-24G-SFP EI TAA Switch w 2 Slts JG250A HP 5500-24G EI TAA Switch w 2 Intf Slts JG251A HP 5500-48G EI TAA Switch w 2 Intf Slts JG252A HP 5500-24G-PoE+ EI TAA Switch w/2 Slts JG253A HP 5500-48G-PoE+ EI TAA Switch w/2 Slts H3C S5500-28C-EI Ethernet Switch (0235A253) H3C S5500-28F-EI Eth Switch AC Single (0235A24U) H3C S5500-52C-EI Ethernet Switch (0235A24X) H3C S5500-28C-EI-DC Ethernet Switch (0235A24S) H3C S5500-28C-PWR-EI Ethernet Switch (0235A255) H3C S5500-28F-EI Eth Swtch DC Single Pwr (0235A259) H3C S5500-52C-PWR-EI Ethernet Switch (0235A251)
5500 SI Switch Series 5500.SI_5.20.R2221P04 JD369A HP 5500-24G SI Switch JD370A HP 5500-48G SI Switch JD371A HP 5500-24G-PoE SI Switch JD372A HP 5500-48G-PoE SI Switch JG238A HP 5500-24G-PoE+ SI Switch w/2 Intf Slts JG239A HP 5500-48G-PoE+ SI Switch w/2 Intf Slts H3C S5500-28C-SI Ethernet Switch (0235A04U) H3C S5500-52C-SI Ethernet Switch (0235A04V) H3C S5500-28C-PWR-SI Ethernet Switch (0235A05H) H3C S5500-52C-PWR-SI Ethernet Switch (0235A05J)
5120 EI Switch Series 5120.EI-4210G-4510G_5.20.R2221P04 5120.EI-4210G-4510G_5.20.R2221P04-US JE066A HP 5120-24G EI Switch JE067A HP 5120-48G EI Switch JE068A HP 5120-24G EI Switch with 2 Slots JE069A HP 5120-48G EI Switch with 2 Slots JE070A HP 5120-24G-PoE EI Switch with 2 Slots JE071A HP 5120-48G-PoE EI Switch with 2 Slots JG236A HP 5120-24G-PoE+ EI Switch w/2 Intf Slts JG237A HP 5120-48G-PoE+ EI Switch w/2 Intf Slts JG245A HP 5120-24G EI TAA Switch w 2 Intf Slts JG246A HP 5120-48G EI TAA Switch w 2 Intf Slts JG247A HP 5120-24G-PoE+ EI TAA Switch w 2 Slts JG248A HP 5120-48G-PoE+ EI TAA Switch w 2 Slts H3C S5120-24P-EI 24GE Plus 4ComboSFP (0235A0BQ) H3C S5120-28C-EI 24GE Plus 4Combo Plus 2Slt (0235A0BS) H3C S5120-48P-EI 48GE Plus 4ComboSFP (0235A0BR) H3C S5120-52C-EI 48GE Plus 4Combo Plus 2Slt (0235A0BT) H3C S5120-28C-PWR-EI 24G Plus 4C Plus 2S Plus POE (0235A0BU) H3C S5120-52C-PWR-EI 48G Plus 4C Plus 2S Plus POE (0235A0BV)
5120 SI switch Series 5120.SI_5.20.R1513P86 JE072A HP 5120-48G SI Switch JE073A HP 5120-16G SI Switch JE074A HP 5120-24G SI Switch JG091A HP 5120-24G-PoE+ (370W) SI Switch JG092A HP 5120-24G-PoE+ (170W) SI Switch H3C S5120-52P-SI 48GE Plus 4 SFP (0235A41W) H3C S5120-20P-SI L2 16GE Plus 4SFP (0235A42B) H3C S5120-28P-SI 24GE Plus 4 SFP (0235A42D) H3C S5120-28P-HPWR-SI (0235A0E5) H3C S5120-28P-PWR-SI (0235A0E3)
4800 G Switch Series 5500.EI-4800G_5.20.R2221P05 5500.EI-4800G_5.20.R2221P04-US JD007A HP 4800-24G Switch JD008A HP 4800-24G-PoE Switch JD009A HP 4800-24G-SFP Switch JD010A HP 4800-48G Switch JD011A HP 4800-48G-PoE Switch
3Com Switch 4800G 24-Port (3CRS48G-24-91) 3Com Switch 4800G 24-Port SFP (3CRS48G-24S-91) 3Com Switch 4800G 48-Port (3CRS48G-48-91) 3Com Switch 4800G PWR 24-Port (3CRS48G-24P-91) 3Com Switch 4800G PWR 48-Port (3CRS48G-48P-91)
4510G Switch Series 5500.EI-4800G_5.20.R2221P05 5500.EI-4800G_5.20.R2221P04-US JF428A HP 4510-48G Switch JF847A HP 4510-24G Switch
3Com Switch 4510G 48 Port (3CRS45G-48-91) 3Com Switch 4510G PWR 24-Port (3CRS45G-24P-91) 3Com Switch E4510-24G (3CRS45G-24-91)
4210G Switch Series 5120.EI-4210G-4510G_5.20.R2221P04 5120.EI-4210G-4510G_5.20.R2221P04-US JF844A HP 4210-24G Switch JF845A HP 4210-48G Switch JF846A HP 4210-24G-PoE Switch
3Com Switch 4210-24G (3CRS42G-24-91) 3Com Switch 4210-48G (3CRS42G-48-91) 3Com Switch E4210-24G-PoE (3CRS42G-24P-91)
3610 Switch Series S3610-5510_5.20.R5319P08 JD335A HP 3610-48 Switch JD336A HP 3610-24-4G-SFP Switch JD337A HP 3610-24-2G-2G-SFP Switch JD338A HP 3610-24-SFP Switch H3C S3610-52P - model LS-3610-52P-OVS (0235A22C) H3C S3610-28P - model LS-3610-28P-OVS (0235A22D) H3C S3610-28TP - model LS-3610-28TP-OVS (0235A22E) H3C S3610-28F - model LS-3610-28F-OVS (0235A22F)
3600 V2 Switch Series 3600V2_5.20.R2109P05 JG299A HP 3600-24 v2 EI Switch JG300A HP 3600-48 v2 EI Switch JG301A HP 3600-24-PoE+ v2 EI Switch JG301B HP 3600-24-PoE+ v2 EI Switch JG302A HP 3600-48-PoE+ v2 EI Switch JG302B HP 3600-48-PoE+ v2 EI Switch JG303A HP 3600-24-SFP v2 EI Switch JG304A HP 3600-24 v2 SI Switch JG305A HP 3600-48 v2 SI Switch JG306A HP 3600-24-PoE+ v2 SI Switch JG306B HP 3600-24-PoE+ v2 SI Switch JG307A HP 3600-48-PoE+ v2 SI Switch JG307B HP 3600-48-PoE+ v2 SI Switch
3100V2 3100V2_5.20.R5203P07 JD313B HP 3100-24-PoE v2 EI Switch JD318B HP 3100-8 v2 EI Switch JD319B HP 3100-16 v2 EI Switch JD320B HP 3100-24 v2 EI Switch JG221A HP 3100-8 v2 SI Switch JG222A HP 3100-16 v2 SI Switch JG223A HP 3100-24 v2 SI Switch
3100V2-48 3100V2.48_5.20.R2109P05 JG315A HP 3100-48 v2 Switch
1920.0 1920-48G-JG927A_5.20.R1104 1920-8G-PoE-65W-JG921A_5.20.R1104 1920-8G-JG920A_5.20.R1104 1920-24G-PoE-370W-JG926A_5.20.R1104 1920-24G-PoE-180W-JG925A_5.20.R1104 1920-24G-JG924A_5.20.R1104 1920-16G-JG923A_5.20.R1104 1920-8G-PoE-180W-JG922A_5.20.R1104 JG927A HP 1920-48G Switch JG921A HP 1920-8G-PoE+ (65W) Switch JG920A HP 1920-8G Switch JG926A HP 1920-24G-PoE+ (370W) Switch JG925A HP 1920-24G-PoE+ (180W) Switch JG924A HP 1920-24G Switch JG923A HP 1920-16G Switch JG922A HP 1920-8G-PoE+ (180W) Switch
1910.0 1910-8-POE-JG537_5.20.R1106 1910-48-JG540_5.20.R1106 1910-24-JG538_5.20.R1106 1910-24-POE-JG539_5.20.R1106 1910-8-JG536_5.20.R1106 JG537A HP 1910-8 -PoE+ Switch JG540A HP 1910-48 Switch JG538A HP 1910-24 Switch JG539A HP 1910-24-PoE+ Switch JG536A HP 1910-8 Switch
1810v1 P2 Fix in progress use mitigations J9449A HP 1810-8G Switch J9450A HP 1810-24G Switch
1810v1 PK Fix in progress use mitigations J9660A HP 1810-48G Switch
MSR20 MSR20.SI_5.20.R2513P02 JD432A HP A-MSR20-21 Multi-Service Router JD662A HP MSR20-20 Multi-Service Router JD663A HP MSR20-21 Multi-Service Router JD663B HP MSR20-21 Router JD664A HP MSR20-40 Multi-Service Router JF228A HP MSR20-40 Router JF283A HP MSR20-20 Router H3C RT-MSR2020-AC-OVS-H3C (0235A324) H3C RT-MSR2040-AC-OVS-H3 (0235A326) H3C MSR 20-20 (0235A19H) H3C MSR 20-21 (0235A325) H3C MSR 20-40 (0235A19K) H3C MSR-20-21 Router (0235A19J)
MSR20-1X MSR201X_5.20.R2513P02 JD431A HP MSR20-10 Router JD667A HP MSR20-15 IW Multi-Service Router JD668A HP MSR20-13 Multi-Service Router JD669A HP MSR20-13 W Multi-Service Router JD670A HP MSR20-15 A Multi-Service Router JD671A HP MSR20-15 AW Multi-Service Router JD672A HP MSR20-15 I Multi-Service Router JD673A HP MSR20-11 Multi-Service Router JD674A HP MSR20-12 Multi-Service Router JD675A HP MSR20-12 W Multi-Service Router JD676A HP MSR20-12 T1 Multi-Service Router JF236A HP MSR20-15-I Router JF237A HP MSR20-15-A Router JF238A HP MSR20-15-I-W Router JF239A HP MSR20-11 Router JF240A HP MSR20-13 Router JF241A HP MSR20-12 Router JF806A HP MSR20-12-T Router JF807A HP MSR20-12-W Router JF808A HP MSR20-13-W Router JF809A HP MSR20-15-A-W Router JF817A HP MSR20-15 Router JG209A HP MSR20-12-T-W Router (NA) JG210A HP MSR20-13-W Router (NA) H3C MSR 20-15 Router Host(AC) 1 FE 4 LSW 1 ADSLoPOTS 1 DSIC (0235A0A8) H3C MSR 20-10 (0235A0A7) H3C RT-MSR2011-AC-OVS-H3 (0235A395) H3C RT-MSR2012-AC-OVS-H3 (0235A396) H3C RT-MSR2012-AC-OVS-W-H3 (0235A397) H3C RT-MSR2012-T-AC-OVS-H3 (0235A398) H3C RT-MSR2013-AC-OVS-H3 (0235A390) H3C RT-MSR2013-AC-OVS-W-H3 (0235A391) H3C RT-MSR2015-AC-OVS-A-H3 (0235A392) H3C RT-MSR2015-AC-OVS-AW-H3 (0235A393) H3C RT-MSR2015-AC-OVS-I-H3 (0235A394) H3C RT-MSR2015-AC-OVS-IW-H3 (0235A38V) H3C MSR 20-11 (0235A31V) H3C MSR 20-12 (0235A32E) H3C MSR 20-12 T1 (0235A32B) H3C MSR 20-13 (0235A31W) H3C MSR 20-13 W (0235A31X) H3C MSR 20-15 A (0235A31Q) H3C MSR 20-15 A W (0235A31R) H3C MSR 20-15 I (0235A31N) H3C MSR 20-15 IW (0235A31P) H3C MSR20-12 W (0235A32G)
MSR30 MSR30.SI_5.20.R2513P02 JD654A HP MSR30-60 POE Multi-Service Router JD657A HP MSR30-40 Multi-Service Router JD658A HP MSR30-60 Multi-Service Router JD660A HP MSR30-20 POE Multi-Service Router JD661A HP MSR30-40 POE Multi-Service Router JD666A HP MSR30-20 Multi-Service Router JF229A HP MSR30-40 Router JF230A HP MSR30-60 Router JF232A HP RT-MSR3040-AC-OVS-AS-H3 JF235A HP MSR30-20 DC Router JF284A HP MSR30-20 Router JF287A HP MSR30-40 DC Router JF801A HP MSR30-60 DC Router JF802A HP MSR30-20 PoE Router JF803A HP MSR30-40 PoE Router JF804A HP MSR30-60 PoE Router H3C MSR 30-20 Router (0235A328) H3C MSR 30-40 Router Host(DC) (0235A268) H3C RT-MSR3020-AC-POE-OVS-H3 (0235A322) H3C RT-MSR3020-DC-OVS-H3 (0235A267) H3C RT-MSR3040-AC-OVS-H (0235A299) H3C RT-MSR3040-AC-POE-OVS-H3 (0235A323) H3C RT-MSR3060-AC-OVS-H3 (0235A320) H3C RT-MSR3060-AC-POE-OVS-H3 (0235A296) H3C RT-MSR3060-DC-OVS-H3 (0235A269) H3C MSR 30-20 RTVZ33020AS Router Host(AC) (0235A20S) H3C MSR 30-20 (0235A19L) H3C MSR 30-20 POE (0235A239) H3C MSR 30-40 (0235A20J) H3C MSR 30-40 POE (0235A25R) H3C MSR 30-60 (0235A20K) H3C MSR 30-60 POE (0235A25S) H3C RT-MSR3040-AC-OVS-AS-H3 (0235A20V)
MSR30-16 MSR3016.SI_5.20.R2513P02 JD659A HP MSR30-16 POE Multi-Service Router JD665A HP MSR30-16 Multi-Service Router JF233A HP MSR30-16 Router JF234A HP MSR30-16 PoE Router H3C RT-MSR3016-AC-OVS-H3 (0235A327) H3C RT-MSR3016-AC-POE-OVS-H3 (0235A321) H3C MSR 30-16 (0235A237) H3C MSR 30-16 POE (0235A238)
MSR30-1X MSR301X.SI_5.20.R2513P09 JF800A HP MSR30-11 Router JF816A HP MSR30-10 2 FE /2 SIC /1 MIM MS Rtr JG182A HP MSR30-11E Router JG183A HP MSR30-11F Router JG184A HP MSR30-10 DC Router H3C MSR 30-10 Router Host(AC) 2FE 2SIC 1XMIM 256DDR (0235A39H) H3C RT-MSR3011-AC-OVS-H3 (0235A29L)
MSR50 MSR50.SI_5.20.R2513P02 JD433A HP MSR50-40 Router JD653A HP MSR50 Processor Module JD655A HP MSR50-40 Multi-Service Router JD656A HP MSR50-60 Multi-Service Router JF231A HP MSR50-60 Router JF285A HP MSR50-40 DC Router JF640A HP MSR50-60 Rtr Chassis w DC PwrSupply H3C MSR 50-40 Router (0235A297) H3C MSR5040-DC-OVS-H3C (0235A20P) H3C RT-MSR5060-AC-OVS-H3 (0235A298) H3C MSR 50-40 Chassis (0235A20N) H3C MSR 50-60 Chassis (0235A20L)
MSR50-G2 MSR50.EPUSI_5.20.R2513P02 JD429A HP MSR50 G2 Processor Module JD429B HP MSR50 G2 Processor Module H3C H3C MSR 50 Processor Module-G2 (0231A84Q) H3C MSR 50 High Performance Main Processing Unit 3GE (Combo) 256F/1GD(0231A0KL)
MSR20 Russian version MSR20.SI_5.20.R2513L03.RU JD663B HP MSR20-21 Router JF228A HP MSR20-40 Router JF283A HP MSR20-20 Router H3C RT-MSR2020-AC-OVS-H3C (0235A324) H3C RT-MSR2040-AC-OVS-H3 (0235A326)
MSR20-1X Russian version MSR201X_5.20.R2513L03.RU JD431A HP MSR20-10 Router JF236A HP MSR20-15-I Router JF237A HP MSR20-15-A Router JF238A HP MSR20-15-I-W Router JF239A HP MSR20-11 Router JF240A HP MSR20-13 Router JF241A HP MSR20-12 Router JF806A HP MSR20-12-T Router JF807A HP MSR20-12-W Router JF808A HP MSR20-13-W Router JF809A HP MSR20-15-A-W Router JF817A HP MSR20-15 Router H3C MSR 20-10 (0235A0A7) H3C RT-MSR2015-AC-OVS-I-H3 (0235A394) H3C RT-MSR2015-AC-OVS-A-H3 (0235A392) H3C RT-MSR2015-AC-OVS-AW-H3 (0235A393) H3C RT-MSR2011-AC-OVS-H3 (0235A395) H3C RT-MSR2013-AC-OVS-H3 (0235A390) H3C RT-MSR2012-AC-OVS-H3 (0235A396) H3C RT-MSR2012-T-AC-OVS-H3 (0235A398) H3C RT-MSR2012-AC-OVS-W-H3 (0235A397) H3C RT-MSR2013-AC-OVS-W-H3 (0235A391) H3C RT-MSR2015-AC-OVS-IW-H3 (0235A38V) H3C MSR 20-15 Router Host(AC) 1 FE 4 LSW 1 ADSLoPOTS 1 DSIC (0235A0A8)
MSR30 Russian version MSR30.SI_5.20.R2513L03.RU JF229A HP MSR30-40 Router JF230A HP MSR30-60 Router JF235A HP MSR30-20 DC Router JF284A HP MSR30-20 Router JF287A HP MSR30-40 DC Router JF801A HP MSR30-60 DC Router JF802A HP MSR30-20 PoE Router JF803A HP MSR30-40 PoE Router JF804A HP MSR30-60 PoE Router H3C RT-MSR3040-AC-OVS-H (0235A299) H3C RT-MSR3060-AC-OVS-H3 (0235A320) H3C RT-MSR3020-DC-OVS-H3 (0235A267) H3C MSR 30-20 Router (0235A328) H3C MSR 30-40 Router Host(DC) (0235A268) H3C RT-MSR3060-DC-OVS-H3 (0235A269) H3C RT-MSR3020-AC-POE-OVS-H3 (0235A322) H3C RT-MSR3040-AC-POE-OVS-H3 (0235A323) H3C RT-MSR3060-AC-POE-OVS-H3 (0235A296)
MSR30-16 Russian version MSR3016.SI_5.20.R2513L03.RU JF233A HP MSR30-16 Router JF234A HP MSR30-16 PoE Router H3C RT-MSR3016-AC-OVS-H3 (0235A327) H3C RT-MSR3016-AC-POE-OVS-H3 (0235A321)
MSR30-1X Russian version MSR301X.SI_5.20.R2513L03.RU JF800A HP MSR30-11 Router JF816A HP MSR30-10 2 FE /2 SIC /1 MIM MS Rtr JG182A HP MSR30-11E Router JG183A HP MSR30-11F Router JG184A HP MSR30-10 DC Router H3C RT-MSR3011-AC-OVS-H3 (0235A29L) H3C MSR 30-10 Router Host(AC) 2FE 2SIC 1XMIM 256DDR (0235A39H)
MSR50 Russian version MSR50.SI_5.20.R2513L03.RU JD433A HP MSR50-40 Router JD653A HP MSR50 Processor Module JD655A HP MSR50-40 Multi-Service Router JD656A HP MSR50-60 Multi-Service Router JF231A HP MSR50-60 Router JF285A HP MSR50-40 DC Router JF640A HP MSR50-60 Rtr Chassis w DC PwrSupply H3C MSR 50-40 Router (0235A297) H3C MSR 50 Processor Module (0231A791) H3C MSR 50-40 Chassis (0235A20N) H3C MSR 50-60 Chassis (0235A20L) H3C RT-MSR5060-AC-OVS-H3 (0235A298) H3C MSR5040-DC-OVS-H3C (0235A20P)
MSR50 G2 Russian version MSR50.EPUSI_5.20.R2513L03.RU JD429B HP MSR50 G2 Processor Module H3C MSR 50 High Performance Main Processing Unit 3GE (Combo) 256F/1GD (0231A0KL)
MSR9XX MSR9XX_5.20.R2513P02 JF812A HP MSR900 Router JF813A HP MSR920 Router JF814A HP MSR900-W Router JF815A HP MSR920 2FEWAN/8FELAN/.11b/g Rtr JG207A HP MSR900-W Router (NA) JG208A HP MSR920-W Router (NA) H3C MSR 900 Router with 802.11b/g 2 FE WAN 4 FE LAN 256DDR 802.11b (0235A0C2) H3C MSR 900 Router 2 FE WAN 4 FE LAN 256DDR (0235A0BX) H3C MSR 920 Router with 802.11b/g 2 FE WAN 8 FE LAN 256DDR (0235A0C4) H3C MSR 920 Router 2 FE WAN 8 FE LAN 256DDR (0235A0C0)
MSR93X MSR93X_5.20.R2513P02 JG511A HP MSR930 Router JG512A HP MSR930 Wireless Router JG513A HP MSR930 3G Router JG514A HP MSR931 Router JG515A HP MSR931 3G Router JG516A HP MSR933 Router JG517A HP MSR933 3G Router JG518A HP MSR935 Router JG519A HP MSR935 Wireless Router JG520A HP MSR935 3G Router JG531A HP MSR931 Dual 3G Router JG596A HP MSR930 4G LTE/3G CDMA Router JG597A HP MSR936 Wireless Router JG665A HP MSR930 4G LTE/3G WCDMA Global Router JG704A HP MSR930 4G LTE/3G WCDMA ATT Router
MSR1000 MSR1000_5.20.R2513P02 JG732A HP MSR1003-8 AC Router
MSR1000 Russian version MSR1000_5.20.R2513L03-RU JG732A HP MSR1003-8 AC Router
MSR2000 MSR2000_7.10.R0106P02 JG411A HP MSR2003 AC Router
MSR3000 MSR3000_7.10.R0106P02 JG404A HP MSR3064 Router JG405A HP MSR3044 Router JG406A HP MSR3024 AC Router JG409A HP MSR3012 AC Router JG861A HP MSR3024 TAA-compliant AC Router
MSR4000 MSR4000_7.10.R0106P02 JG402A HP MSR4080 Router Chassis JG403A HP MSR4060 Router Chassis JG412A HP MSR4000 MPU-100 Main Processing Unit
F5000 SECPATH5000FA_5.20.F3210P20 JG216A HP F5000 Firewall Standalone Chassis JD259A HP A5000-A5 VPN Firewall Chassis H3C SecPath F5000-A5 Host System (0150A0AG)
F5000 C F5000C_5.20.R3811 JG650A HP F5000-C VPN Firewall Appliance
F5000 S F5000S_5.20.R3811 JG370A HP F5000-S VPN Firewall Appliance
U200S and CS U200S_U200CS_5.20.F5123P27 JD268A HP 200-CS UTM Appliance JD273A HP U200-S UTM Appliance H3C SecPath U200-S (0235A36N)
U200A and M U200A_U200M_5.20.F5123P27 JD274A HP 200-M UTM Appliance JD275A HP U200-A UTM Appliance H3C SecPath U200-A (0235A36Q)
F1000A and S AF1000S.EI_3.40.R3734 JD270A HP S1000-S VPN Firewall Appliance JD271A HP S1000-A VPN Firewall Appliance JG213A HP F1000-S-EI VPN Firewall Appliance JG214A HP F1000-A-EI VPN Firewall Appliance
SecBlade III SECBLADEIII.FW_5.20.R3820 JG371A HP 12500 20Gbps VPN Firewall Module JG372A HP 10500/11900/7500 20Gbps VPN FW Mod
SecBlade FW SECBLADE2-FW_5.20.R3181 JC635A HP 12500 VPN Firewall Module JD245A HP 9500 VPN Firewall Module JD249A HP 10500/7500 Advanced VPN Firewall Mod JD250A HP 6600 Firewall Processing Rtr Module JD251A HP 8800 Firewall Processing Module JD255A HP 5820 VPN Firewall Module H3C S9500E SecBlade VPN Firewall Module (0231A0AV) H3C S7500E SecBlade VPN Firewall Module (0231A832) H3C SR66 Gigabit Firewall Module (0231A88A) H3C SR88 Firewall Processing Module (0231A88L) H3C S5820 SecBlade VPN Firewall Module (0231A94J)
F1000E SECPATH1000FE_5.20.R3181 JD272A HP S1000-E VPN Firewall Appliance
VSR1000 VSR1000_7.10.R0203 JG810AAE HP VSR1001 Virtual Services Router 60 Day Evaluation Software JG811AAE HP VSR1001 Comware 7 Virtual Services Router JG812AAE HP VSR1004 Comware 7 Virtual Services Router JG813AAE HP VSR1008 Comware 7 Virtual Services Router
WX5002/5004 WX5002-WX5004_5.20.R2507P26 JD441A HP 5800 ACM for 64-256 APs JD447B HP WX5002 Access Controller JD448A HP A-WX5004 Access Controller JD448B HP WX5004 Access Controller JD469A HP A-WX5004 (3Com) Access Controller JG261A HP 5800 Access Controller OAA TAA Mod
HP 850/870 850-870_5.20.R2607P26 JG723A HP 870 Unified Wired-WLAN Appliance JG725A HP 870 Unifd Wrd-WLAN TAA Applnc JG722A HP 850 Unified Wired-WLAN Appliance JG724A HP 850 Unifd Wrd-WLAN TAA Applnc
HP 830 830_5.20.R3507P26 JG640A HP 830 24P PoE+ Unifd Wired-WLAN Swch JG641A HP 830 8P PoE+ Unifd Wired-WLAN Swch JG646A HP 830 24-Port PoE+ Wrd-WLAN TAA Switch JG647A HP 830 8-Port PoE+ Wrd-WLAN TAA Switch
HP 6000 6000_5.20.R2507P27 JG639A HP 10500/7500 20G Unified Wired-WLAN Mod JG645A HP 10500/7500 20G Unifd Wrd-WLAN TAA Mod
M220 Fix in progress use mitigations J9798A HP M220 802.11n AM Access Point J9799A HP M220 802.11n WW Access Point
NGFW The Software Downloads and software release notes for your NGFW Appliance(s) can be acquired with a valid support contract by accessing the Threat Management Center (TMC). In your web browser open https://tmc.tippingpoint.com. JC882A HP S1050F NGFW Aplnc w/DVLabs 1-yr Lic JC883A HP S3010F NGFW Aplnc w/DVLabs 1-yr Lic JC884A HP S3020F NGFW Aplnc w/DVLabs 1-yr Lic JC885A HP S8005F NGFW Aplnc w/DVLabs 1-yr Lic JC886A HP S8010F NGFW Aplnc w/DVLabs 1-yr Lic
iMC UAM 7.x 5.x iMC UAM 7.0 (E0203P04) JD144A HP IMC UAM S/W Module w/200-User License JF388A HP IMC UAM S/W Module w/200-user License JD435A HP IMC EAD Client Software JF388AAE HP IMC UAM S/W Module w/200-user E-LTU JG752AAE HP IMC UAM SW Mod w/ 50-user E-LTU
iMC EAD 7.x 5.x iMC EAD v7.1 (E0301) JF391AAE HP IMC EAD S/W Module w/200-user E-LTU JG754AAE HP IMC EAD SW Module w/ 50-user E-LTU JD147A HP IMC Endpoint Admission Defense Software Module with 200-user License JF391A HP IMC EAD S/W Module w/200-user License
HISTORY Version:1 (rev.1) - 20 June 2014 Initial release Version:2 (rev.2) - 20 November 2014 Removed iMC Platform Products, 5900 virtual switch, and Router 8800 products. Further analysis revealed that those products as not vulnerable. Added additional products.
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2014 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux)
iEYEARECAAYFAlRuJqYACgkQ4B86/C0qfVkBZwCg+M/bssV0KI2Nfe2delq1N6KO 2ZUAoKT/5gXpIsdJb4Jyh8GVclzk70rZ =9QSF -----END PGP SIGNATURE----- . OpenSSL Security Advisory [05 Jun 2014] ========================================
SSL/TLS MITM vulnerability (CVE-2014-0224)
An attacker using a carefully crafted handshake can force the use of weak keying material in OpenSSL SSL/TLS clients and servers. This can be exploited by a Man-in-the-middle (MITM) attack where the attacker can decrypt and modify traffic from the attacked client and server.
The attack can only be performed between a vulnerable client and server. OpenSSL clients are vulnerable in all versions of OpenSSL. Users of OpenSSL servers earlier than 1.0.1 are advised to upgrade as a precaution.
OpenSSL 0.9.8 SSL/TLS users (client and/or server) should upgrade to 0.9.8za. OpenSSL 1.0.0 SSL/TLS users (client and/or server) should upgrade to 1.0.0m. OpenSSL 1.0.1 SSL/TLS users (client and/or server) should upgrade to 1.0.1h.
Thanks to KIKUCHI Masashi (Lepidum Co. Ltd.) for discovering and researching this issue. This issue was reported to OpenSSL on 1st May 2014 via JPCERT/CC.
The fix was developed by Stephen Henson of the OpenSSL core team partly based on an original patch from KIKUCHI Masashi.
DTLS recursion flaw (CVE-2014-0221)
By sending an invalid DTLS handshake to an OpenSSL DTLS client the code can be made to recurse eventually crashing in a DoS attack.
Only applications using OpenSSL as a DTLS client are affected.
OpenSSL 0.9.8 DTLS users should upgrade to 0.9.8za OpenSSL 1.0.0 DTLS users should upgrade to 1.0.0m. OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1h.
Thanks to Imre Rad (Search-Lab Ltd.) for discovering this issue. This issue was reported to OpenSSL on 9th May 2014.
The fix was developed by Stephen Henson of the OpenSSL core team.
DTLS invalid fragment vulnerability (CVE-2014-0195)
A buffer overrun attack can be triggered by sending invalid DTLS fragments to an OpenSSL DTLS client or server. This is potentially exploitable to run arbitrary code on a vulnerable client or server.
Only applications using OpenSSL as a DTLS client or server affected.
OpenSSL 0.9.8 DTLS users should upgrade to 0.9.8za OpenSSL 1.0.0 DTLS users should upgrade to 1.0.0m. OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1h.
Thanks to Jüri Aedla for reporting this issue. This issue was reported to OpenSSL on 23rd April 2014 via HP ZDI.
The fix was developed by Stephen Henson of the OpenSSL core team. This flaw only affects OpenSSL 1.0.0 and 1.0.1 where SSL_MODE_RELEASE_BUFFERS is enabled, which is not the default and not common.
OpenSSL 1.0.0 users should upgrade to 1.0.0m. OpenSSL 1.0.1 users should upgrade to 1.0.1h.
This issue was reported in public. The fix was developed by Matt Caswell of the OpenSSL development team.
SSL_MODE_RELEASE_BUFFERS session injection or denial of service (CVE-2010-5298)
A race condition in the ssl3_read_bytes function can allow remote attackers to inject data across sessions or cause a denial of service. This flaw only affects multithreaded applications using OpenSSL 1.0.0 and 1.0.1, where SSL_MODE_RELEASE_BUFFERS is enabled, which is not the default and not common.
OpenSSL 1.0.0 users should upgrade to 1.0.0m. OpenSSL 1.0.1 users should upgrade to 1.0.1h.
This issue was reported in public.
Anonymous ECDH denial of service (CVE-2014-3470)
OpenSSL TLS clients enabling anonymous ECDH ciphersuites are subject to a denial of service attack.
OpenSSL 0.9.8 users should upgrade to 0.9.8za OpenSSL 1.0.0 users should upgrade to 1.0.0m. OpenSSL 1.0.1 users should upgrade to 1.0.1h.
Thanks to Felix Gröbert and Ivan Fratrić at Google for discovering this issue. This issue was reported to OpenSSL on 28th May 2014.
The fix was developed by Stephen Henson of the OpenSSL core team.
Other issues
OpenSSL 1.0.0m and OpenSSL 0.9.8za also contain a fix for CVE-2014-0076: Fix for the attack described in the paper "Recovering OpenSSL ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack" Reported by Yuval Yarom and Naomi Benger. This issue was previously fixed in OpenSSL 1.0.1g.
References
URL for this Security Advisory: http://www.openssl.org/news/secadv_20140605.txt
Note: the online version of the advisory may be updated with additional details over time.
The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Relevant releases/architectures:
Red Hat Storage Server 2.1 - x86_64
- Description:
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library. (CVE-2014-0195)
Multiple flaws were found in the way OpenSSL handled read and write buffers when the SSL_MODE_RELEASE_BUFFERS mode was enabled. A specially crafted DTLS handshake packet could cause a DTLS client using OpenSSL to crash. A specially crafted handshake packet could cause a TLS/SSL client that has the anonymous ECDH cipher suite enabled to crash. (CVE-2014-3470)
Red Hat would like to thank the OpenSSL project for reporting these issues. Upstream acknowledges KIKUCHI Masashi of Lepidum as the original reporter of CVE-2014-0224, Jüri Aedla as the original reporter of CVE-2014-0195, Imre Rad of Search-Lab as the original reporter of CVE-2014-0221, and Felix Gröbert and Ivan Fratrić of Google as the original reporters of CVE-2014-3470. For the update to take effect, all services linked to the OpenSSL library (such as httpd and other SSL-enabled services) must be restarted or the system rebooted. Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258
- Package List:
Red Hat Storage Server 2.1:
Source: openssl-1.0.1e-16.el6_5.14.src.rpm
x86_64: openssl-1.0.1e-16.el6_5.14.x86_64.rpm openssl-debuginfo-1.0.1e-16.el6_5.14.x86_64.rpm openssl-devel-1.0.1e-16.el6_5.14.x86_64.rpm openssl-perl-1.0.1e-16.el6_5.14.x86_64.rpm openssl-static-1.0.1e-16.el6_5.14.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2014 Red Hat, Inc
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201405-0244",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "8.0"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "19"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "7.0"
},
{
"model": "openssl",
"scope": "gte",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "13.1"
},
{
"model": "mariadb",
"scope": "lt",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.0.13"
},
{
"model": "linux enterprise software development kit",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "20"
},
{
"model": "openssl",
"scope": "lte",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1g"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"model": "mariadb",
"scope": "gte",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.0.0"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "12.3"
},
{
"model": "linux enterprise workstation extension",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"model": "bladecenter advanced management module 3.66e",
"scope": null,
"trust": 0.9,
"vendor": "ibm",
"version": null
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "1.0.1a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "1.0.1b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "1.0.1e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "1.0.1c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "1.0.1d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "1.0.1f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "1.0.1g"
},
{
"model": "storevirtual 1tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "security enterprise scanner",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "31005.1"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3.3"
},
{
"model": "real-time compression appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.8.106"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3.1"
},
{
"model": "spa232d multi-line dect ata",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security access manager for web appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "policy center v100r003c00spc305",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "solaris",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1.20.5.0"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.9"
},
{
"model": "storevirtual 1tb mdl china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "junos d30",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x45"
},
{
"model": "infosphere guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"model": "algo audit and compliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0.2"
},
{
"model": "documentum content server p06",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "58200"
},
{
"model": "proactive network operations center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tandberg mxp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8800"
},
{
"model": "junos os 13.1r4-s3",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "junos 12.1r8-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl 1.0.0d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "prime network analysis module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6"
},
{
"model": "project openssl 1.0.1e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"model": "ip video phone e20",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "ios software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 12.1x46-d25",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "i v5r4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "ios xe software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.5"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "mate products",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.2"
},
{
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32400"
},
{
"model": "project openssl 1.0.1a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.6.1"
},
{
"model": "cp1543-1",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "computer telephony integration object server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 4tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "junos 12.1r",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "isoc v200r001c00spc202",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "3000"
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "60000"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "3.1.9"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1"
},
{
"model": "small business isa500 series integrated security appliances",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "srg1200\u00262200\u00263200 v100r002c02hp0001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "security network intrusion prevention system gx3002",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "9.2"
},
{
"model": "ace application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "oncommand unified manager core package",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1"
},
{
"model": "junos 12.3r5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "ive os 7.4r6",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual 600gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413011.5"
},
{
"model": "junos os 11.4r12-s4",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual 2tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3100v2-480"
},
{
"model": "i v5r3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "junos 11.4r11",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.28"
},
{
"model": "proventia network security controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.470"
},
{
"model": "systems insight manager 7.3.0a",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "storevirtual hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433511.5"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "56000"
},
{
"model": "project openssl 1.0.0g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "anyconnect secure mobility client for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.1.3"
},
{
"model": "uacos c4.4r11.1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "dsr-500n 1.09.b61",
"scope": "ne",
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "unified contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "clustered data ontap antivirus connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"model": "junos 12.1x44-d35",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "msr3000 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "video surveillance series ip camera",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40000"
},
{
"model": "anyconnect secure mobility client for desktop platforms",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "idp 4.1r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "10.4"
},
{
"model": "jabber guest",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.3"
},
{
"model": "real-time compression appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.2"
},
{
"model": "m220 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "usg9500 usg9500 v300r001c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "s2750\u0026s5700\u0026s6700 v200r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "58300"
},
{
"model": "upward integration modules for vmware vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"model": "spa510 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "espace u19** v100r001c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "content security management appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "4800g switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3.1"
},
{
"model": "junos 12.1x44-d34",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "uma v200r001c00spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "idp 4.1r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual vsa software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.5"
},
{
"model": "storevirtual 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "usg9500 v200r001c01sph902",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "vpn client v100r001c02spc702",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "data ontap smi-s agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "secure analytics 2013.2r8",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "telepresence content server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tandberg codian mse model",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83200"
},
{
"model": "uma v200r001c00spc200",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "api management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "oceanstor s6800t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos 12.1x47-d10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "digital media players series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44000"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "11.4"
},
{
"model": "oneview",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.0"
},
{
"model": "isoc v200r001c00",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "3000"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "119000"
},
{
"model": "secure analytics 2014.2r3",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "enterprise linux server eus 6.5.z",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "9.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.10"
},
{
"model": "simatic wincc oa",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "3.12"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "31005.1.2"
},
{
"model": "junos 13.1r3-s1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "manageone v100r002c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "business server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "1"
},
{
"model": "eupp v100r001c10spc002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "rox",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "10"
},
{
"model": "prime performance manager for sps",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 1.0.1g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "storevirtual 4tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "5.0"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"model": "clustered data ontap antivirus connector",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.2"
},
{
"model": "oneview",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "1.10"
},
{
"model": "f1000a and s family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "s7700\u0026s9700 v200r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational application developer for websphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "storevirtual vsa software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "12.6"
},
{
"model": "prime access registrar appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "87100"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"model": "u200a and m family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.10"
},
{
"model": "flex system fc5022",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "sterling file gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "850/8700"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "junos 11.4r9",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.0"
},
{
"model": "s3900 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "storevirtual 600gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.6"
},
{
"model": "ips",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual china hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433511.5"
},
{
"model": "unified communications widgets click to call",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "agile controller v100r001c00spc200",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "espace usm v100r001 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "softco v100r003",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "oceanstor s5500t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "videoscape anyres live",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence t series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "aura collaboration environment",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "storevirtual 1tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "oncommand unified manager core package",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5"
},
{
"model": "junos d20",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x46"
},
{
"model": "unified attendant console advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 1.0.0h",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "mds switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smart update manager for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.3.5"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "cerberus",
"version": "7.0.0.1"
},
{
"model": "storevirtual 450gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "proventia network security controller 1.0.3352m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "documentum content server p07",
"scope": "ne",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"model": "hsr6602 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.4"
},
{
"model": "wag310g wireless-g adsl2+ gateway with voip",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.6"
},
{
"model": "telepresence tx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10000"
},
{
"model": "security threat response manager",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "2012.1"
},
{
"model": "nexus switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "31640"
},
{
"model": "jabber for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "cerberus",
"version": "7.0.0.2"
},
{
"model": "fastsetup",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.11"
},
{
"model": "unified wireless ip phone series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "29200"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.2.2"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "9.5"
},
{
"model": "fusionsphere v100r003c10spc600",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ive os 8.0r4.1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "msr93x family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "telepresence advanced media gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32100"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.3"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1"
},
{
"model": "smc2.0 v100r002c01b025sp07",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.0"
},
{
"model": "s2700\u0026s3700 v100r006",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "espace cc v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "wx5002/5004 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "storevirtual 1tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "ida pro",
"scope": "eq",
"trust": 0.3,
"vendor": "hex ray",
"version": "6.5"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.5-3"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"model": "jabber for ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "upward integration modules for vmware vsphere",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5"
},
{
"model": "usg5000 v300r001c10sph201",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "updatexpress system packs installer",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.61"
},
{
"model": "security information and event management",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.4"
},
{
"model": "security network intrusion prevention system gx5208",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "junos 11.4r12",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.14"
},
{
"model": "prime optical for sps",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "a6600 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "isoc v200r001c01",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "5000"
},
{
"model": "si switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "51200"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"model": "junos 12.1x44-d40",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "vsr1000 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "project openssl beta4",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.0"
},
{
"model": "esight-ewl v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos 13.3r2-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "open systems snapvault",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2.4"
},
{
"model": "junos 12.1r5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "10.1"
},
{
"model": "security network intrusion prevention system gx4004-v2",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "guardium database activity monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "hyperdp oceanstor n8500 v200r001c91",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "asg2000 v100r001c10sph001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.11"
},
{
"model": "storevirtual hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.0"
},
{
"model": "documentum content server",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"model": "upward integration modules for microsoft system center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "manageone v100r001c02",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "10.2"
},
{
"model": "project openssl 1.0.0l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smart call home",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "oncommand unified manager core package",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "simatic wincc oa",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "3.8"
},
{
"model": "storevirtual 1tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "project openssl beta5",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.0"
},
{
"model": "s7700\u0026s9700 v100r006",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "31005.2"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.3"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.0"
},
{
"model": "oic v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 3tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.0"
},
{
"model": "s6900 v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.3"
},
{
"model": "spa300 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vsm v200r002c00spc503",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "upward integration modules for microsoft system center",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5"
},
{
"model": "ecns610 v100r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ucs b-series servers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.3"
},
{
"model": "junos 13.2r5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos r7",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.3"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"model": "documentum content server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "telepresence isdn link",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "3.1.4"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "storevirtual china hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433511.5"
},
{
"model": "storevirtual hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.6"
},
{
"model": "junos 12.3r6",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "universal small cell series software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50003.4.2.0"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.13"
},
{
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32200"
},
{
"model": "hardware management console release",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v77.9"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "storevirtual fc 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"model": "security access manager for web appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "msr20 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "junos 12.1r9",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "s5900 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos 13.2r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 11.4r10-s1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "documentum content server p05",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"model": "oceanstor s6800t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos 12.1x46-d20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.2"
},
{
"model": "jabber video for telepresence",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.5"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 12.2r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"model": "junos 5.0r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "129000"
},
{
"model": "fortios build",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2.0589"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "snapdrive for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.4"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "virtualization experience media engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "documentum content server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "data ontap smi-s agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1"
},
{
"model": "storevirtual 4tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "hsr6800 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "jabber im for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "snapdrive for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.1"
},
{
"model": "small cell factory recovery root filesystem",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.99.4"
},
{
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"model": "guardium database activity monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "quantum policy suite",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.11"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "cerberus",
"version": "7.0"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "msr20 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "manageone v100r002c10 spc320",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "svn2200 v200r001c01spc600",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "rational application developer for websphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.0.1"
},
{
"model": "s2750\u0026s5700\u0026s6700 v100r006",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual china hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.0"
},
{
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3200"
},
{
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "msr1000 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "11.1"
},
{
"model": "storevirtual 3tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "secblade iii",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "espace vtm v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "jabber software development kit",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "spa122 ata with router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 10.4r",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.0"
},
{
"model": "junos 12.1r8-s3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security network intrusion prevention system gx5208-v2",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.0"
},
{
"model": "infosphere guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "ssl vpn 8.0r4.1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.1x46-d10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl 1.0.1c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "advanced settings utility",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.60"
},
{
"model": "msr1000 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "spa525 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "data ontap smi-s agent",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"model": "junos 13.1r4-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "(comware family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "12500v7)0"
},
{
"model": "automation stratix",
"scope": "ne",
"trust": 0.3,
"vendor": "rockwell",
"version": "590015.6.3"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.2"
},
{
"model": "cp1543-1",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "1.1.25"
},
{
"model": "ive os 7.4r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "tssc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "secure analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "2013.2"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"model": "advanced settings utility",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.52"
},
{
"model": "eupp v100r001c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "msr30 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "nexus series fabric extenders",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "20000"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.4.0"
},
{
"model": "security network intrusion prevention system gx6116",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "project openssl 1.0.1f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "463012.0"
},
{
"model": "storevirtual china hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.6"
},
{
"model": "strm 2012.1r8",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual 600gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.0"
},
{
"model": "junos pulse 5.0r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "oncommand workflow automation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"model": "telepresence mxp series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "algo audit and compliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3.2"
},
{
"model": "upward integration modules for vmware vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.2"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"model": "junos 13.3r3",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "13000"
},
{
"model": "documentum content server p02",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"model": "sbr global enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "espace u2980 v100r001c02",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "uma-db v2r1coospc101",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "security information and event management hf6",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.2.2"
},
{
"model": "upward integration modules for microsoft system center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "identity service engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jsa 2014.2r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.2"
},
{
"model": "telepresence exchange system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cms r17",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7900.00"
},
{
"model": "usg9300 usg9300 v100r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "s12700 v200r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "f1000e family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "smart update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.4"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "7"
},
{
"model": "oncommand workflow automation",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "sterling file gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"model": "desktop collaboration experience dx650",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos os 12.2r9",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "oncommand unified manager core package 5.2.1p1",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "automation stratix",
"scope": "eq",
"trust": 0.3,
"vendor": "rockwell",
"version": "59000"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "13.3"
},
{
"model": "oceanstor s2200t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "19200"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.3"
},
{
"model": "storevirtual hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433511.5"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.0"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7600-"
},
{
"model": "hsr6602 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "espace u2990 v200r001c02",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "telepresence system series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "41005.1.1"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "11.0"
},
{
"model": "secure analytics 2014.2r2",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "s7-1500",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "storevirtual 3tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "s2900 v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "telepresence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70100"
},
{
"model": "srg1200\u00262200\u00263200 v100r002c02spc800",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "dsr-1000n rev. a1",
"scope": null,
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "open source security information management",
"scope": "ne",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.10"
},
{
"model": "junos 13.3r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "9.6"
},
{
"model": "storevirtual hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.5"
},
{
"model": "ei switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "51200"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "1.0.4"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "41005.1.21"
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"model": "storevirtual vsa software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "12.0"
},
{
"model": "svn5500 v200r001c01spc600",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.6"
},
{
"model": "telepresence ip gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1"
},
{
"model": "junos 12.1r10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "simatic s7-1500",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "1.5.0"
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.2.0.1055"
},
{
"model": "msr50 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "open systems snapvault 3.0.1p6",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "smart update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3.0"
},
{
"model": "snapdrive for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.2"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "51005.2"
},
{
"model": "onepk all-in-one vm",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.7"
},
{
"model": "usg5000 v300r001c10spc200",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "jabber voice for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual china hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.0"
},
{
"model": "idp 4.2r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "51005.1.1"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.9"
},
{
"model": "infosphere guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.1.5.1"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.5"
},
{
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.2"
},
{
"model": "tandberg mxp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7700"
},
{
"model": "strm",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "2012.1"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "9.4"
},
{
"model": "prime data center network manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "msr50 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "storevirtual 1tb mdl china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "11.4x27"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "13.1"
},
{
"model": "junos 12.1x45-d25",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "cc v200r001c31",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.0.4"
},
{
"model": "junos 13.2r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"model": "junos 13.2r2-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "u200s and cs family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "security threat response manager 2013.2r8",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "s12700 v200r005+v200r005hp0",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "s5900 v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "xenmobile app controller",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "2.10"
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.0.10648"
},
{
"model": "xenmobile app controller",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "2.9"
},
{
"model": "esight v2r3c10spc201",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "oceanstor s5500t v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.0"
},
{
"model": "ssl vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.4"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "isoc v200r001c02",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "9000"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.1"
},
{
"model": "software development kit",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.0"
},
{
"model": "storevirtual china hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.6"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.4"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.3"
},
{
"model": "security information and event management hf3",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.1.4"
},
{
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50000"
},
{
"model": "security information and event management",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.1"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.6"
},
{
"model": "hsr6800 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "documentum content server sp2 p13",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "agent desktop for cisco unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.1"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.5"
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"model": "s3900 v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "oneview",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.01"
},
{
"model": "switch series (comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10500v5)0"
},
{
"model": "i v5r4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "ddos secure",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "anyoffice emm",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "2.6.0601.0090"
},
{
"model": "smart update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0.0"
},
{
"model": "adaptive security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ddos secure",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "5.14.1-1"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.1"
},
{
"model": "s2750\u0026s5700\u0026s6700 v200r005+v200r005hp0",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "41005.1.2"
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"model": "tivoli storage flashcopy manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"model": "tssc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.12"
},
{
"model": "vsm v200r002c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos os 12.3r8",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 13.3r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "simatic s7-1500",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "1.6"
},
{
"model": "strm/jsa 2013.2r8",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl 1.0.0i",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "security network intrusion prevention system gx7412",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "ngfw family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "powervu d9190 comditional access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 3tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "11.3"
},
{
"model": "junos 10.4r16",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "i v5r3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "junos 12.3r4-s3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "10"
},
{
"model": "security network intrusion prevention system gx5108",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "ssl vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.0"
},
{
"model": "real-time compression appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.203"
},
{
"model": "anyconnect secure mobility client",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "msr50-g2 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"model": "ive os 7.4r11.1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "i v5r4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "storevirtual 1tb mdl china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "storevirtual fc 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "51005.1.21"
},
{
"model": "security network intrusion prevention system gx5008",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "usg9500 usg9500 v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual china hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.5"
},
{
"model": "tssc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3"
},
{
"model": "softco v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "documentum content server sp2 p14",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "junos 5.0r4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "s2750\u0026s5700\u0026s6700 v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "s2700\u0026s3700 v100r006c05+v100r06h",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.1"
},
{
"model": "junos 12.1x44-d20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "ive os 8.0r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "oceanstor s6800t v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "rox",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "11.16"
},
{
"model": "junos os 14.1r2",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual 4tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "junos os 13.2r5-s1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "ecns600 v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "sbr enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "ive os",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.4"
},
{
"model": "telepresence mcu series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "web gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.4.2.1"
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.3"
},
{
"model": "storevirtual 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "jabber voice for iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime network services controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "asg2000 v100r001c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "idp 5.1r4",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "unified ip conference phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"model": "i v5r3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "project openssl 1.0.0e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "oic v100r001c00spc402",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "documentum content server",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.0"
},
{
"model": "junos os 12.1x46-d25",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "uacos c5.0r4.1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security network intrusion prevention system gx4004",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "security network intrusion prevention system gv1000",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "webex messenger service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 13.1r.3-s1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"model": "nac manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "s7700\u0026s9700 v200r005+v200r005hp0",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "smc2.0 v100r002c01b017sp17",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "463012.6"
},
{
"model": "storevirtual 450gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "58000"
},
{
"model": "hardware management console release",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v77.8"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.5"
},
{
"model": "business server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "1x8664"
},
{
"model": "hardware management console release",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v77.7"
},
{
"model": "junos os 12.1x46-d20",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.6"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"model": "dsr-1000 1.09.b61",
"scope": "ne",
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3100v20"
},
{
"model": "junos 12.1x45-d10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.3r7",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.10"
},
{
"model": "tivoli storage flashcopy manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"model": "security network intrusion prevention system gx7800",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1.2"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0"
},
{
"model": "uacos c5.0",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "strm/jsa",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "2013.2"
},
{
"model": "security manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vtm v100r001c30",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "logcenter v200r003c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"model": "oceanstor s5500t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 2tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"model": "dynamic system analysis",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.61"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.4.1"
},
{
"model": "storevirtual 1tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "99510"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "41005.1"
},
{
"model": "storevirtual hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.0"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89450"
},
{
"model": "imc uam",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.00"
},
{
"model": "telepresence supervisor mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "80500"
},
{
"model": "ssl vpn 7.4r11.1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.2.0.9"
},
{
"model": "usg2000 v300r001c10sph201",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "dsm v100r002c05spc615",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos 10.4s",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.6"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"model": "ive os",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.0"
},
{
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"model": "tapi service provider",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "espace u2980 v100r001 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3"
},
{
"model": "intelligent management center",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.5"
},
{
"model": "storevirtual 3tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "storevirtual 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "switch series (comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10500v7)0"
},
{
"model": "hosted collaboration mediation fulfillment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 11.4r8",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2.6"
},
{
"model": "s7700\u0026s9700 v200r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ecns600 v100r002c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "application networking manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "oceanstor s2600t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "espace u19** v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl 1.0.0c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "spa112 2-port phone adapter",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.2"
},
{
"model": "spa500 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.4"
},
{
"model": "universal small cell series software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70003.4.20"
},
{
"model": "storevirtual vsa software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "12.5"
},
{
"model": "paging server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "project openssl 1.0.1h",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "oceanstor s5600t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "data ontap smi-s agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.2"
},
{
"model": "9500e family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "ace application control engine module ace20",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "msr30-16 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "jabber for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.4.1"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.1.5.2"
},
{
"model": "storevirtual china hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.5"
},
{
"model": "f5000 c",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1.0.1880"
},
{
"model": "hyperdp oceanstor n8500 v200r001c09",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.2"
},
{
"model": "telepresence video communication server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "3.1.10"
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.2"
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1.0.2354"
},
{
"model": "agent desktop for cisco unified contact center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"model": "toolscenter suite",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.53"
},
{
"model": "f5000 s",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "simatic s7-1500",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "telepresence ip vcr series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "msr20-1x russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11000"
},
{
"model": "unified communications series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"model": "telepresence sx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "si switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "55000"
},
{
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "14.04"
},
{
"model": "ape",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "hyperdp v200r001c91spc201",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.1"
},
{
"model": "unified attendant console",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security threat response manager 2012.1r8",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl 1.0.0f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "dsr-500 1.09.b61",
"scope": "ne",
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "99710"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "s3900 v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "oceanstor s5600t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"model": "documentum content server sp1 p26",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.1"
},
{
"model": "tivoli management framework",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.1"
},
{
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.3"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.6"
},
{
"model": "junos 12.1x44-d30",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security information and event management hf11",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.3.2"
},
{
"model": "snapdrive for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "ftp server",
"scope": "ne",
"trust": 0.3,
"vendor": "cerberus",
"version": "7.0.0.3"
},
{
"model": "storevirtual 2tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.12"
},
{
"model": "junos 12.1x45-d30",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "ata analog telephone adaptor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1870"
},
{
"model": "project openssl 1.0.0j",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "eupp v100r001c01spc101",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ace application control engine module ace10",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 1.0.0b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.1"
},
{
"model": "rox",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "20"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.4"
},
{
"model": "junos 10.4s15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "ecns600 v100r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "36100"
},
{
"model": "junos 13.2r4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "ive os 7.4r8",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "expressway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "hi switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "55000"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"model": "storevirtual 1tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "aura experience portal sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "msr30-1x russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.7"
},
{
"model": "proventia network security controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1209"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "oceanstor s2600t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x46"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "msr9xx family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "msr2000 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "10.0"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6.5"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3"
},
{
"model": "security information and event management",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.3"
},
{
"model": "storevirtual 3tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.1.2"
},
{
"model": "aura presence services sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.3"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "3.1.12"
},
{
"model": "msr30 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "smart update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3.1"
},
{
"model": "manageone v100r002c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "clustered data ontap antivirus connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "463011.5"
},
{
"model": "junos 12.2r7",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "ave2000 v100r001c00sph001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "security information and event management ga",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.4.0"
},
{
"model": "svn2200 v200r001c01hp0001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "125000"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "13.2"
},
{
"model": "esight-ewl v300r001c10spc300",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ave2000 v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.4"
},
{
"model": "storevirtual fc 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "tsm v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "msr30-16 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "usg9500 v300r001c01spc300",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "imc ead",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.00"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3600v20"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "9.1"
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1"
},
{
"model": "fortios b064",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.5-1"
},
{
"model": "documentum content server sp2 p15",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.2"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "10.3"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.0.3"
},
{
"model": "usg9500 v300r001c20sph102",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "storevirtual 1tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"model": "fortios",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.8"
},
{
"model": "asa cx context-aware security",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 450gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "telepresence integrator c series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.4.13"
},
{
"model": "project openssl 1.0.1d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "msr4000 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"model": "unified im and presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 12.2r8",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "31005.1.21"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"model": "usg9300 v200r001c01sph902",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "security network intrusion prevention system gv200",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "open systems snapvault",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.6"
},
{
"model": "elog v100r003c01spc503",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "anyoffice v200r002c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "463012.5"
},
{
"model": "nac appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"model": "digital media players series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "43000"
},
{
"model": "hardware management console release",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v77.6"
},
{
"model": "vpn client v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3100"
},
{
"model": "metro ethernet series access devices",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12000"
},
{
"model": "mcp russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "66000"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "31005.1.1"
},
{
"model": "storevirtual 1tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "real-time compression appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.9.1"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.2"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "s5900 v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "13.10"
},
{
"model": "prime network",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "s6900 v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ecns610 v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.0.0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.1"
},
{
"model": "storevirtual hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.5"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "storevirtual 3tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "snapdrive for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"model": "a6600 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "storevirtual fc 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "junos 12.1r11",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "f5000 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "19100"
},
{
"model": "fusionsphere v100r003",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.1"
},
{
"model": "usg9500 usg9500 v300r001c20",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "tsm v100r002c07spc219",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "espace u2990 v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "prime infrastructure",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3"
},
{
"model": "espace iad v300r002c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos r11",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1"
},
{
"model": "proventia network security controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.913"
},
{
"model": "ace application control engine appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "documentum content server sp1 p28",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "telepresence isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32410"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.2.3"
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "66020"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "11.4x27.62"
},
{
"model": "real-time compression appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.8"
},
{
"model": "prime collaboration provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5"
},
{
"model": "oceanstor s5600t v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.2"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x47"
},
{
"model": "security network intrusion prevention system gx7412-10",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "espace iad v300r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "pk family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1810v10"
},
{
"model": "telepresence ex series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"model": "junos os 13.3r3",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "telepresence server on virtual machine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "59200"
},
{
"model": "oceanstor s6800t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "manageone v100r001c02 spc901",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos 11.4r10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security information and event management",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.2"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "41005.2"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.5-2"
},
{
"model": "project openssl 1.0.0m",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "junos 12.1x45-d20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "open systems snapvault",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.6.1"
},
{
"model": "oceanstor s2600t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "dsr-500n rev. a1",
"scope": null,
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "security network intrusion prevention system gx5008-v2",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "s2750\u0026s5700\u0026s6700 v200r003",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "oceanstor s5800t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "security network intrusion prevention system gx4002",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"model": "4210g switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "oceanstor s5800t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "isoc v200r001c02spc202",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "9000"
},
{
"model": "ios xr software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 2tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413011.5"
},
{
"model": "unified series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "79000"
},
{
"model": "ons series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154000"
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"model": "aura experience portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "unified intelligent contact management enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nip2000\u00265000 v100r002c10spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "hyperdp v200r001c09spc501",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "sterling b2b integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "webapp secure",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.8.0"
},
{
"model": "anyconnect secure mobility client for ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.7.0"
},
{
"model": "security threat response manager",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "2013.2"
},
{
"model": "eupp v100r001c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ei switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "55000"
},
{
"model": "toolscenter suite",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.52"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3"
},
{
"model": "junos 13.1r4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0"
},
{
"model": "guardium database activity monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "dsr-500 rev. a1",
"scope": null,
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "aura system manager sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "policy center v100r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.2"
},
{
"model": "junos d15",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x45-"
},
{
"model": "telepresence",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "13100"
},
{
"model": "junos os 12.1x47-d15",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl 1.0.1b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.0k",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "storevirtual 3tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "tandberg mxp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9900"
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "59000"
},
{
"model": "updatexpress system packs installer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.60"
},
{
"model": "oceanstor s5800t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1"
},
{
"model": "jabber for mac",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "usg2000 v300r001c10spc200",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "d9036 modular encoding platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance 4300e/4500e high-definition ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smart update manager",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "6.4.1"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "mcp",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "66000"
},
{
"model": "storevirtual 600gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.5"
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.0.92743"
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "75000"
},
{
"model": "unified series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "69000"
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8300"
},
{
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "6"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "junos 12.2r8-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.2"
},
{
"model": "oceanstor s5600t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.7"
},
{
"model": "sterling b2b integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"model": "jabber video for ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "secblade fw family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "tssc",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.15"
},
{
"model": "junos 12.1x44-d26",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "51005.1.2"
},
{
"model": "guardium database activity monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2.2"
},
{
"model": "unified communications manager session management edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "51005.1"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "video surveillance ptz ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "snapdrive for unix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "webex connect client for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence serial gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "clustered data ontap antivirus connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1"
},
{
"model": "junos 10.4r15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "uacos c4.4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "elog v100r003c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos pulse 4.0r5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security module for cisco network registar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ata series analog telephone adaptor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1900"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.5"
},
{
"model": "aura utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.6"
},
{
"model": "junos 14.1r2",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89610"
},
{
"model": "open systems snapvault",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"model": "p2 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1810v10"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500-320"
},
{
"model": "junos 10.0s25",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.6"
},
{
"model": "unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network intrusion prevention system gx5108-v2",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "softco v200r001c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x45"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.2"
},
{
"model": "s6900 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "svn5500 v200r001c01hp0001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.6"
},
{
"model": "prime lan management solution",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "11.2"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "5.1"
},
{
"model": "proventia network security controller 1.0.3350m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "msr50 g2 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.0"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "junos 10.4r10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "agent desktop for cisco unified contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 12.3r4-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "dsm v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "cms r17ac.h",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "agile controller v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.1"
},
{
"model": "nip2000\u00265000 v100r002c10hp0001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "telepresence mx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "storevirtual 1tb mdl china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500-370"
},
{
"model": "russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "66020"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.4"
},
{
"model": "junos r5",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "13.2"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1"
},
{
"model": "oceanstor s5800t v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "oceanstor s5500t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "css series content services switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "115000"
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.0.10"
},
{
"model": "telepresence isdn gw mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83210"
},
{
"model": "ucs central",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence profile series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smc2.0 v100r002c01b017sp16",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "web gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2.10"
},
{
"model": "espace iad v300r001c07",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "security network intrusion prevention system gx7412-05",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.0"
},
{
"model": "dynamic system analysis",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.60"
},
{
"model": "s7700\u0026s9700 v200r003",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "blackberry link",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "1.2"
},
{
"model": "oneview",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.05"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.5"
},
{
"model": "msr20-1x family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "real-time compression appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.9.107"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "1.0.6"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.3"
},
{
"model": "msr30-1x family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "junos 12.1x44-d32",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "4510g switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "proventia network security controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1768"
},
{
"model": "physical access gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 450gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "dsr-1000 rev. a1",
"scope": null,
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "nac guest server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "session border controller enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "s7700\u0026s9700 v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.4"
},
{
"model": "dsr-1000n 1.09.b61",
"scope": "ne",
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "junos 12.1r7",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "ive os 8.0r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89410"
},
{
"model": "unity connection",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "isoc v200r001c01spc101",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "5000"
},
{
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.1"
},
{
"model": "documentum content server sp2 p16",
"scope": "ne",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "oceanstor s2200t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "prime network registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "espace usm v100r001c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl 1.0.0a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "junos os 12.1x44-d40",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.1"
}
],
"sources": [
{
"db": "BID",
"id": "67193"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-057"
},
{
"db": "NVD",
"id": "CVE-2014-0198"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.0.1g",
"versionStartIncluding": "1.0.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.0.13",
"versionStartIncluding": "10.0.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0198"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HP",
"sources": [
{
"db": "PACKETSTORM",
"id": "127213"
},
{
"db": "PACKETSTORM",
"id": "127807"
},
{
"db": "PACKETSTORM",
"id": "140720"
},
{
"db": "PACKETSTORM",
"id": "127326"
},
{
"db": "PACKETSTORM",
"id": "129218"
},
{
"db": "PACKETSTORM",
"id": "127265"
}
],
"trust": 0.6
},
"cve": "CVE-2014-0198",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2014-0198",
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-0198",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201405-057",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2014-0198",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-0198"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-057"
},
{
"db": "NVD",
"id": "CVE-2014-0198"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The do_ssl3_write function in s3_pkt.c in OpenSSL 1.x through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, does not properly manage a buffer pointer during certain recursive calls, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors that trigger an alert condition. OpenSSL is prone to denial-of-service vulnerability. \nAn attacker may exploit this issue to crash the application, resulting in denial-of-service conditions. \n\nThe oldstable distribution (squeeze) is not affected. \n\nFor the stable distribution (wheezy), this problem has been fixed in\nversion 1.0.1e-2+deb7u9. \n\nFor the testing distribution (jessie), this problem has been fixed in\nversion 1.0.1g-4. \n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.0.1g-4. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0198\n http://advisories.mageia.org/MGASA-2014-0204.html\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Business Server 1/X86_64:\n 0960978623ce1a63b660860f11a273cd mbs1/x86_64/lib64openssl1.0.0-1.0.0k-1.3.mbs1.x86_64.rpm\n a1f2e8359b1823df2bbf4cef25ed0fa5 mbs1/x86_64/lib64openssl-devel-1.0.0k-1.3.mbs1.x86_64.rpm\n 9caf8ee1e9151cd22cc8bbbcec6ddc64 mbs1/x86_64/lib64openssl-engines1.0.0-1.0.0k-1.3.mbs1.x86_64.rpm\n e7e8655dcdfcf3499b5d3280a7023beb mbs1/x86_64/lib64openssl-static-devel-1.0.0k-1.3.mbs1.x86_64.rpm\n 34ef39c4e07e20ed081ff466b744e6b1 mbs1/x86_64/openssl-1.0.0k-1.3.mbs1.x86_64.rpm \n 4c4315e35972686c692a095851d42cd4 mbs1/SRPMS/openssl-1.0.0k-1.3.mbs1.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. \n\nHP Insight Control server deployment packages HP System Management Homepage\n(SMH) and HP Version Control Agent (VCA), and HP Smart Update Manager (SUM)\nand deploys them through the following components. This bulletin provides the\ninformation needed to update the HP Insight Control server deployment\nsolution. HP has provided manual update steps\nif a version upgrade is not possible; if users wish to remain at v7.1.2,\nv7.2.0, or v7.2.1. \n\nNote: It is important to check your current running version of HP Insight\nControl server deployment and to follow the correct steps listed below. For\nHP Insight Control server deployment v7.2.2, users must upgrade to v7.3.1 and\nfollow the steps below to remove the vulnerability. That Security Bulletin with instructions on how to upgrade\nto v7.3.1 can be found here:\n\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_n\na-c04267749\n\nHP Insight Control server deployment users of v7.1.2, v7.2.0, v7.2.1 should\ntake the following steps to remove this vulnerability. \n\nDelete the files smhamd64-*.exe/smhx86-*.exe\" from Component Copy Location\nlisted in the following table, rows 1 and 2. \nDelete the files \"vcax86-*.exe/vcaamd64-*.exe from Component Copy Location\nlisted in the following table, rows 3 and 4. \nDelete the files hpsmh-7.*.rpm\" from Component Copy Location listed in row 5. \nIn sequence, perform the steps from left to right in the following table. \nFirst, download components from Download Link; Second, rename the component\nas suggested in Rename to. Third, copy the component to the location\nspecified in Component Copy Location. \nTable Row Number\n Download Link\n Rename to\n Component Copy Location\n\n1\n http://www.hp.com/swpublishing/MTX-e8076c2a35804685ad65b2b1ba\n smhamd64-ccp023716.exe\n \\\\express\\hpfeatures\\hpagents-ws\\components\\Win2008\n\n2\n http://www.hp.com/swpublishing/MTX-3395d737d98f42149125b9bb05\n smhx86-cp023715.exe\n \\\\express\\hpfeatures\\hpagents-ws\\components\\Win2008\n\n3\n http://www.hp.com/swpublishing/MTX-8aefeaf490284a7691eca97d13\n vcax86-cp023742.exe\n \\\\express\\hpfeatures\\hpagents-ws\\components\\Win2008\n\n4\n http://www.hp.com/swpublishing/MTX-c0d32bac154a4d93839d8cd1f2\n vcaamd64-cp023743.exe\n \\\\express\\hpfeatures\\hpagents-ws\\components\\Win2008\n\n5\n http://www.hp.com/swpublishing/MTX-bd9a1cf60e344c549c4888db93\n Do not rename the downloaded component for this step. \n \\\\express\\hpfeatures\\hpagents-sles11-x64\\components\n\\\\express\\hpfeatures\\hpagents-sles10-x64\\components\n\\\\express\\hpfeatures\\hpagents-rhel5-x64\\components\n\\\\express\\hpfeatures\\hpagents-rhel6-x64\\components\n\nDownload and extract the HPSUM 5.3.6 component from\nftp://ftp.hp.com/pub/softlib2/software1/pubsw-windows/p750586112/v99793\n\nCopy all content from extracted ZIP folder and paste into\n\\\\eXpress\\hpfeatures\\fw-proLiant\\components\nInitiate Install HP Management Agents for SLES 11 x64 on targets running\nSLES11 x64. \nInitiate Install HP Management Agents for SLES 10 x64 on targets running\nSLES10 x64. \nInitiate Install HP Management Agents for RHEL 6 x64 on targets running RHEL\n6 x64. \nInitiate Install HP Management Agents for RHEL 5 x64 on targets running RHEL\n5 x64. \nInitiate Install HP Management Agents for Windows x86/x64 on targets running\nWindows. \n\nHP Insight Control server deployment users with v7.2.2:\n\nPlease upgrade to Insight Control server deployment v7.3.1 and follow the\nsteps below for v7.3.1. \n\nHP Insight Control server deployment users with v7.3.1:\n\nPerform steps 1 - 4 as outlined above for users with HP Insight Control\nserver deployment v7.1.2, v7.2.0, and v7.2.1. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201407-05\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: OpenSSL: Multiple vulnerabilities\n Date: July 27, 2014\n Bugs: #512506\n ID: 201407-05\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in OpenSSL, possibly allowing\nremote attackers to execute arbitrary code. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll OpenSSL users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-1.0.1h-r1\"\n\nReferences\n==========\n\n[ 1 ] CVE-2010-5298\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-5298\n[ 2 ] CVE-2014-0195\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0195\n[ 3 ] CVE-2014-0198\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0198\n[ 4 ] CVE-2014-0221\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0221\n[ 5 ] CVE-2014-0224\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0224\n[ 6 ] CVE-2014-3470\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3470\n[ 7 ] OpenSSL Security Advisory [05 Jun 2014]\n http://www.openssl.org/news/secadv_20140605.txt\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201407-05.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2014 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. These vulnerabilities include: \n\n* The SSLv3 vulnerability known as \"Padding Oracle on Downgraded Legacy\nEncryption\" also known as \"POODLE\", which could be exploited remotely\nresulting in disclosure of information. \n\n - HP StoreVirtual VSA Software 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4130 600GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4130 600GB China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 1TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 450GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 1TB MDL China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 450GB China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 900GB China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 FC 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 FC 900GB China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 2TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 3TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 450GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 600GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4630 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4730 600GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4730 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4730 FC 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 450GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 900GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 1TB MDL SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 3TB MDL SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 450GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4335 China Hybrid Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4335 Hybrid Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 4TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4130 600GB China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4130 600GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 1TB MDL China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 1TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 1TB MDL SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 450GB China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 450GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 450GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 900GB China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 900GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 FC 900GB China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 FC 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4335 China Hybrid SAN Solution 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4335 China Hybrid Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4335 Hybrid SAN Solution 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4335 Hybrid Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 2TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 3TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 3TB MDL SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 450GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 450GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 4TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 600GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 600GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4630 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4730 600GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4730 600GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4730 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4730 900GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4730 FC 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n\nBACKGROUND\n\n CVSS Base Metrics\n =================\n Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector\n\n CVE-2010-5298\n 4.8 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L\n 4.0 (AV:N/AC:H/Au:N/C:N/I:P/A:P)\n\n CVE-2014-0076\n 4.0 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\n 1.9 (AV:L/AC:M/Au:N/C:P/I:N/A:N)\n\n CVE-2014-0195\n 7.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L\n 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n\n CVE-2014-0198\n 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\n 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)\n\n CVE-2014-0221\n 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\n 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)\n\n CVE-2014-0224\n 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L\n 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n\n CVE-2014-3470\n 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\n 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)\n\n CVE-2014-3566\n 3.1 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N\n 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n CVE-2016-0705\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n Information on CVSS is documented in\n HPE Customer Notice HPSN-2008-002 here:\n\nhttps://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499\n\nRESOLUTION\n\nHPE recommends applying the following software updates to resolve the\nvulnerabilities in the impacted versions of HPE StoreVirtual products running\nHPE LeftHand OS. \n\nLeftHand OS v11.5 - Patches 45019-00 and 45020 \nLeftHand OS v12.0 - Patches 50016-00 and 50017-00 \nLeftHand OS v12.5 - Patch 55016-00 \nLeftHand OS v12.6 - Patch 56002-00 \n\n**Notes:**\n\nThese patches enable TLSv1.2 protocol and upgrades the OpenSSL RPM revision\nto OpenSSL v1.0.1e 48. \nThese patches migrate Certificate Authority Hashing Algorithm from a weak\nhashing algorithm SHA1 to the stronger hashing algorithm SHA256. Summary\n\n VMware product updates address OpenSSL security vulnerabilities. \n\n2. Relevant Releases\n\n ESXi 5.5 prior to ESXi550-201406401-SG\n\n\n3. \n\n OpenSSL libraries have been updated in multiple products to\n versions 0.9.8za and 1.0.1h in order to resolve multiple security\n issues. \n \n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n\n has assigned the names CVE-2014-0224, CVE-2014-0198, \n CVE-2010-5298, CVE-2014-3470, CVE-2014-0221 and CVE-2014-0195 to\n these issues. The most important of these issues is \n CVE-2014-0224. \n\n CVE-2014-0198, CVE-2010-5298 and CVE-2014-3470 are considered to\n be of moderate severity. Exploitation is highly unlikely or is\n mitigated due to the application configuration. \n\n CVE-2014-0221 and CVE-2014-0195, which are listed in the OpenSSL \n Security Advisory (see Reference section below), do not affect\n any VMware products. For readability\n the affected products have been split into 3 tables below, \n based on the different client-server configurations and\n deployment scenarios. Applying these patches to \n affected servers will mitigate the affected clients (See Table 1\n below). can be mitigated by using a secure network such as \n VPN (see Table 2 below). \n \n Clients and servers that are deployed on an isolated network are\n less exposed to CVE-2014-0224 (see Table 3 below). The affected\n products are typically deployed to communicate over the\n management network. \n\n RECOMMENDATIONS\n\n VMware recommends customers evaluate and deploy patches for\n affected Servers in Table 1 below as these patches become\n available. Patching these servers will remove the ability to\n exploit the vulnerability described in CVE-2014-0224 on both\n clients and servers. VMware recommends customers consider \n applying patches to products listed in Table 2 \u0026 3 as required. \n\n Column 4 of the following tables lists the action required to\n remediate the vulnerability in each release, if a solution is\n available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch \n ============== ======= ======= =============\n ESXi 5.5 ESXi ESXi550-\n 201406401-SG \n\n Big Data Extensions 1.1 patch pending \n Charge Back Manager 2.6 patch pending \n\n Horizon Workspace Server \n GATEWAY 1.8.1 patch pending \n Horizon Workspace Server \n GATEWAY 1.5 patch pending \n\n Horizon Workspace Server \n DATA 1.8.1 patch pending \n\n Horizon Mirage Edge Gateway 4.4.2 patch pending \n Horizon View 5.3.1 patch pending \n\n Horizon View Feature Pack 5.3 SP2 patch pending \n\n NSX for Multi-Hypervisor 4.1.2 patch pending \n NSX for Multi-Hypervisor 4.0.3 patch pending \n NSX for vSphere 6.0.4 patch pending \n NVP 3.2.2 patch pending \n vCAC 6.0.1 patch pending \n\n vCloud Networking and Security 5.5.2 \t\t patch pending \n vCloud Networking and Security 5.1.2 \t\t patch pending \n\n vFabric Web Server 5.3.4 patch pending \n\n vCHS - DPS-Data Protection 2.0 patch pending \n Service\n\n Table 2\n ========\n Affected clients running a vulnerable version of OpenSSL 0.9.8 \n or 1.0.1 and communicating over an untrusted network. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch \n ============== ======= ======= =============\n vCSA 5.5 patch pending \n vCSA 5.1 patch pending \n vCSA 5.0 patch pending \n\n\n ESXi 5.1 ESXi patch pending \n ESXi 5.0 ESXi patch pending \n\n Workstation 10.0.2 any patch pending \n Workstation 9.0.3 any patch pending \n Fusion 6.x OSX patch pending \n Fusion 5.x OSX patch pending \n Player 10.0.2 any patch pending \n Player 9.0.3 any patch pending \n\n Chargeback Manager 2.5.x patch pending \n\n Horizon Workspace Client for 1.8.1 OSX patch pending \n Mac\n Horizon Workspace Client for 1.5 OSX patch pending \n Mac\n Horizon Workspace Client for 1.8.1 Windows patch pending \n Windows \n Horizon Workspace Client for 1.5 Windows patch pending \n\n OVF Tool 3.5.1 patch pending \n OVF Tool 3.0.1 patch pending \n\n vCenter Operations Manager 5.8.1 patch pending \n\n vCenter Support Assistant 5.5.0 patch pending \n vCenter Support Assistant 5.5.1 patch pending \n \n vCD 5.1.2 patch pending \n vCD 5.1.3 patch pending \n vCD 5.5.1.1 patch pending \n vCenter Site Recovery Manager 5.0.3.1 patch pending \n\n Table 3\n =======\n The following table lists all affected clients running a\n vulnerable version of OpenSSL 0.9.8 or 1.0.1 and communicating\n over an untrusted network. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch \n ============== ======= ======= =============\n vCenter Server 5.5 any patch pending\n vCenter Server 5.1 any patch pending\n vCenter Server 5.0 any patch pending\n\n Update Manager 5.5 Windows patch pending\n Update Manager 5.1 Windows patch pending\n Update Manager 5.0 Windows patch pending \n\n Config Manager (VCM) 5.6 patch pending \n\n Horizon View Client 5.3.1 patch pending \n Horizon View Client 4.x patch pending\n Horizon Workspace 1.8.1 patch pending \n Horizon Workspace 1.5 patch pending \n \n \n ITBM Standard 1.0.1 patch pending \n ITBM Standard 1.0 patch pending \n \n Studio 2.6.0.0 patch pending \n \n Usage Meter 3.3 patch pending \n vCenter Chargeback Manager 2.6 patch pending \n vCenter Converter Standalone 5.5 patch pending \n vCenter Converter Standalone 5.1 patch pending \n vCD (VCHS) 5.6.2 patch pending \n \n vCenter Site Recovery Manager 5.5.1 patch pending \n vCenter Site Recovery Manager 5.1.1 patch pending\n\n vFabric Application Director 5.2.0 patch pending \n vFabric Application Director 5.0.0 patch pending \n View Client 5.3.1 patch pending \n View Client 4.x patch pending\n VIX API 5.5 patch pending \n VIX API 1.12 patch pending \n \n vMA (Management Assistant) 5.1.0.1 patch pending \n \n\n VMware Data Recovery 2.0.3 patch pending \n \n VMware vSphere CLI 5.5 patch pending \n \n vSphere Replication 5.5.1 patch pending \n vSphere Replication 5.6 patch pending \n vSphere SDK for Perl 5.5 patch pending \n vSphere Storage Appliance 5.5.1 patch pending \n vSphere Storage Appliance 5.1.3 patch pending \n vSphere Support Assistant 5.5.1 patch pending \n vSphere Support Assistant 5.5.0 patch pending\n vSphere Virtual Disk 5.5 patch pending \n Development Kit \n vSphere Virtual Disk 5.1 patch pending \n Development Kit\n vSphere Virtual Disk 5.0 patch pending \n Development Kit\n \n 4. Solution\n\n ESXi 5.5\n ----------------------------\n\n Download:\n https://www.vmware.com/patchmgr/download.portal\n\n Release Notes and Remediation Instructions:\n http://kb.vmware.com/kb/2077359\n\n 5. References\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0198\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5298\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470\n \n https://www.openssl.org/news/secadv_20140605.txt\n\n- -----------------------------------------------------------------------\n\n6. Change Log\n\n 2014-06-10 VMSA-2014-0006\n Initial security advisory in conjunction with the release of\n ESXi 5.5 updates on 2014-06-10\n\n- -----------------------------------------------------------------------\n \n7. Contact\n\n E-mail list for product security notifications and announcements:\n http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\n This Security Advisory is posted to the following lists:\n\n security-announce at lists.vmware.com\n bugtraq at securityfocus.com\n fulldisclosure at seclists.org\n\n E-mail: security at vmware.com\n PGP key at: http://kb.vmware.com/kb/1055\n\n VMware Security Advisories\n http://www.vmware.com/security/advisories\n\n VMware Security Response Policy\n https://www.vmware.com/support/policies/security_response.html\n\n VMware Lifecycle Support Phases\n https://www.vmware.com/support/policies/lifecycle.html\n \n Twitter\n https://twitter.com/VMwareSRC\n\n Copyright 2014 VMware Inc. All rights reserved. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/\ndocDisplay?docId=emr_na-c04347622\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c04347622\nVersion: 2\n\nHPSBHF03052 rev.2 - HP Network Products running OpenSSL, Multiple Remote\nVulnerabilities\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2014-06-20\nLast Updated: 2014-11-20\n\nPotential Security Impact: Remote Denial of Service (DoS), code execution,\nunauthorized access, modification of information, disclosure of information\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with HP Network\nProducts running OpenSSL. The vulnerabilities could be exploited remotely to\ncreate a Denial of Service (DoS), execute code, allow unauthorized access,\nmodify or disclose information. \n\nReferences:\n\n CVE-2010-5298 (SSRT101561) Remote Denial of Service (DoS) or Modification\nof Information\n CVE-2014-0198 (SSRT101561) Remote Unauthorized Access\n CVE-2014-0224 (SSRT101593) Remote Unauthorized Access or Disclosure of\nInformation\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nPlease refer to the RESOLUTION\n section below for a list of impacted products. \n\nNOTE:\n\nAll products listed are impacted by CVE-2014-0224. This is the vulnerability\nknown as \"Heartbleed\". \nHP Intelligent Management Center (iMC) is also impacted by CVE-2014-0198 and\nCVE-2010-5298. \n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2010-5298 (AV:N/AC:H/Au:N/C:N/I:P/A:P) 4.0\nCVE-2014-0198 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2014-0224 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\nOn June 5th 2014, OpenSSL.org issued an advisory with several CVE\nvulnerabilities. HP Networking is working to release fixes for these\nvulnerabilities that impact the products in the table below. As fixed\nsoftware is made available, this security bulletin will be updated to show\nthe fixed versions. Until the software fixes are available, HP Networking is\nproviding the following information including possible workarounds to\nmitigate the risks of these vulnerabilities. \n\n Workarounds\n\n HP Networking equipment is typically deployed inside firewalls and access\nto management interfaces and other protocols is more tightly controlled than\nin public environments. \n\n Following the guidelines in the Hardening Comware-based devices can help\nto further reduce man-in-the-middle opportunities:\n\n http://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=\nc03536920\n\n For an HP Networking device acting as an OpenSSL Server, using a patched\nOpenSSL client or non-OpenSSL client eliminates the risk. \n\n Protocol Notes\n\n The following details the protocols that use OpenSSL in Comware v5 and\nComware v7:\n\n - Comware V7:\n\n Server:\n\n FIPS/HTTPS/Load Balancing/Session Initiation Protocol\n\n Client:\n\n Load Balancing/OpenFlow/Session Initiation Protocol/State Machine\nBased Anti-Spoofing/Dynamic DNS\n\n - Comware V5:\n\n Server:\n\n CAPWAP/EAP/SSLVPN\n\n Client:\n\n Dynamic DNS\n\nFamily\n Fixed Version\n HP Branded Products Impacted\n H3C Branded Products Impacted\n 3Com Branded Products Impacted\n\n12900 Switch Series\n 12900_7.10.R1109\n12900_7.10.R1005P07\n JG619A HP FF 12910 Switch AC Chassis\nJG621A HP FF 12910 Main Processing Unit\nJG632A HP FF 12916 Switch AC Chassis\nJG634A HP FF 12916 Main Processing Unit\n\n12500.0\n 12500_5.20.R1828P04\n12500_5.20.R1828P04-US\n JC085A HP A12518 Switch Chassis\nJC086A HP A12508 Switch Chassis\nJC652A HP 12508 DC Switch Chassis\nJC653A HP 12518 DC Switch Chassis\nJC654A HP 12504 AC Switch Chassis\nJC655A HP 12504 DC Switch Chassis\nJF430A HP A12518 Switch Chassis\nJF430B HP 12518 Switch Chassis\nJF430C HP 12518 AC Switch Chassis\nJF431A HP A12508 Switch Chassis\nJF431B HP 12508 Switch Chassis\nJF431C HP 12508 AC Switch Chassis\nJC072B HP 12500 Main Processing Unit\nJC808A HP 12500 TAA Main Processing Unit\n H3C S12508 Routing Switch(AC-1) (0235A0GE)\nH3C S12518 Routing Switch(AC-1) (0235A0GF)\nH3C S12508 Chassis (0235A0E6)\nH3C S12508 Chassis (0235A38N)\nH3C S12518 Chassis (0235A0E7)\nH3C S12518 Chassis (0235A38M)\n\n12500 (Comware v7)\n 12500_7.10.R7328P03\n JC085A HP A12518 Switch Chassis\nJC086A HP A12508 Switch Chassis\nJC652A HP 12508 DC Switch Chassis\nJC653A HP 12518 DC Switch Chassis\nJC654A HP 12504 AC Switch Chassis\nJC655A HP 12504 DC Switch Chassis\nJF430A HP A12518 Switch Chassis\nJF430B HP 12518 Switch Chassis\nJF430C HP 12518 AC Switch Chassis\nJF431A HP A12508 Switch Chassis\nJF431B HP 12508 Switch Chassis\nJF431C HP 12508 AC Switch Chassis\nJC072B HP 12500 Main Processing Unit\nJG497A HP 12500 MPU w/Comware V7 OS\nJG782A HP FF 12508E AC Switch Chassis\nJG783A HP FF 12508E DC Switch Chassis\nJG784A HP FF 12518E AC Switch Chassis\nJG785A HP FF 12518E DC Switch Chassis\nJG802A HP FF 12500E MPU\n H3C S12508 Routing Switch(AC-1) (0235A0GE)\nH3C S12518 Routing Switch(AC-1) (0235A0GF)\nH3C S12508 Chassis (0235A0E6)\nH3C S12508 Chassis (0235A38N)\nH3C S12518 Chassis (0235A0E7)\nH3C S12518 Chassis (0235A38M)\n\n11900 Switch Series\n 11900_7.10.R2111P04\n JG608A HP FF 11908-V Switch Chassis\nJG609A HP FF 11900 Main Processing Unit\n\n10500 Switch Series (Comware v5)\n 10500_5.20.R1208P09 10500_5.20.R1208P09-US\n JC611A HP 10508-V Switch Chassis\nJC612A HP 10508 Switch Chassis\nJC613A HP 10504 Switch Chassis\nJC614A HP 10500 Main Processing Unit\nJC748A HP 10512 Switch Chassis\nJG375A HP 10500 TAA Main Processing Unit\nJG820A HP 10504 TAA Switch Chassis\nJG821A HP 10508 TAA Switch Chassis\nJG822A HP 10508-V TAA Switch Chassis\nJG823A HP 10512 TAA Switch Chassis\n\n10500 Switch Series (Comware v7)\n 10500_7.10.R2111P04\n JC611A HP 10508-V Switch Chassis\nJC612A HP 10508 Switch Chassis\nJC613A HP 10504 Switch Chassis\nJC748A HP 10512 Switch Chassis\nJG820A HP 10504 TAA Switch Chassis\nJG821A HP 10508 TAA Switch Chassis\nJG822A HP 10508-V TAA Switch Chassis\nJG823A HP 10512 TAA Switch Chassis\nJG496A HP 10500 Type A MPU w/Comware v7 OS\n\n9500E\n S9500E_5.20.R1828P04\n JC124A HP A9508 Switch Chassis\nJC124B HP 9505 Switch Chassis\nJC125A HP A9512 Switch Chassis\nJC125B HP 9512 Switch Chassis\nJC474A HP A9508-V Switch Chassis\nJC474B HP 9508-V Switch Chassis\n H3C S9505E Routing-Switch Chassis (0235A0G6)\nH3C S9508E-V Routing-Switch Chassis (0235A38Q)\nH3C S9512E Routing-Switch Chassis (0235A0G7)\nH3C S9508E-V Routing-Switch Chassis (0235A38Q)\nH3C S9505E Chassis w/ Fans (0235A38P)\nH3C S9512E Chassis w/ Fans (0235A38R)\n\n7900.0\n 7900_7.10.R2118\n JG682A HP FlexFabric 7904 Switch Chassis\n\n7500 Switch Series\n 7500_5.20.R6708P09\n7500_5.20.R6708P09-US\n JC666A HP A7503-S 144 Gbps Fab/MPU w 24p Gig-T\nJC697A HP A7502 TAA Main Processing Unit\nJC698A HP A7503S 144 Gbps TAA Fab/MPU w 24p GbE\nJC699A HP A7500 384Gbps TAA Fab/MPU w 2p 10-GbE\nJC700A HP A7500 384 Gbps TAA Fabric / MPU\nJC701A HP A7510 768 Gbps TAA Fabric / MPU\nJD193A HP 384 Gbps A7500 Fab Mod w/2 XFP Ports\nJD193B HP 7500 384Gbps Fab Mod w/2 XFP Ports\nJD194A HP 384 Gbps Fabric A7500 Module\nJD194B HP 7500 384Gbps Fabric Module\nJD195A HP 7500 384Gbps Advanced Fabric Module\nJD196A HP 7502 Fabric Module\nJD220A HP 7500 768Gbps Fabric Module\nJD238A HP A7510 Switch Chassis\nJD238B HP 7510 Switch Chassis\nJD239A HP A7506 Switch Chassis\nJD239B HP 7506 Switch Chassis\nJD240A HP A7503 Switch Chassis\nJD240B HP 7503 Switch Chassis\nJD241A HP A7506 Vertical Switch Chassis\nJD241B HP 7506-V Switch Chassis\nJD242A HP A7502 Switch Chassis\nJD242B HP 7502 Switch Chassis\nJD243A HP A7503 Switch Chassis w/1 Fabric Slot\nJD243B HP 7503-S Switch Chassis w/1 Fabric Slot\n H3C S7502E Ethernet Switch Chassis with Fan (0235A0G4)\nH3C S7503E Ethernet Switch Chassis with Fan (0235A0G2)\nH3C S7503E-S Ethernet Switch Chassis with Fan (0235A0G5)\nH3C S7506E Ethernet Switch Chassis with Fan (0235A0G1)\nH3C S7506E-V Ethernet Switch Chassis with Fan (0235A0G3)\nH3C S7510E Ethernet Switch Chassis with Fan (0235A0G0)\nH3C S7502E Chassis w/ fans (0235A29A)\nH3C S7503E Chassis w/ fans (0235A27R)\nH3C S7503E-S Chassis w/ fans (0235A33R)\nH3C S7506E Chassis w/ fans (0235A27Q)\nH3C S7506E-V Chassis w/ fans (0235A27S)\n\nHSR6800\n HSR6800_5.20.R3303P10\nHSR6800_5.20.R3303P10-US\n JG361A HP HSR6802 Router Chassis\nJG362A HP HSR6804 Router Chassis\nJG363A HP HSR6808 Router Chassis\nJG364A HP HSR6800 RSE-X2 Router MPU\nJG779A HP HSR6800 RSE-X2 Router TAA MPU\n\nHSR6800 Russian Version\n HSR6800_5.20.R3303P10.RU\n JG361A HP HSR6802 Router Chassis\nJG362A HP HSR6804 Router Chassis\nJG363A HP HSR6808 Router Chassis\nJG364A HP HSR6800 RSE-X2 Router MPU\nJG779A HP HSR6800 RSE-X2 Router TAA MPU\n\nHSR6602\n HSR6602_5.20.R3303P10\nHSR6602_5.20.R3303P10-US\n JG353A HP HSR6602-G Router\nJG354A HP HSR6602-XG Router\nJG776A HP HSR6602-G TAA Router\nJG777A HP HSR6602-XG TAA Router\n\nHSR6602 Russian Version\n HSR6602_5.20.R3303P10.RU\n JG353A HP HSR6602-G Router\nJG354A HP HSR6602-XG Router\nJG776A HP HSR6602-G TAA Router\nJG777A HP HSR6602-XG TAA Router\n\n6602.0\n 6602_5.20.R3303P10\n6602_5.20.R3303P10-US\n JC176A HP 6602 Router Chassis\n H3C SR6602 1U Router Host (0235A27D)\n\n6602 Russian Version\n 6602_5.20.R3303P10.RU\n JC176A HP 6602 Router Chassis\n H3C SR6602 1U Router Host (0235A27D)\n\nA6600\n 6600.RPE_5.20.R3303P10\n6600.RSE_5.20.R3303P10\n6600.RPE_5.20.R3303P10-US\n6600.RSE_5.20.R3303P10-US\n JC177A HP 6608 Router\nJC177B HP A6608 Router Chassis\nJC178A HP 6604 Router Chassis\nJC178B HP A6604 Router Chassis\nJC496A HP 6616 Router Chassis\nJC566A HP A6600 RSE-X1 Main Processing Unit\nJG780A HP 6600 RSE-X1 Router TAA MPU\n H3C RT-SR6608-OVS-H3 (0235A32X)\nH3C RT-SR6604-OVS-H3 (0235A37X)\nH3C SR6616 Router Chassis (0235A41D)\n\nA6600 Russian Version\n 6600.RPE_5.20.R3303P10.RU\n6600.RSE_5.20.R3303P10.RU\n JC177A HP 6608 Router\nJC177B HP A6608 Router Chassis\nJC178A HP 6604 Router Chassis\nJC178B HP A6604 Router Chassis\nJC496A HP 6616 Router Chassis\nJC566A HP A6600 RSE-X1 Main Processing Unit\nJG780A HP 6600 RSE-X1 Router TAA MPU\n H3C RT-SR6608-OVS-H3 (0235A32X)\nH3C RT-SR6604-OVS-H3 (0235A37X)\nH3C SR6616 Router Chassis (0235A41D)\n\n6600 MCP\n HSR6602_5.20.R3303P10\nHSR6602_5.20.R3303P10-US\n JC177A HP 6608 Router\nJC177B HP A6608 Router Chassis\nJC178A HP 6604 Router Chassis\nJC178B HP A6604 Router Chassis\nJC496A HP 6616 Router Chassis\nJG778A HP 6600 MCP-X2 Router TAA MPU. JG355A HP 6600 MCP-X1 Router MPU\nJG356A HP 6600 MCP-X2 Router MPU\n H3C RT-SR6608-OVS-H3 (0235A32X)\nH3C RT-SR6604-OVS-H3 (0235A37X)\nH3C SR6616 Router Chassis (0235A41D)\n\n6600 MCP Russian Version\n HSR6602_5.20.R3303P10.RU\n JC177A HP 6608 Router\nJC177B HP A6608 Router Chassis\nJC178A HP 6604 Router Chassis\nJC178B HP A6604 Router Chassis\nJC496A HP 6616 Router Chassis\nJG778A HP 6600 MCP-X2 Router TAA MPU\nJG355A HP 6600 MCP-X1 Router MPU\nJG356A HP 6600 MCP-X2 Router MPU\n H3C RT-SR6608-OVS-H3 (0235A32X)\nH3C RT-SR6604-OVS-H3 (0235A37X)\nH3C SR6616 Router Chassis (0235A41D)\n\n5920 Switch Series\n 5900AF-5920AF_7.10.R2311P01\n5900AF-5920AF_7.10.R2311P01-US\n JG296A HP 5920AF-24XG Switch\nJG555A HP 5920AF-24XG TAA Switch\n\n5900 Switch Series\n 5900AF-5920AF_7.10.R2311P01\n5900AF-5920AF_7.10.R2311P01-US\n JC772A HP 5900AF-48XG-4QSFP+ Switch\nJG336A HP 5900AF-48XGT-4QSFP+ Switch\nJG510A HP 5900AF-48G-4XG-2QSFP+ Switch\nJG554A HP 5900AF-48XG-4QSFP+ TAA Switch\nJG838A HP FF 5900CP-48XG-4QSFP+ Switch\n\n5830 Switch Series\n 5830_5.20.R1118P09\n5830_5.20.R1118P09-US\n JC691A HP A5830AF-48G Switch w/1 Interface Slot\nJC694A HP A5830AF-96G Switch\nJG316A HP 5830AF-48G TAA Switch w/1 Intf Slot\nJG374A HP 5830AF-96G TAA Switch\n\n5820 Switch Series\n 5800-5820X_5.20.R1808P25\n5800-5820X_5.20.R1808P27-US\n JC102A HP 5820-24XG-SFP+ Switch\nJC106A HP 5820-14XG-SFP+ Switch with 2 Slots\nJG219A HP 5820AF-24XG Switch\nJG243A HP 5820-24XG-SFP+ TAA-compliant Switch\nJG259A HP 5820X-14XG-SFP+ TAA Switch w 2 Slots\n H3C S5820X-28C 14 port (SFP Plus ) Plus 4-port BT (RJ45) Plus 2 media\nmodules Plus OSM (0235A37L)\nH3C S5820X-28S 24-port 10GBASE-X (SFP Plus ) Plus 4-port 10/100/1000BASE-T\n(RJ45) (0235A370)\n\n5800 Switch Series\n 5800-5820X_5.20.R1808P25\n5800-5820X_5.20.R1808P27-US\n JC099A HP 5800-24G-PoE Switch\nJC100A HP 5800-24G Switch\nJC101A HP 5800-48G Switch with 2 Slots\nJC103A HP 5800-24G-SFP Switch\nJC104A HP 5800-48G-PoE Switch\nJC105A HP 5800-48G Switch\nJG225A HP 5800AF-48G Switch\nJG242A HP 5800-48G-PoE+ TAA Switch w 2 Slots\nJG254A HP 5800-24G-PoE+ TAA-compliant Switch\nJG255A HP 5800-24G TAA-compliant Switch\nJG256A HP 5800-24G-SFP TAA Switch w 1 Intf Slt\nJG257A HP 5800-48G-PoE+ TAA Switch with 1 Slot\nJG258A HP 5800-48G TAA Switch w 1 Intf Slot\n H3C S5800-32C - 24-port 1BT Plus 4-port (SFP Plus ) Plus 1 media slot\n(0235A36U)\nH3C S5800-32C-PWR - 24-port 10/100/1000BASE-T (RJ45) Plus 4-port 10GBASE-X\n(SFP Plus ) Plus 1 media module PoE (0235A36S)\nH3C S5800-32F 24-port 1000BASE-X (SFP) Plus 4-port 10GBASE-X (SFP Plus ) Plus\nmedia module (no power) (0235A374)\nH3C S5800-56C 48-port 10/100/1000BASE-T (RJ45) Plus 4port 10GBASE-X (SFP Plus\n) Plus media module (0235A379)\nH3C S5800-56C-PWR 48-port BT Plus 4 port (SFP Plus ) Plus media module\n(0235A378)\nH3C S5800-60C-PWR 48-port BT Plus 4-port SFP Plus 2 media modules Plus OSM\n(0235A36W)\n\n5500 HI Switch Series\n 5500.HI_5.20.R5501P02\n5500.HI_5.20.R5501P02-US\n JG311A HP HI 5500-24G-4SFP w/2 Intf Slts Switch\nJG312A HP HI 5500-48G-4SFP w/2 Intf Slts Switch\nJG541A HP 5500-24G-PoE+-4SFP HI Switch w/2 Slt\nJG542A HP 5500-48G-PoE+-4SFP HI Switch w/2 Slt\nJG543A HP 5500-24G-SFP HI Switch w/2 Intf Slt\nJG679A HP 5500-24G-PoE+-4SFP HI TAA Swch w/2Slt\nJG680A HP 5500-48G-PoE+-4SFP HI TAA Swch w/2Slt\nJG681A HP 5500-24G-SFP HI TAA Swch w/2Slt\n\n5500 EI Switch Series\n 5500.EI-4800G_5.20.R2221P05\n5500.EI-4800G_5.20.R2221P04-US\n JD373A HP 5500-24G DC EI Switch\nJD374A HP 5500-24G-SFP EI Switch\nJD375A HP 5500-48G EI Switch\nJD376A HP 5500-48G-PoE EI Switch\nJD377A HP 5500-24G EI Switch\nJD378A HP 5500-24G-PoE EI Switch\nJD379A HP 5500-24G-SFP DC EI Switch\nJG240A HP 5500-48G-PoE+ EI Switch w/2 Intf Slts\nJG241A HP 5500-24G-PoE+ EI Switch w/2 Intf Slts\nJG249A HP 5500-24G-SFP EI TAA Switch w 2 Slts\nJG250A HP 5500-24G EI TAA Switch w 2 Intf Slts\nJG251A HP 5500-48G EI TAA Switch w 2 Intf Slts\nJG252A HP 5500-24G-PoE+ EI TAA Switch w/2 Slts\nJG253A HP 5500-48G-PoE+ EI TAA Switch w/2 Slts\n H3C S5500-28C-EI Ethernet Switch (0235A253)\nH3C S5500-28F-EI Eth Switch AC Single (0235A24U)\nH3C S5500-52C-EI Ethernet Switch (0235A24X)\nH3C S5500-28C-EI-DC Ethernet Switch (0235A24S)\nH3C S5500-28C-PWR-EI Ethernet Switch (0235A255)\nH3C S5500-28F-EI Eth Swtch DC Single Pwr (0235A259)\nH3C S5500-52C-PWR-EI Ethernet Switch (0235A251)\n\n5500 SI Switch Series\n 5500.SI_5.20.R2221P04\n JD369A HP 5500-24G SI Switch\nJD370A HP 5500-48G SI Switch\nJD371A HP 5500-24G-PoE SI Switch\nJD372A HP 5500-48G-PoE SI Switch\nJG238A HP 5500-24G-PoE+ SI Switch w/2 Intf Slts\nJG239A HP 5500-48G-PoE+ SI Switch w/2 Intf Slts\n H3C S5500-28C-SI Ethernet Switch (0235A04U)\nH3C S5500-52C-SI Ethernet Switch (0235A04V)\nH3C S5500-28C-PWR-SI Ethernet Switch (0235A05H)\nH3C S5500-52C-PWR-SI Ethernet Switch (0235A05J)\n\n5120 EI Switch Series\n 5120.EI-4210G-4510G_5.20.R2221P04\n5120.EI-4210G-4510G_5.20.R2221P04-US\n JE066A HP 5120-24G EI Switch\nJE067A HP 5120-48G EI Switch\nJE068A HP 5120-24G EI Switch with 2 Slots\nJE069A HP 5120-48G EI Switch with 2 Slots\nJE070A HP 5120-24G-PoE EI Switch with 2 Slots\nJE071A HP 5120-48G-PoE EI Switch with 2 Slots\nJG236A HP 5120-24G-PoE+ EI Switch w/2 Intf Slts\nJG237A HP 5120-48G-PoE+ EI Switch w/2 Intf Slts\nJG245A HP 5120-24G EI TAA Switch w 2 Intf Slts\nJG246A HP 5120-48G EI TAA Switch w 2 Intf Slts\nJG247A HP 5120-24G-PoE+ EI TAA Switch w 2 Slts\nJG248A HP 5120-48G-PoE+ EI TAA Switch w 2 Slts\n H3C S5120-24P-EI 24GE Plus 4ComboSFP (0235A0BQ)\nH3C S5120-28C-EI 24GE Plus 4Combo Plus 2Slt (0235A0BS)\nH3C S5120-48P-EI 48GE Plus 4ComboSFP (0235A0BR)\nH3C S5120-52C-EI 48GE Plus 4Combo Plus 2Slt (0235A0BT)\nH3C S5120-28C-PWR-EI 24G Plus 4C Plus 2S Plus POE (0235A0BU)\nH3C S5120-52C-PWR-EI 48G Plus 4C Plus 2S Plus POE (0235A0BV)\n\n5120 SI switch Series\n 5120.SI_5.20.R1513P86\n JE072A HP 5120-48G SI Switch\nJE073A HP 5120-16G SI Switch\nJE074A HP 5120-24G SI Switch\nJG091A HP 5120-24G-PoE+ (370W) SI Switch\nJG092A HP 5120-24G-PoE+ (170W) SI Switch\n H3C S5120-52P-SI 48GE Plus 4 SFP (0235A41W)\nH3C S5120-20P-SI L2\n16GE Plus 4SFP (0235A42B)\nH3C S5120-28P-SI 24GE Plus 4 SFP (0235A42D)\nH3C S5120-28P-HPWR-SI (0235A0E5)\nH3C S5120-28P-PWR-SI (0235A0E3)\n\n4800 G Switch Series\n 5500.EI-4800G_5.20.R2221P05\n5500.EI-4800G_5.20.R2221P04-US\n JD007A HP 4800-24G Switch\nJD008A HP 4800-24G-PoE Switch\nJD009A HP 4800-24G-SFP Switch\nJD010A HP 4800-48G Switch\nJD011A HP 4800-48G-PoE Switch\n\n 3Com Switch 4800G 24-Port (3CRS48G-24-91)\n3Com Switch 4800G 24-Port SFP (3CRS48G-24S-91)\n3Com Switch 4800G 48-Port (3CRS48G-48-91)\n3Com Switch 4800G PWR 24-Port (3CRS48G-24P-91)\n3Com Switch 4800G PWR 48-Port (3CRS48G-48P-91)\n\n4510G Switch Series\n 5500.EI-4800G_5.20.R2221P05\n5500.EI-4800G_5.20.R2221P04-US\n JF428A HP 4510-48G Switch\nJF847A HP 4510-24G Switch\n\n 3Com Switch 4510G 48 Port (3CRS45G-48-91)\n3Com Switch 4510G PWR 24-Port (3CRS45G-24P-91)\n3Com Switch E4510-24G (3CRS45G-24-91)\n\n4210G Switch Series\n 5120.EI-4210G-4510G_5.20.R2221P04\n5120.EI-4210G-4510G_5.20.R2221P04-US\n JF844A HP 4210-24G Switch\nJF845A HP 4210-48G Switch\nJF846A HP 4210-24G-PoE Switch\n\n 3Com Switch 4210-24G (3CRS42G-24-91)\n3Com Switch 4210-48G (3CRS42G-48-91)\n3Com Switch E4210-24G-PoE (3CRS42G-24P-91)\n\n3610 Switch Series\n S3610-5510_5.20.R5319P08\n JD335A HP 3610-48 Switch\nJD336A HP 3610-24-4G-SFP Switch\nJD337A HP 3610-24-2G-2G-SFP Switch\nJD338A HP 3610-24-SFP Switch\n H3C S3610-52P - model LS-3610-52P-OVS (0235A22C)\nH3C S3610-28P - model LS-3610-28P-OVS (0235A22D)\nH3C S3610-28TP - model LS-3610-28TP-OVS (0235A22E)\nH3C S3610-28F - model LS-3610-28F-OVS (0235A22F)\n\n3600 V2 Switch Series\n 3600V2_5.20.R2109P05\n JG299A HP 3600-24 v2 EI Switch\nJG300A HP 3600-48 v2 EI Switch\nJG301A HP 3600-24-PoE+ v2 EI Switch\nJG301B HP 3600-24-PoE+ v2 EI Switch\nJG302A HP 3600-48-PoE+ v2 EI Switch\nJG302B HP 3600-48-PoE+ v2 EI Switch\nJG303A HP 3600-24-SFP v2 EI Switch\nJG304A HP 3600-24 v2 SI Switch\nJG305A HP 3600-48 v2 SI Switch\nJG306A HP 3600-24-PoE+ v2 SI Switch\nJG306B HP 3600-24-PoE+ v2 SI Switch\nJG307A HP 3600-48-PoE+ v2 SI Switch\nJG307B HP 3600-48-PoE+ v2 SI Switch\n\n3100V2\n 3100V2_5.20.R5203P07\n JD313B HP 3100-24-PoE v2 EI Switch\nJD318B HP 3100-8 v2 EI Switch\nJD319B HP 3100-16 v2 EI Switch\nJD320B HP 3100-24 v2 EI Switch\nJG221A HP 3100-8 v2 SI Switch\nJG222A HP 3100-16 v2 SI Switch\nJG223A HP 3100-24 v2 SI Switch\n\n3100V2-48\n 3100V2.48_5.20.R2109P05\n JG315A HP 3100-48 v2 Switch\n\n1920.0\n 1920-48G-JG927A_5.20.R1104\n1920-8G-PoE-65W-JG921A_5.20.R1104\n1920-8G-JG920A_5.20.R1104\n1920-24G-PoE-370W-JG926A_5.20.R1104\n1920-24G-PoE-180W-JG925A_5.20.R1104\n1920-24G-JG924A_5.20.R1104\n1920-16G-JG923A_5.20.R1104\n1920-8G-PoE-180W-JG922A_5.20.R1104\n JG927A HP 1920-48G Switch\nJG921A HP 1920-8G-PoE+ (65W) Switch\nJG920A HP 1920-8G Switch\nJG926A HP 1920-24G-PoE+ (370W) Switch\nJG925A HP 1920-24G-PoE+ (180W) Switch\nJG924A HP 1920-24G Switch\nJG923A HP 1920-16G Switch\nJG922A HP 1920-8G-PoE+ (180W) Switch\n\n1910.0\n 1910-8-POE-JG537_5.20.R1106\n1910-48-JG540_5.20.R1106\n1910-24-JG538_5.20.R1106\n1910-24-POE-JG539_5.20.R1106\n1910-8-JG536_5.20.R1106\n JG537A HP 1910-8 -PoE+ Switch\nJG540A HP 1910-48 Switch\nJG538A HP 1910-24 Switch\nJG539A HP 1910-24-PoE+ Switch\nJG536A HP 1910-8 Switch\n\n1810v1 P2\n Fix in progress\nuse mitigations\n J9449A HP 1810-8G Switch\nJ9450A HP 1810-24G Switch\n\n1810v1 PK\n Fix in progress\nuse mitigations\n J9660A HP 1810-48G Switch\n\nMSR20\n MSR20.SI_5.20.R2513P02\n JD432A HP A-MSR20-21 Multi-Service Router\nJD662A HP MSR20-20 Multi-Service Router\nJD663A HP MSR20-21 Multi-Service Router\nJD663B HP MSR20-21 Router\nJD664A HP MSR20-40 Multi-Service Router\nJF228A HP MSR20-40 Router\nJF283A HP MSR20-20 Router\n H3C RT-MSR2020-AC-OVS-H3C (0235A324)\nH3C RT-MSR2040-AC-OVS-H3 (0235A326)\nH3C MSR 20-20 (0235A19H)\nH3C MSR 20-21 (0235A325)\nH3C MSR 20-40 (0235A19K)\nH3C MSR-20-21 Router (0235A19J)\n\nMSR20-1X\n MSR201X_5.20.R2513P02\n JD431A HP MSR20-10 Router\nJD667A HP MSR20-15 IW Multi-Service Router\nJD668A HP MSR20-13 Multi-Service Router\nJD669A HP MSR20-13 W Multi-Service Router\nJD670A HP MSR20-15 A Multi-Service Router\nJD671A HP MSR20-15 AW Multi-Service Router\nJD672A HP MSR20-15 I Multi-Service Router\nJD673A HP MSR20-11 Multi-Service Router\nJD674A HP MSR20-12 Multi-Service Router\nJD675A HP MSR20-12 W Multi-Service Router\nJD676A HP MSR20-12 T1 Multi-Service Router\nJF236A HP MSR20-15-I Router\nJF237A HP MSR20-15-A Router\nJF238A HP MSR20-15-I-W Router\nJF239A HP MSR20-11 Router\nJF240A HP MSR20-13 Router\nJF241A HP MSR20-12 Router\nJF806A HP MSR20-12-T Router\nJF807A HP MSR20-12-W Router\nJF808A HP MSR20-13-W Router\nJF809A HP MSR20-15-A-W Router\nJF817A HP MSR20-15 Router\nJG209A HP MSR20-12-T-W Router (NA)\nJG210A HP MSR20-13-W Router (NA)\n H3C MSR 20-15 Router Host(AC) 1 FE 4 LSW 1 ADSLoPOTS 1 DSIC (0235A0A8)\nH3C MSR 20-10 (0235A0A7)\nH3C RT-MSR2011-AC-OVS-H3 (0235A395)\nH3C RT-MSR2012-AC-OVS-H3 (0235A396)\nH3C RT-MSR2012-AC-OVS-W-H3 (0235A397)\nH3C RT-MSR2012-T-AC-OVS-H3 (0235A398)\nH3C RT-MSR2013-AC-OVS-H3 (0235A390)\nH3C RT-MSR2013-AC-OVS-W-H3 (0235A391)\nH3C RT-MSR2015-AC-OVS-A-H3 (0235A392)\nH3C RT-MSR2015-AC-OVS-AW-H3 (0235A393)\nH3C RT-MSR2015-AC-OVS-I-H3 (0235A394)\nH3C RT-MSR2015-AC-OVS-IW-H3 (0235A38V)\nH3C MSR 20-11 (0235A31V)\nH3C MSR 20-12 (0235A32E)\nH3C MSR 20-12 T1 (0235A32B)\nH3C MSR 20-13 (0235A31W)\nH3C MSR 20-13 W (0235A31X)\nH3C MSR 20-15 A (0235A31Q)\nH3C MSR 20-15 A W (0235A31R)\nH3C MSR 20-15 I (0235A31N)\nH3C MSR 20-15 IW (0235A31P)\nH3C MSR20-12 W (0235A32G)\n\nMSR30\n MSR30.SI_5.20.R2513P02\n JD654A HP MSR30-60 POE Multi-Service Router\nJD657A HP MSR30-40 Multi-Service Router\nJD658A HP MSR30-60 Multi-Service Router\nJD660A HP MSR30-20 POE Multi-Service Router\nJD661A HP MSR30-40 POE Multi-Service Router\nJD666A HP MSR30-20 Multi-Service Router\nJF229A HP MSR30-40 Router\nJF230A HP MSR30-60 Router\nJF232A HP RT-MSR3040-AC-OVS-AS-H3\nJF235A HP MSR30-20 DC Router\nJF284A HP MSR30-20 Router\nJF287A HP MSR30-40 DC Router\nJF801A HP MSR30-60 DC Router\nJF802A HP MSR30-20 PoE Router\nJF803A HP MSR30-40 PoE Router\nJF804A HP MSR30-60 PoE Router\n H3C MSR 30-20 Router (0235A328)\nH3C MSR 30-40 Router Host(DC) (0235A268)\nH3C RT-MSR3020-AC-POE-OVS-H3 (0235A322)\nH3C RT-MSR3020-DC-OVS-H3 (0235A267)\nH3C RT-MSR3040-AC-OVS-H (0235A299)\nH3C RT-MSR3040-AC-POE-OVS-H3 (0235A323)\nH3C RT-MSR3060-AC-OVS-H3 (0235A320)\nH3C RT-MSR3060-AC-POE-OVS-H3 (0235A296)\nH3C RT-MSR3060-DC-OVS-H3 (0235A269)\nH3C MSR 30-20 RTVZ33020AS Router Host(AC) (0235A20S)\nH3C MSR 30-20 (0235A19L)\nH3C MSR 30-20 POE (0235A239)\nH3C MSR 30-40 (0235A20J)\nH3C MSR 30-40 POE (0235A25R)\nH3C MSR 30-60 (0235A20K)\nH3C MSR 30-60 POE (0235A25S)\nH3C RT-MSR3040-AC-OVS-AS-H3 (0235A20V)\n\nMSR30-16\n MSR3016.SI_5.20.R2513P02\n JD659A HP MSR30-16 POE Multi-Service Router\nJD665A HP MSR30-16 Multi-Service Router\nJF233A HP MSR30-16 Router\nJF234A HP MSR30-16 PoE Router\n H3C RT-MSR3016-AC-OVS-H3 (0235A327)\nH3C RT-MSR3016-AC-POE-OVS-H3 (0235A321)\nH3C MSR 30-16 (0235A237)\nH3C MSR 30-16 POE (0235A238)\n\nMSR30-1X\n MSR301X.SI_5.20.R2513P09\n JF800A HP MSR30-11 Router\nJF816A HP MSR30-10 2 FE /2 SIC /1 MIM MS Rtr\nJG182A HP MSR30-11E Router\nJG183A HP MSR30-11F Router\nJG184A HP MSR30-10 DC Router\n H3C MSR 30-10 Router Host(AC) 2FE 2SIC 1XMIM 256DDR (0235A39H)\nH3C RT-MSR3011-AC-OVS-H3 (0235A29L)\n\nMSR50\n MSR50.SI_5.20.R2513P02\n JD433A HP MSR50-40 Router\nJD653A HP MSR50 Processor Module\nJD655A HP MSR50-40 Multi-Service Router\nJD656A HP MSR50-60 Multi-Service Router\nJF231A HP MSR50-60 Router\nJF285A HP MSR50-40 DC Router\nJF640A HP MSR50-60 Rtr Chassis w DC PwrSupply\n H3C MSR 50-40 Router (0235A297)\nH3C MSR5040-DC-OVS-H3C (0235A20P)\nH3C RT-MSR5060-AC-OVS-H3 (0235A298)\nH3C MSR 50-40 Chassis (0235A20N)\nH3C MSR 50-60 Chassis (0235A20L)\n\nMSR50-G2\n MSR50.EPUSI_5.20.R2513P02\n JD429A HP MSR50 G2 Processor Module\nJD429B HP MSR50 G2 Processor Module\n H3C H3C MSR 50 Processor Module-G2 (0231A84Q)\nH3C MSR 50 High Performance Main Processing Unit 3GE (Combo)\n256F/1GD(0231A0KL)\n\nMSR20 Russian version\n MSR20.SI_5.20.R2513L03.RU\n JD663B HP MSR20-21 Router\nJF228A HP MSR20-40 Router\nJF283A HP MSR20-20 Router\n H3C RT-MSR2020-AC-OVS-H3C (0235A324)\nH3C RT-MSR2040-AC-OVS-H3 (0235A326)\n\nMSR20-1X Russian version\n MSR201X_5.20.R2513L03.RU\n JD431A HP MSR20-10 Router\nJF236A HP MSR20-15-I Router\nJF237A HP MSR20-15-A Router\nJF238A HP MSR20-15-I-W Router\nJF239A HP MSR20-11 Router\nJF240A HP MSR20-13 Router\nJF241A HP MSR20-12 Router\nJF806A HP MSR20-12-T Router\nJF807A HP MSR20-12-W Router\nJF808A HP MSR20-13-W Router\nJF809A HP MSR20-15-A-W Router\nJF817A HP MSR20-15 Router\n H3C MSR 20-10 (0235A0A7)\nH3C RT-MSR2015-AC-OVS-I-H3 (0235A394)\nH3C RT-MSR2015-AC-OVS-A-H3 (0235A392)\nH3C RT-MSR2015-AC-OVS-AW-H3 (0235A393)\nH3C RT-MSR2011-AC-OVS-H3 (0235A395)\nH3C RT-MSR2013-AC-OVS-H3 (0235A390)\nH3C RT-MSR2012-AC-OVS-H3 (0235A396)\nH3C RT-MSR2012-T-AC-OVS-H3 (0235A398)\nH3C RT-MSR2012-AC-OVS-W-H3 (0235A397)\nH3C RT-MSR2013-AC-OVS-W-H3 (0235A391)\nH3C RT-MSR2015-AC-OVS-IW-H3 (0235A38V)\nH3C MSR 20-15 Router Host(AC) 1 FE 4 LSW 1 ADSLoPOTS 1 DSIC (0235A0A8)\n\nMSR30 Russian version\n MSR30.SI_5.20.R2513L03.RU\n JF229A HP MSR30-40 Router\nJF230A HP MSR30-60 Router\nJF235A HP MSR30-20 DC Router\nJF284A HP MSR30-20 Router\nJF287A HP MSR30-40 DC Router\nJF801A HP MSR30-60 DC Router\nJF802A HP MSR30-20 PoE Router\nJF803A HP MSR30-40 PoE Router\nJF804A HP MSR30-60 PoE Router\n H3C RT-MSR3040-AC-OVS-H (0235A299)\nH3C RT-MSR3060-AC-OVS-H3 (0235A320)\nH3C RT-MSR3020-DC-OVS-H3 (0235A267)\nH3C MSR 30-20 Router (0235A328)\nH3C MSR 30-40 Router Host(DC) (0235A268)\nH3C RT-MSR3060-DC-OVS-H3 (0235A269)\nH3C RT-MSR3020-AC-POE-OVS-H3 (0235A322)\nH3C RT-MSR3040-AC-POE-OVS-H3 (0235A323)\nH3C RT-MSR3060-AC-POE-OVS-H3 (0235A296)\n\nMSR30-16 Russian version\n MSR3016.SI_5.20.R2513L03.RU\n JF233A HP MSR30-16 Router\nJF234A HP MSR30-16 PoE Router\n H3C RT-MSR3016-AC-OVS-H3 (0235A327)\nH3C RT-MSR3016-AC-POE-OVS-H3 (0235A321)\n\nMSR30-1X Russian version\n MSR301X.SI_5.20.R2513L03.RU\n JF800A HP MSR30-11 Router\nJF816A HP MSR30-10 2 FE /2 SIC /1 MIM MS Rtr\nJG182A HP MSR30-11E Router\nJG183A HP MSR30-11F Router\nJG184A HP MSR30-10 DC Router\n H3C RT-MSR3011-AC-OVS-H3 (0235A29L)\nH3C MSR 30-10 Router Host(AC) 2FE 2SIC 1XMIM 256DDR (0235A39H)\n\nMSR50 Russian version\n MSR50.SI_5.20.R2513L03.RU\n JD433A HP MSR50-40 Router\nJD653A HP MSR50 Processor Module\nJD655A HP MSR50-40 Multi-Service Router\nJD656A HP MSR50-60 Multi-Service Router\nJF231A HP MSR50-60 Router\nJF285A HP MSR50-40 DC Router\nJF640A HP MSR50-60 Rtr Chassis w DC PwrSupply\n H3C MSR 50-40 Router (0235A297)\nH3C MSR 50 Processor Module (0231A791)\nH3C MSR 50-40 Chassis (0235A20N)\nH3C MSR 50-60 Chassis (0235A20L)\nH3C RT-MSR5060-AC-OVS-H3 (0235A298)\nH3C MSR5040-DC-OVS-H3C (0235A20P)\n\nMSR50 G2 Russian version\n MSR50.EPUSI_5.20.R2513L03.RU\n JD429B HP MSR50 G2 Processor Module\n H3C MSR 50 High Performance Main Processing Unit 3GE (Combo) 256F/1GD\n(0231A0KL)\n\nMSR9XX\n MSR9XX_5.20.R2513P02\n JF812A HP MSR900 Router\nJF813A HP MSR920 Router\nJF814A HP MSR900-W Router\nJF815A HP MSR920 2FEWAN/8FELAN/.11b/g Rtr\nJG207A HP MSR900-W Router (NA)\nJG208A HP MSR920-W Router (NA)\n H3C MSR 900 Router with 802.11b/g 2 FE WAN 4 FE LAN 256DDR 802.11b\n(0235A0C2)\nH3C MSR 900 Router 2 FE WAN 4 FE LAN 256DDR (0235A0BX)\nH3C MSR 920 Router with 802.11b/g 2 FE WAN 8 FE LAN 256DDR (0235A0C4)\nH3C MSR 920 Router 2 FE WAN 8 FE LAN 256DDR (0235A0C0)\n\nMSR93X\n MSR93X_5.20.R2513P02\n JG511A HP MSR930 Router\nJG512A HP MSR930 Wireless Router\nJG513A HP MSR930 3G Router\nJG514A HP MSR931 Router\nJG515A HP MSR931 3G Router\nJG516A HP MSR933 Router\nJG517A HP MSR933 3G Router\nJG518A HP MSR935 Router\nJG519A HP MSR935 Wireless Router\nJG520A HP MSR935 3G Router\nJG531A HP MSR931 Dual 3G Router\nJG596A HP MSR930 4G LTE/3G CDMA Router\nJG597A HP MSR936 Wireless Router\nJG665A HP MSR930 4G LTE/3G WCDMA Global Router\nJG704A HP MSR930 4G LTE/3G WCDMA ATT Router\n\nMSR1000\n MSR1000_5.20.R2513P02\n JG732A HP MSR1003-8 AC Router\n\nMSR1000 Russian version\n MSR1000_5.20.R2513L03-RU\n JG732A HP MSR1003-8 AC Router\n\nMSR2000\n MSR2000_7.10.R0106P02\n JG411A HP MSR2003 AC Router\n\nMSR3000\n MSR3000_7.10.R0106P02\n JG404A HP MSR3064 Router\nJG405A HP MSR3044 Router\nJG406A HP MSR3024 AC Router\nJG409A HP MSR3012 AC Router\nJG861A HP MSR3024 TAA-compliant AC Router\n\nMSR4000\n MSR4000_7.10.R0106P02\n JG402A HP MSR4080 Router Chassis\nJG403A HP MSR4060 Router Chassis\nJG412A HP MSR4000 MPU-100 Main Processing Unit\n\nF5000\n SECPATH5000FA_5.20.F3210P20\n JG216A HP F5000 Firewall Standalone Chassis\nJD259A HP A5000-A5 VPN Firewall Chassis\n H3C SecPath F5000-A5 Host System (0150A0AG)\n\nF5000 C\n F5000C_5.20.R3811\n JG650A HP F5000-C VPN Firewall Appliance\n\nF5000 S\n F5000S_5.20.R3811\n JG370A HP F5000-S VPN Firewall Appliance\n\nU200S and CS\n U200S_U200CS_5.20.F5123P27\n JD268A HP 200-CS UTM Appliance\nJD273A HP U200-S UTM Appliance\n H3C SecPath U200-S (0235A36N)\n\nU200A and M\n U200A_U200M_5.20.F5123P27\n JD274A HP 200-M UTM Appliance\nJD275A HP U200-A UTM Appliance\n H3C SecPath U200-A (0235A36Q)\n\nF1000A and S\n AF1000S.EI_3.40.R3734\n JD270A HP S1000-S VPN Firewall Appliance\nJD271A HP S1000-A VPN Firewall Appliance\nJG213A HP F1000-S-EI VPN Firewall Appliance\nJG214A HP F1000-A-EI VPN Firewall Appliance\n\nSecBlade III\n SECBLADEIII.FW_5.20.R3820\n JG371A HP 12500 20Gbps VPN Firewall Module\nJG372A HP 10500/11900/7500 20Gbps VPN FW Mod\n\nSecBlade FW\n SECBLADE2-FW_5.20.R3181\n JC635A HP 12500 VPN Firewall Module\nJD245A HP 9500 VPN Firewall Module\nJD249A HP 10500/7500 Advanced VPN Firewall Mod\nJD250A HP 6600 Firewall Processing Rtr Module\nJD251A HP 8800 Firewall Processing Module\nJD255A HP 5820 VPN Firewall Module\n H3C S9500E SecBlade VPN Firewall Module (0231A0AV)\nH3C S7500E SecBlade VPN Firewall Module (0231A832)\nH3C SR66 Gigabit Firewall Module (0231A88A)\nH3C SR88 Firewall Processing Module (0231A88L)\nH3C S5820 SecBlade VPN Firewall Module (0231A94J)\n\nF1000E\n SECPATH1000FE_5.20.R3181\n JD272A HP S1000-E VPN Firewall Appliance\n\nVSR1000\n VSR1000_7.10.R0203\n JG810AAE HP VSR1001 Virtual Services Router 60 Day Evaluation Software\nJG811AAE HP VSR1001 Comware 7 Virtual Services Router\nJG812AAE HP VSR1004 Comware 7 Virtual Services Router\nJG813AAE HP VSR1008 Comware 7 Virtual Services Router\n\nWX5002/5004\n WX5002-WX5004_5.20.R2507P26\n JD441A HP 5800 ACM for 64-256 APs\nJD447B HP WX5002 Access Controller\nJD448A HP A-WX5004 Access Controller\nJD448B HP WX5004 Access Controller\nJD469A HP A-WX5004 (3Com) Access Controller\nJG261A HP 5800 Access Controller OAA TAA Mod\n\nHP 850/870\n 850-870_5.20.R2607P26\n JG723A HP 870 Unified Wired-WLAN Appliance\nJG725A HP 870 Unifd Wrd-WLAN TAA Applnc\nJG722A HP 850 Unified Wired-WLAN Appliance\nJG724A HP 850 Unifd Wrd-WLAN TAA Applnc\n\nHP 830\n 830_5.20.R3507P26\n JG640A HP 830 24P PoE+ Unifd Wired-WLAN Swch\nJG641A HP 830 8P PoE+ Unifd Wired-WLAN Swch\nJG646A HP 830 24-Port PoE+ Wrd-WLAN TAA Switch\nJG647A HP 830 8-Port PoE+ Wrd-WLAN TAA Switch\n\nHP 6000\n 6000_5.20.R2507P27\n JG639A HP 10500/7500 20G Unified Wired-WLAN Mod\nJG645A HP 10500/7500 20G Unifd Wrd-WLAN TAA Mod\n\nM220\n Fix in progress\nuse mitigations\n J9798A HP M220 802.11n AM Access Point\nJ9799A HP M220 802.11n WW Access Point\n\nNGFW\n The Software Downloads and software release notes for your NGFW Appliance(s)\ncan be acquired with a valid support contract by accessing the Threat\nManagement Center (TMC). In your web browser\nopen https://tmc.tippingpoint.com. \n JC882A HP S1050F NGFW Aplnc w/DVLabs 1-yr Lic\nJC883A HP S3010F NGFW Aplnc w/DVLabs 1-yr Lic\nJC884A HP S3020F NGFW Aplnc w/DVLabs 1-yr Lic\nJC885A HP S8005F NGFW Aplnc w/DVLabs 1-yr Lic\nJC886A HP S8010F NGFW Aplnc w/DVLabs 1-yr Lic\n\niMC UAM 7.x\n5.x\n iMC UAM 7.0 (E0203P04)\n JD144A HP IMC UAM S/W Module w/200-User License\nJF388A HP IMC UAM S/W Module w/200-user License\nJD435A HP IMC EAD Client Software\nJF388AAE HP IMC UAM S/W Module w/200-user E-LTU\nJG752AAE HP IMC UAM SW Mod w/ 50-user E-LTU\n\niMC EAD 7.x\n5.x\n iMC EAD v7.1 (E0301)\n JF391AAE HP IMC EAD S/W Module w/200-user E-LTU\nJG754AAE HP IMC EAD SW Module w/ 50-user E-LTU\nJD147A HP IMC Endpoint Admission Defense Software Module with 200-user\nLicense\nJF391A HP IMC EAD S/W Module w/200-user License\n\nHISTORY\nVersion:1 (rev.1) - 20 June 2014 Initial release\nVersion:2 (rev.2) - 20 November 2014 Removed iMC Platform Products, 5900\nvirtual switch, and Router 8800 products. Further analysis revealed that\nthose products as not vulnerable. Added additional products. \n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2014 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v2.0.19 (GNU/Linux)\n\niEYEARECAAYFAlRuJqYACgkQ4B86/C0qfVkBZwCg+M/bssV0KI2Nfe2delq1N6KO\n2ZUAoKT/5gXpIsdJb4Jyh8GVclzk70rZ\n=9QSF\n-----END PGP SIGNATURE-----\n. OpenSSL Security Advisory [05 Jun 2014]\n========================================\n\nSSL/TLS MITM vulnerability (CVE-2014-0224)\n===========================================\n\nAn attacker using a carefully crafted handshake can force the use of weak\nkeying material in OpenSSL SSL/TLS clients and servers. This can be exploited\nby a Man-in-the-middle (MITM) attack where the attacker can decrypt and \nmodify traffic from the attacked client and server. \n\nThe attack can only be performed between a vulnerable client *and*\nserver. OpenSSL clients are vulnerable in all versions of OpenSSL. Users\nof OpenSSL servers earlier than 1.0.1 are advised to upgrade as a precaution. \n\nOpenSSL 0.9.8 SSL/TLS users (client and/or server) should upgrade to 0.9.8za. \nOpenSSL 1.0.0 SSL/TLS users (client and/or server) should upgrade to 1.0.0m. \nOpenSSL 1.0.1 SSL/TLS users (client and/or server) should upgrade to 1.0.1h. \n\nThanks to KIKUCHI Masashi (Lepidum Co. Ltd.) for discovering and\nresearching this issue. This issue was reported to OpenSSL on 1st May\n2014 via JPCERT/CC. \n\nThe fix was developed by Stephen Henson of the OpenSSL core team partly based\non an original patch from KIKUCHI Masashi. \n\nDTLS recursion flaw (CVE-2014-0221)\n====================================\n\nBy sending an invalid DTLS handshake to an OpenSSL DTLS client the code\ncan be made to recurse eventually crashing in a DoS attack. \n\nOnly applications using OpenSSL as a DTLS client are affected. \n\nOpenSSL 0.9.8 DTLS users should upgrade to 0.9.8za\nOpenSSL 1.0.0 DTLS users should upgrade to 1.0.0m. \nOpenSSL 1.0.1 DTLS users should upgrade to 1.0.1h. \n\nThanks to Imre Rad (Search-Lab Ltd.) for discovering this issue. This\nissue was reported to OpenSSL on 9th May 2014. \n\nThe fix was developed by Stephen Henson of the OpenSSL core team. \n\nDTLS invalid fragment vulnerability (CVE-2014-0195)\n====================================================\n\nA buffer overrun attack can be triggered by sending invalid DTLS fragments\nto an OpenSSL DTLS client or server. This is potentially exploitable to\nrun arbitrary code on a vulnerable client or server. \n\nOnly applications using OpenSSL as a DTLS client or server affected. \n\nOpenSSL 0.9.8 DTLS users should upgrade to 0.9.8za\nOpenSSL 1.0.0 DTLS users should upgrade to 1.0.0m. \nOpenSSL 1.0.1 DTLS users should upgrade to 1.0.1h. \n\nThanks to J\u00fcri Aedla for reporting this issue. This issue was\nreported to OpenSSL on 23rd April 2014 via HP ZDI. \n\nThe fix was developed by Stephen Henson of the OpenSSL core team. This flaw\nonly affects OpenSSL 1.0.0 and 1.0.1 where SSL_MODE_RELEASE_BUFFERS is\nenabled, which is not the default and not common. \n\nOpenSSL 1.0.0 users should upgrade to 1.0.0m. \nOpenSSL 1.0.1 users should upgrade to 1.0.1h. \n\nThis issue was reported in public. The fix was developed by\nMatt Caswell of the OpenSSL development team. \n\nSSL_MODE_RELEASE_BUFFERS session injection or denial of service (CVE-2010-5298)\n===============================================================================\n \nA race condition in the ssl3_read_bytes function can allow remote\nattackers to inject data across sessions or cause a denial of service. \nThis flaw only affects multithreaded applications using OpenSSL 1.0.0\nand 1.0.1, where SSL_MODE_RELEASE_BUFFERS is enabled, which is not the\ndefault and not common. \n\nOpenSSL 1.0.0 users should upgrade to 1.0.0m. \nOpenSSL 1.0.1 users should upgrade to 1.0.1h. \n\nThis issue was reported in public. \n\nAnonymous ECDH denial of service (CVE-2014-3470)\n================================================\n\nOpenSSL TLS clients enabling anonymous ECDH ciphersuites are subject to a\ndenial of service attack. \n\nOpenSSL 0.9.8 users should upgrade to 0.9.8za\nOpenSSL 1.0.0 users should upgrade to 1.0.0m. \nOpenSSL 1.0.1 users should upgrade to 1.0.1h. \n\nThanks to Felix Gr\u00f6bert and Ivan Fratri\u0107 at Google for discovering this\nissue. This issue was reported to OpenSSL on 28th May 2014. \n\nThe fix was developed by Stephen Henson of the OpenSSL core team. \n\nOther issues\n============\n\nOpenSSL 1.0.0m and OpenSSL 0.9.8za also contain a fix for\nCVE-2014-0076: Fix for the attack described in the paper \"Recovering\nOpenSSL ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack\"\nReported by Yuval Yarom and Naomi Benger. This issue was previously\nfixed in OpenSSL 1.0.1g. \n\n\nReferences\n==========\n\nURL for this Security Advisory:\nhttp://www.openssl.org/news/secadv_20140605.txt\n\nNote: the online version of the advisory may be updated with additional\ndetails over time. \n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section. Relevant releases/architectures:\n\nRed Hat Storage Server 2.1 - x86_64\n\n3. Description:\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library. (CVE-2014-0195)\n\nMultiple flaws were found in the way OpenSSL handled read and write buffers\nwhen the SSL_MODE_RELEASE_BUFFERS mode was enabled. A specially crafted DTLS handshake packet could cause\na DTLS client using OpenSSL to crash. A specially\ncrafted handshake packet could cause a TLS/SSL client that has the\nanonymous ECDH cipher suite enabled to crash. (CVE-2014-3470)\n\nRed Hat would like to thank the OpenSSL project for reporting these issues. \nUpstream acknowledges KIKUCHI Masashi of Lepidum as the original reporter\nof CVE-2014-0224, J\u00fcri Aedla as the original reporter of CVE-2014-0195,\nImre Rad of Search-Lab as the original reporter of CVE-2014-0221, and Felix\nGr\u00f6bert and Ivan Fratri\u0107 of Google as the original reporters of\nCVE-2014-3470. For the update to take\neffect, all services linked to the OpenSSL library (such as httpd and other\nSSL-enabled services) must be restarted or the system rebooted. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258\n\n5. Package List:\n\nRed Hat Storage Server 2.1:\n\nSource:\nopenssl-1.0.1e-16.el6_5.14.src.rpm\n\nx86_64:\nopenssl-1.0.1e-16.el6_5.14.x86_64.rpm\nopenssl-debuginfo-1.0.1e-16.el6_5.14.x86_64.rpm\nopenssl-devel-1.0.1e-16.el6_5.14.x86_64.rpm\nopenssl-perl-1.0.1e-16.el6_5.14.x86_64.rpm\nopenssl-static-1.0.1e-16.el6_5.14.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2014 Red Hat, Inc",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0198"
},
{
"db": "BID",
"id": "67193"
},
{
"db": "VULMON",
"id": "CVE-2014-0198"
},
{
"db": "PACKETSTORM",
"id": "126710"
},
{
"db": "PACKETSTORM",
"id": "127213"
},
{
"db": "PACKETSTORM",
"id": "126532"
},
{
"db": "PACKETSTORM",
"id": "127807"
},
{
"db": "PACKETSTORM",
"id": "127630"
},
{
"db": "PACKETSTORM",
"id": "140720"
},
{
"db": "PACKETSTORM",
"id": "127326"
},
{
"db": "PACKETSTORM",
"id": "127045"
},
{
"db": "PACKETSTORM",
"id": "129218"
},
{
"db": "PACKETSTORM",
"id": "126961"
},
{
"db": "PACKETSTORM",
"id": "127265"
},
{
"db": "PACKETSTORM",
"id": "126930"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-0198",
"trust": 3.2
},
{
"db": "JUNIPER",
"id": "JSA10629",
"trust": 2.0
},
{
"db": "BID",
"id": "67193",
"trust": 2.0
},
{
"db": "MCAFEE",
"id": "SB10075",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "59413",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "58337",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59284",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59990",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "60049",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "58939",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "60066",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59437",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59514",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59491",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "58667",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "58713",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "61254",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59301",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59655",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59449",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59669",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59374",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59264",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59438",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59310",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59450",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59306",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59529",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59287",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59784",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59398",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59202",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59190",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59162",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59666",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59490",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59440",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59721",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "58945",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59282",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59163",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "58977",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59300",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59126",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59342",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "58714",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "60571",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59525",
"trust": 1.7
},
{
"db": "SIEMENS",
"id": "SSA-234763",
"trust": 1.7
},
{
"db": "AUSCERT",
"id": "ESB-2022.0696",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.2148",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201405-057",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-14-198-03G",
"trust": 0.4
},
{
"db": "DLINK",
"id": "SAP10045",
"trust": 0.3
},
{
"db": "JUNIPER",
"id": "JSA10643",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-17-094-04",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-14-198-03F",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-14-198-03B",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-14-198-03C",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-14-198-03",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-14-198-03D",
"trust": 0.3
},
{
"db": "VULMON",
"id": "CVE-2014-0198",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126710",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127213",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126532",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127807",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127630",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "140720",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127326",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127045",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129218",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126961",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127265",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126930",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-0198"
},
{
"db": "BID",
"id": "67193"
},
{
"db": "PACKETSTORM",
"id": "126710"
},
{
"db": "PACKETSTORM",
"id": "127213"
},
{
"db": "PACKETSTORM",
"id": "126532"
},
{
"db": "PACKETSTORM",
"id": "127807"
},
{
"db": "PACKETSTORM",
"id": "127630"
},
{
"db": "PACKETSTORM",
"id": "140720"
},
{
"db": "PACKETSTORM",
"id": "127326"
},
{
"db": "PACKETSTORM",
"id": "127045"
},
{
"db": "PACKETSTORM",
"id": "129218"
},
{
"db": "PACKETSTORM",
"id": "126961"
},
{
"db": "PACKETSTORM",
"id": "127265"
},
{
"db": "PACKETSTORM",
"id": "126930"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-057"
},
{
"db": "NVD",
"id": "CVE-2014-0198"
}
]
},
"id": "VAR-201405-0244",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.416493127826087
},
"last_update_date": "2024-07-23T22:12:00.239000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "ssl-s3_pkt.c",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=49771"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2014/07/10/fireeye_patches_os_torpedo_exploitdb_disclosure/"
},
{
"title": "Debian Security Advisories: DSA-2931-1 openssl -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=828d990b615b0dfea284a3530e6fe590"
},
{
"title": "Ubuntu Security Notice: openssl vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-2192-1"
},
{
"title": "Debian CVElist Bug Report Logs: openssl: CVE-2014-0198 Null pointer dereference bug in OpenSSL 1.0.1g and earlier",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=94b6140bb563b66b3bcd98992e854bf3"
},
{
"title": "Siemens Security Advisories: Siemens Security Advisory",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=b92b65104373bc8476811ff1b99cd369"
},
{
"title": "Red Hat: CVE-2014-0198",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2014-0198"
},
{
"title": "Debian CVElist Bug Report Logs: openssl: CVE-2014-0224, CVE-2014-0221, CVE-2014-0195, CVE-2014-0198, CVE-2010-5298, CVE-2014-3470",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=07d14df4883f21063a053cea8d2239c6"
},
{
"title": "Amazon Linux AMI: ALAS-2014-349",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2014-349"
},
{
"title": "IBM: IBM Security Bulletin: Fabric OS firmware for Brocade 8Gb SAN Switch Module for BladeCenter is affected by vulnerabilities in OpenSSL and OpenSSH",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=b7f5b1e7edcafce07f28205855d4db49"
},
{
"title": "Symantec Security Advisories: SA80 : OpenSSL Security Advisory 05-Jun-2014",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=dd4667746d163d08265dfdd4c98e4201"
},
{
"title": "Debian CVElist Bug Report Logs: virtualbox: CVE-2014-6588 CVE-2014-6589 CVE-2014-6590 CVE-2014-6595 CVE-2015-0418 CVE-2015-0427",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=eee4d8c3e2b11de5b15ee65d96af6c60"
},
{
"title": "Citrix Security Bulletins: Citrix Security Advisory for OpenSSL Vulnerabilities (June 2014)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins\u0026qid=afbd3a710e98424e558b1b21482abad6"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - January 2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=4a692d6d60aa31507cb101702b494c51"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=523d3f220a64ff01dd95e064bd37566a"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-0198"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-057"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-476",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0198"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "http://www.openssl.org/news/secadv_20140605.txt"
},
{
"trust": 2.0,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20140605-openssl"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676035"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677695"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676655"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677828"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676062"
},
{
"trust": 2.0,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10075"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676419"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678167"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21673137"
},
{
"trust": 2.0,
"url": "http://www.fortiguard.com/advisory/fg-ir-14-018/"
},
{
"trust": 2.0,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095757"
},
{
"trust": 2.0,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095756"
},
{
"trust": 2.0,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095755"
},
{
"trust": 2.0,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095754"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683332"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677836"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676879"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676529"
},
{
"trust": 2.0,
"url": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15329.html"
},
{
"trust": 2.0,
"url": "http://support.citrix.com/article/ctx140876"
},
{
"trust": 2.0,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=kb29195"
},
{
"trust": 2.0,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10629"
},
{
"trust": 2.0,
"url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc"
},
{
"trust": 1.8,
"url": "http://security.gentoo.org/glsa/glsa-201407-05.xml"
},
{
"trust": 1.8,
"url": "http://advisories.mageia.org/mgasa-2014-0204.html"
},
{
"trust": 1.7,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1093837"
},
{
"trust": 1.7,
"url": "http://www.openbsd.org/errata55.html#005_openssl"
},
{
"trust": 1.7,
"url": "https://rt.openssl.org/ticket/display.html?user=guest\u0026pass=guest\u0026id=3321"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00036.html"
},
{
"trust": 1.7,
"url": "http://www.debian.org/security/2014/dsa-2931"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00037.html"
},
{
"trust": 1.7,
"url": "https://kb.bluecoat.com/index?page=content\u0026id=sa80"
},
{
"trust": 1.7,
"url": "http://www.blackberry.com/btsc/kb36051"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59438"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59301"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59450"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59491"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59721"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59655"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59162"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/58939"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59666"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59126"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59490"
},
{
"trust": 1.7,
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59514"
},
{
"trust": 1.7,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677527"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59669"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59413"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59300"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59342"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/60049"
},
{
"trust": 1.7,
"url": "http://puppetlabs.com/security/cve/cve-2014-0198"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/60066"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59990"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/60571"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59784"
},
{
"trust": 1.7,
"url": "http://www.vmware.com/security/advisories/vmsa-2014-0012.html"
},
{
"trust": 1.7,
"url": "http://seclists.org/fulldisclosure/2014/dec/23"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2015:062"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=140431828824371\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=141658880509699\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=140448122410568\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=140621259019789\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=140544599631400\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=140389274407904\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=140904544427729\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=140389355508263\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=140752315422991\u0026w=2"
},
{
"trust": 1.7,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05301946"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html"
},
{
"trust": 1.7,
"url": "https://www.novell.com/support/kb/doc.php?id=7015271"
},
{
"trust": 1.7,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676889"
},
{
"trust": 1.7,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1020163"
},
{
"trust": 1.7,
"url": "http://www.vmware.com/security/advisories/vmsa-2014-0006.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/67193"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2014:080"
},
{
"trust": 1.7,
"url": "http://www.ibm.com/support/docview.wss?uid=swg24037783"
},
{
"trust": 1.7,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21676356"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/61254"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59529"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59525"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59449"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59440"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59437"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59398"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59374"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59310"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59306"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59287"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59284"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59282"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59264"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59202"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59190"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59163"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/58977"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/58945"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/58714"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/58713"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/58667"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/58337"
},
{
"trust": 1.7,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-august/136473.html"
},
{
"trust": 1.7,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-august/136470.html"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
},
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-234763.pdf"
},
{
"trust": 1.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0198"
},
{
"trust": 1.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0224"
},
{
"trust": 1.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-5298"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0221"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3470"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0195"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
},
{
"trust": 0.6,
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10887855"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.2148/"
},
{
"trust": 0.5,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/"
},
{
"trust": 0.5,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
},
{
"trust": 0.5,
"url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0076"
},
{
"trust": 0.4,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-198-03g"
},
{
"trust": 0.4,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05301946"
},
{
"trust": 0.3,
"url": "https://blogs.oracle.com/sunsecurity/entry/cve_2014_0198_buffer_errors"
},
{
"trust": 0.3,
"url": "http://securityadvisories.dlink.com/security/publication.aspx?name=sap10045"
},
{
"trust": 0.3,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=kb29217"
},
{
"trust": 0.3,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10629\u0026cat=sirt_1\u0026actp=list\u0026showdraft=false"
},
{
"trust": 0.3,
"url": "http://www.cerberusftp.com/products/releasenotes.html"
},
{
"trust": 0.3,
"url": "http://blogs.citrix.com/2014/06/06/citrix-security-advisory-for-openssl-vulnerabilities-june-2014/"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2014/aug/att-93/esa-2014-079.txt"
},
{
"trust": 0.3,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10643\u0026cat=sirt_1\u0026actp=list"
},
{
"trust": 0.3,
"url": "http://anoncvs.estpak.ee/cgi-bin/cgit/openbsd-src/commit/lib/libssl?id=e76e308f1fab2253ab5b4ef52a1865c5ffecdf21"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2014/may/67"
},
{
"trust": 0.3,
"url": "http://ftp.openbsd.org/pub/openbsd/patches/5.5/common/005_openssl.patch.sig"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100181245"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21686583"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100181099"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100180978"
},
{
"trust": 0.3,
"url": "http://ics-cert.us-cert.gov/advisories/icsa-14-198-03"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-198-03d"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-094-04"
},
{
"trust": 0.3,
"url": "http://btsc.webapps.blackberry.com/btsc/viewdocument.do;jsessionid=98ec479ee69ccb916d2ea4b09943faf5?nocount=true\u0026externalid=kb36051\u0026sliceid=1\u0026cmd=\u0026forward=nonthreadedkc\u0026command=show\u0026kcid=kb36051\u0026viewe"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04355095"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04368264"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04347622"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04345210"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04349175"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04349789"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04349897"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04378799"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04379485"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21678356"
},
{
"trust": 0.3,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095940"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1004830"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21676889"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676041"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=nas8n1020200"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676356"
},
{
"trust": 0.3,
"url": "https://rhn.redhat.com/errata/rhsa-2014-0625.html"
},
{
"trust": 0.3,
"url": "http://forums.alienvault.com/discussion/3054/security-advisory-alienvault-v4-10-0-addresses-several-vulnerabilities"
},
{
"trust": 0.3,
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/archive/hw-345106.htm"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1021009"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=nas8n1020163"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678104"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682025"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21690128"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=ssg1s1004695"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-198-03b"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-198-03c"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-198-03f"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1020976"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1020952"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1007987"
},
{
"trust": 0.3,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10629\u0026cat=sirt_1\u0026actp=list"
},
{
"trust": 0.2,
"url": "http://www.hp.com/swpublishing/mtx-bd9a1cf60e344c549c4888db93"
},
{
"trust": 0.2,
"url": "http://www.hp.com/swpublishing/mtx-3395d737d98f42149125b9bb05"
},
{
"trust": 0.2,
"url": "http://www.hp.com/swpublishing/mtx-e8076c2a35804685ad65b2b1ba"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0198"
},
{
"trust": 0.2,
"url": "http://www.hp.com/swpublishing/mtx-c0d32bac154a4d93839d8cd1f2"
},
{
"trust": 0.2,
"url": "http://www.hp.com/swpublishing/mtx-8aefeaf490284a7691eca97d13"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/476.html"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/./dsa-2931"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/2192-1/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-0198"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=34106"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-511c3e0b2f6f4f6bbc796fc619"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-3a7aa5e233904ebe847a5e1555"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-d775367b0a28449ca05660778b"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/en/support/security/"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/en/support/security/advisories/"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_n"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-f6c141a7feeb4a358bbb28300f"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3470"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-5298"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0221"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0198"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0224"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0195"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://www.hpe.com/support/security_bulletin_archive"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3566"
},
{
"trust": 0.1,
"url": "https://www.hpe.com/info/report-security-vulnerability"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c01345499"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0705"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/support/subscriber_choice"
},
{
"trust": 0.1,
"url": "http://h17007.www1.hp.com/us/en/enterprise/servers/products/service_pack/hpsu"
},
{
"trust": 0.1,
"url": "https://twitter.com/vmwaresrc"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-5298"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security/advisories"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0224"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3470"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1055"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/2077359"
},
{
"trust": 0.1,
"url": "https://www.vmware.com/support/policies/lifecycle.html"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "https://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "https://www.vmware.com/patchmgr/download.portal"
},
{
"trust": 0.1,
"url": "https://tmc.tippingpoint.com."
},
{
"trust": 0.1,
"url": "http://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid="
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-8208c3987b1b4a5093f3e8fcc3"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0224.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/site/articles/11258"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0198.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/site/solutions/906703"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/site/articles/904433"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2010-5298.html"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2014-0628.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-3470.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0221.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0195.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/#package"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-0198"
},
{
"db": "BID",
"id": "67193"
},
{
"db": "PACKETSTORM",
"id": "126710"
},
{
"db": "PACKETSTORM",
"id": "127213"
},
{
"db": "PACKETSTORM",
"id": "126532"
},
{
"db": "PACKETSTORM",
"id": "127807"
},
{
"db": "PACKETSTORM",
"id": "127630"
},
{
"db": "PACKETSTORM",
"id": "140720"
},
{
"db": "PACKETSTORM",
"id": "127326"
},
{
"db": "PACKETSTORM",
"id": "127045"
},
{
"db": "PACKETSTORM",
"id": "129218"
},
{
"db": "PACKETSTORM",
"id": "126961"
},
{
"db": "PACKETSTORM",
"id": "127265"
},
{
"db": "PACKETSTORM",
"id": "126930"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-057"
},
{
"db": "NVD",
"id": "CVE-2014-0198"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2014-0198"
},
{
"db": "BID",
"id": "67193"
},
{
"db": "PACKETSTORM",
"id": "126710"
},
{
"db": "PACKETSTORM",
"id": "127213"
},
{
"db": "PACKETSTORM",
"id": "126532"
},
{
"db": "PACKETSTORM",
"id": "127807"
},
{
"db": "PACKETSTORM",
"id": "127630"
},
{
"db": "PACKETSTORM",
"id": "140720"
},
{
"db": "PACKETSTORM",
"id": "127326"
},
{
"db": "PACKETSTORM",
"id": "127045"
},
{
"db": "PACKETSTORM",
"id": "129218"
},
{
"db": "PACKETSTORM",
"id": "126961"
},
{
"db": "PACKETSTORM",
"id": "127265"
},
{
"db": "PACKETSTORM",
"id": "126930"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-057"
},
{
"db": "NVD",
"id": "CVE-2014-0198"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-05-06T00:00:00",
"db": "VULMON",
"id": "CVE-2014-0198"
},
{
"date": "2014-05-02T00:00:00",
"db": "BID",
"id": "67193"
},
{
"date": "2014-05-19T17:01:19",
"db": "PACKETSTORM",
"id": "126710"
},
{
"date": "2014-06-25T21:32:38",
"db": "PACKETSTORM",
"id": "127213"
},
{
"date": "2014-05-08T17:00:26",
"db": "PACKETSTORM",
"id": "126532"
},
{
"date": "2014-08-08T21:53:16",
"db": "PACKETSTORM",
"id": "127807"
},
{
"date": "2014-07-28T20:36:25",
"db": "PACKETSTORM",
"id": "127630"
},
{
"date": "2017-01-25T21:54:44",
"db": "PACKETSTORM",
"id": "140720"
},
{
"date": "2014-07-02T21:43:37",
"db": "PACKETSTORM",
"id": "127326"
},
{
"date": "2014-06-11T23:18:46",
"db": "PACKETSTORM",
"id": "127045"
},
{
"date": "2014-11-21T18:56:39",
"db": "PACKETSTORM",
"id": "129218"
},
{
"date": "2014-06-05T21:13:52",
"db": "PACKETSTORM",
"id": "126961"
},
{
"date": "2014-06-27T18:43:23",
"db": "PACKETSTORM",
"id": "127265"
},
{
"date": "2014-06-05T15:19:35",
"db": "PACKETSTORM",
"id": "126930"
},
{
"date": "2014-05-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201405-057"
},
{
"date": "2014-05-06T10:44:05.470000",
"db": "NVD",
"id": "CVE-2014-0198"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-08-29T00:00:00",
"db": "VULMON",
"id": "CVE-2014-0198"
},
{
"date": "2017-05-23T16:24:00",
"db": "BID",
"id": "67193"
},
{
"date": "2022-08-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201405-057"
},
{
"date": "2022-08-29T20:50:31.340000",
"db": "NVD",
"id": "CVE-2014-0198"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "127630"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-057"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL \u2018 do_ssl3_write \u2018Function buffer error vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201405-057"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201405-057"
}
],
"trust": 0.6
}
}
VAR-201609-0595
Vulnerability from variot - Updated: 2024-07-23 22:06The BN_bn2dec function in crypto/bn/bn_print.c in OpenSSL before 1.1.0 does not properly validate division results, which allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact via unknown vectors. ( Out-of-bounds writes and application crashes ) There are vulnerabilities that are subject to unspecified impact, such as being put into a state. Supplementary information : CWE Vulnerability type by CWE-787: Out-of-bounds Write ( Out-of-bounds writing ) Has been identified. http://cwe.mitre.org/data/definitions/787.htmlService disruption by a third party ( Out-of-bounds writes and application crashes ) There is a possibility of being affected unspecified, such as being in a state. OpenSSL is prone to denial-of-service vulnerability. An attacker may exploit this issue to crash the affected application, resulting in denial-of-service condition. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: openssl security update Advisory ID: RHSA-2016:1940-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-1940.html Issue date: 2016-09-27 CVE Names: CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-2180 CVE-2016-2181 CVE-2016-2182 CVE-2016-6302 CVE-2016-6304 CVE-2016-6306 =====================================================================
- Summary:
An update for openssl is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
- Description:
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library. A remote attacker could cause a TLS server using OpenSSL to consume an excessive amount of memory and, possibly, exit unexpectedly after exhausting all available memory, if it enabled OCSP stapling support. (CVE-2016-2178)
-
It was discovered that the Datagram TLS (DTLS) implementation could fail to release memory in certain cases. A malicious DTLS client could cause a DTLS server using OpenSSL to consume an excessive amount of memory and, possibly, exit unexpectedly after exhausting all available memory. A remote attacker could possibly use this flaw to make a DTLS server using OpenSSL to reject further packets sent from a DTLS client over an established DTLS connection. (CVE-2016-2181)
-
An out of bounds write flaw was discovered in the OpenSSL BN_bn2dec() function. (CVE-2016-2182)
-
A flaw was found in the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite. (CVE-2016-2183)
This update mitigates the CVE-2016-2183 issue by lowering priority of DES cipher suites so they are not preferred over cipher suites using AES. For compatibility reasons, DES cipher suites remain enabled by default and included in the set of cipher suites identified by the HIGH cipher string. Future updates may move them to MEDIUM or not enable them by default.
-
An integer underflow flaw leading to a buffer over-read was found in the way OpenSSL parsed TLS session tickets. (CVE-2016-6302)
-
Multiple integer overflow flaws were found in the way OpenSSL performed pointer arithmetic. A remote attacker could possibly use these flaws to cause a TLS/SSL server or client using OpenSSL to crash. (CVE-2016-2177)
-
An out of bounds read flaw was found in the way OpenSSL formatted Public Key Infrastructure Time-Stamp Protocol data for printing. A remote attacker could possibly use these flaws to crash a TLS/SSL server or client using OpenSSL. (CVE-2016-6306)
Red Hat would like to thank the OpenSSL project for reporting CVE-2016-6304 and CVE-2016-6306 and OpenVPN for reporting CVE-2016-2183.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.
- Bugs fixed (https://bugzilla.redhat.com/):
1341705 - CVE-2016-2177 openssl: Possible integer overflow vulnerabilities in codebase 1343400 - CVE-2016-2178 openssl: Non-constant time codepath followed for certain operations in DSA implementation 1359615 - CVE-2016-2180 OpenSSL: OOB read in TS_OBJ_print_bio() 1367340 - CVE-2016-2182 openssl: Out-of-bounds write caused by unchecked errors in BN_bn2dec() 1369113 - CVE-2016-2181 openssl: DTLS replay protection bypass allows DoS against DTLS connection 1369383 - CVE-2016-2183 SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32) 1369504 - CVE-2016-2179 openssl: DTLS memory exhaustion DoS when messages are not removed from fragment buffer 1369855 - CVE-2016-6302 openssl: Insufficient TLS session ticket HMAC length checks 1377594 - CVE-2016-6306 openssl: certificate message OOB reads 1377600 - CVE-2016-6304 openssl: OCSP Status Request extension unbounded memory growth
- Package List:
Red Hat Enterprise Linux Desktop (v. 6):
Source: openssl-1.0.1e-48.el6_8.3.src.rpm
i386: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm
x86_64: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
i386: openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm openssl-perl-1.0.1e-48.el6_8.3.i686.rpm openssl-static-1.0.1e-48.el6_8.3.i686.rpm
x86_64: openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm openssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-static-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source: openssl-1.0.1e-48.el6_8.3.src.rpm
x86_64: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
x86_64: openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm openssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-static-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source: openssl-1.0.1e-48.el6_8.3.src.rpm
i386: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm
ppc64: openssl-1.0.1e-48.el6_8.3.ppc.rpm openssl-1.0.1e-48.el6_8.3.ppc64.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.ppc.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.ppc64.rpm openssl-devel-1.0.1e-48.el6_8.3.ppc.rpm openssl-devel-1.0.1e-48.el6_8.3.ppc64.rpm
s390x: openssl-1.0.1e-48.el6_8.3.s390.rpm openssl-1.0.1e-48.el6_8.3.s390x.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.s390.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.s390x.rpm openssl-devel-1.0.1e-48.el6_8.3.s390.rpm openssl-devel-1.0.1e-48.el6_8.3.s390x.rpm
x86_64: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
i386: openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-perl-1.0.1e-48.el6_8.3.i686.rpm openssl-static-1.0.1e-48.el6_8.3.i686.rpm
ppc64: openssl-debuginfo-1.0.1e-48.el6_8.3.ppc64.rpm openssl-perl-1.0.1e-48.el6_8.3.ppc64.rpm openssl-static-1.0.1e-48.el6_8.3.ppc64.rpm
s390x: openssl-debuginfo-1.0.1e-48.el6_8.3.s390x.rpm openssl-perl-1.0.1e-48.el6_8.3.s390x.rpm openssl-static-1.0.1e-48.el6_8.3.s390x.rpm
x86_64: openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm openssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-static-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source: openssl-1.0.1e-48.el6_8.3.src.rpm
i386: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm
x86_64: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
i386: openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-perl-1.0.1e-48.el6_8.3.i686.rpm openssl-static-1.0.1e-48.el6_8.3.i686.rpm
x86_64: openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm openssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-static-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux Client (v. 7):
Source: openssl-1.0.1e-51.el7_2.7.src.rpm
x86_64: openssl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-libs-1.0.1e-51.el7_2.7.i686.rpm openssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64: openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-devel-1.0.1e-51.el7_2.7.i686.rpm openssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm openssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-static-1.0.1e-51.el7_2.7.i686.rpm openssl-static-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: openssl-1.0.1e-51.el7_2.7.src.rpm
x86_64: openssl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-libs-1.0.1e-51.el7_2.7.i686.rpm openssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
x86_64: openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-devel-1.0.1e-51.el7_2.7.i686.rpm openssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm openssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-static-1.0.1e-51.el7_2.7.i686.rpm openssl-static-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: openssl-1.0.1e-51.el7_2.7.src.rpm
ppc64: openssl-1.0.1e-51.el7_2.7.ppc64.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.ppc.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.ppc64.rpm openssl-devel-1.0.1e-51.el7_2.7.ppc.rpm openssl-devel-1.0.1e-51.el7_2.7.ppc64.rpm openssl-libs-1.0.1e-51.el7_2.7.ppc.rpm openssl-libs-1.0.1e-51.el7_2.7.ppc64.rpm
ppc64le: openssl-1.0.1e-51.el7_2.7.ppc64le.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.ppc64le.rpm openssl-devel-1.0.1e-51.el7_2.7.ppc64le.rpm openssl-libs-1.0.1e-51.el7_2.7.ppc64le.rpm
s390x: openssl-1.0.1e-51.el7_2.7.s390x.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.s390.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.s390x.rpm openssl-devel-1.0.1e-51.el7_2.7.s390.rpm openssl-devel-1.0.1e-51.el7_2.7.s390x.rpm openssl-libs-1.0.1e-51.el7_2.7.s390.rpm openssl-libs-1.0.1e-51.el7_2.7.s390x.rpm
x86_64: openssl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-devel-1.0.1e-51.el7_2.7.i686.rpm openssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm openssl-libs-1.0.1e-51.el7_2.7.i686.rpm openssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64: openssl-debuginfo-1.0.1e-51.el7_2.7.ppc.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.ppc64.rpm openssl-perl-1.0.1e-51.el7_2.7.ppc64.rpm openssl-static-1.0.1e-51.el7_2.7.ppc.rpm openssl-static-1.0.1e-51.el7_2.7.ppc64.rpm
ppc64le: openssl-debuginfo-1.0.1e-51.el7_2.7.ppc64le.rpm openssl-perl-1.0.1e-51.el7_2.7.ppc64le.rpm openssl-static-1.0.1e-51.el7_2.7.ppc64le.rpm
s390x: openssl-debuginfo-1.0.1e-51.el7_2.7.s390.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.s390x.rpm openssl-perl-1.0.1e-51.el7_2.7.s390x.rpm openssl-static-1.0.1e-51.el7_2.7.s390.rpm openssl-static-1.0.1e-51.el7_2.7.s390x.rpm
x86_64: openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-static-1.0.1e-51.el7_2.7.i686.rpm openssl-static-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: openssl-1.0.1e-51.el7_2.7.src.rpm
x86_64: openssl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-devel-1.0.1e-51.el7_2.7.i686.rpm openssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm openssl-libs-1.0.1e-51.el7_2.7.i686.rpm openssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64: openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-static-1.0.1e-51.el7_2.7.i686.rpm openssl-static-1.0.1e-51.el7_2.7.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2016-2177 https://access.redhat.com/security/cve/CVE-2016-2178 https://access.redhat.com/security/cve/CVE-2016-2179 https://access.redhat.com/security/cve/CVE-2016-2180 https://access.redhat.com/security/cve/CVE-2016-2181 https://access.redhat.com/security/cve/CVE-2016-2182 https://access.redhat.com/security/cve/CVE-2016-6302 https://access.redhat.com/security/cve/CVE-2016-6304 https://access.redhat.com/security/cve/CVE-2016-6306 https://access.redhat.com/security/updates/classification/#important https://www.openssl.org/news/secadv/20160922.txt
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFX6nnFXlSAg2UNWIIRAqklAJ9uGMit/wxZ0CfuGjR7Vi2+AjmGMwCfTpEI xpTW7ApBLmKhVjs49DGYouI= =4VgY -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Solution:
The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).
After installing the updated packages, the httpd daemon will be restarted automatically. Additional information can be found at https://www.openssl.org/blog/blog/2016/06/27/undefined-pointer-arithmetic/
CVE-2016-2178
Cesar Pereida, Billy Brumley and Yuval Yarom discovered a timing
leak in the DSA code.
CVE-2016-2179 / CVE-2016-2181
Quan Luo and the OCAP audit team discovered denial of service
vulnerabilities in DTLS.
For the stable distribution (jessie), these problems have been fixed in version 1.0.1t-1+deb8u4.
For the unstable distribution (sid), these problems will be fixed soon. ========================================================================== Ubuntu Security Notice USN-3087-2 September 23, 2016
openssl regression
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary:
USN-3087-1 introduced a regression in OpenSSL. The fix for CVE-2016-2182 was incomplete and caused a regression when parsing certificates. This update fixes the problem.
We apologize for the inconvenience. This issue has only been addressed in Ubuntu 16.04 LTS in this update. (CVE-2016-2178) Quan Luo discovered that OpenSSL did not properly restrict the lifetime of queue entries in the DTLS implementation. (CVE-2016-2181) Shi Lei discovered that OpenSSL incorrectly validated division results. (CVE-2016-2182) Karthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES ciphers were vulnerable to birthday attacks. (CVE-2016-2183) Shi Lei discovered that OpenSSL incorrectly handled certain ticket lengths. (CVE-2016-6303) Shi Lei discovered that OpenSSL incorrectly performed certain message length checks. (CVE-2016-6306)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 16.04 LTS: libssl1.0.0 1.0.2g-1ubuntu4.5
Ubuntu 14.04 LTS: libssl1.0.0 1.0.1f-1ubuntu2.21
Ubuntu 12.04 LTS: libssl1.0.0 1.0.1-4ubuntu5.38
After a standard system update you need to reboot your computer to make all the necessary changes. Description:
This release adds the new Apache HTTP Server 2.4.29 packages that are part of the JBoss Core Services offering.
This release serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.23, and includes bug fixes and enhancements. Refer to the Release Notes for information on the most significant bug fixes, enhancements and component upgrades included in this release. Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied. JIRA issues fixed (https://issues.jboss.org/):
JBCS-373 - Errata for httpd 2.4.29 GA RHEL 7
-
OpenSSL Security Advisory [22 Sep 2016]
OCSP Status Request extension unbounded memory growth (CVE-2016-6304)
Severity: High
A malicious client can send an excessively large OCSP Status Request extension. If that client continually requests renegotiation, sending a large OCSP Status Request extension each time, then there will be unbounded memory growth on the server. This will eventually lead to a Denial Of Service attack through memory exhaustion. Servers with a default configuration are vulnerable even if they do not support OCSP. Builds using the "no-ocsp" build time option are not affected.
Servers using OpenSSL versions prior to 1.0.1g are not vulnerable in a default configuration, instead only if an application explicitly enables OCSP stapling support.
OpenSSL 1.1.0 users should upgrade to 1.1.0a OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 29th August 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL development team.
SSL_peek() hang on empty record (CVE-2016-6305)
Severity: Moderate
OpenSSL 1.1.0 SSL/TLS will hang during a call to SSL_peek() if the peer sends an empty record. This could be exploited by a malicious peer in a Denial Of Service attack.
OpenSSL 1.1.0 users should upgrade to 1.1.0a
This issue was reported to OpenSSL on 10th September 2016 by Alex Gaynor. The fix was developed by Matt Caswell of the OpenSSL development team.
SWEET32 Mitigation (CVE-2016-2183)
Severity: Low
SWEET32 (https://sweet32.info) is an attack on older block cipher algorithms that use a block size of 64 bits. In mitigation for the SWEET32 attack DES based ciphersuites have been moved from the HIGH cipherstring group to MEDIUM in OpenSSL 1.0.1 and OpenSSL 1.0.2. OpenSSL 1.1.0 since release has had these ciphersuites disabled by default.
OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 16th August 2016 by Karthikeyan Bhargavan and Gaetan Leurent (INRIA). The fix was developed by Rich Salz of the OpenSSL development team.
OOB write in MDC2_Update() (CVE-2016-6303)
Severity: Low
An overflow can occur in MDC2_Update() either if called directly or through the EVP_DigestUpdate() function using MDC2. If an attacker is able to supply very large amounts of input data after a previous call to EVP_EncryptUpdate() with a partial block then a length check can overflow resulting in a heap corruption.
The amount of data needed is comparable to SIZE_MAX which is impractical on most platforms.
OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 11th August 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL development team.
Malformed SHA512 ticket DoS (CVE-2016-6302)
Severity: Low
If a server uses SHA512 for TLS session ticket HMAC it is vulnerable to a DoS attack where a malformed ticket will result in an OOB read which will ultimately crash.
The use of SHA512 in TLS session tickets is comparatively rare as it requires a custom server callback and ticket lookup mechanism.
OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 19th August 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL development team.
OOB write in BN_bn2dec() (CVE-2016-2182)
Severity: Low
The function BN_bn2dec() does not check the return value of BN_div_word(). This can cause an OOB write if an application uses this function with an overly large BIGNUM. This could be a problem if an overly large certificate or CRL is printed out from an untrusted source. TLS is not affected because record limits will reject an oversized certificate before it is parsed.
OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 2nd August 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL development team.
OOB read in TS_OBJ_print_bio() (CVE-2016-2180)
Severity: Low
The function TS_OBJ_print_bio() misuses OBJ_obj2txt(): the return value is the total length the OID text representation would use and not the amount of data written. This will result in OOB reads when large OIDs are presented.
OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 21st July 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL development team.
Pointer arithmetic undefined behaviour (CVE-2016-2177)
Severity: Low
Avoid some undefined pointer arithmetic
A common idiom in the codebase is to check limits in the following manner: "p + len > limit"
Where "p" points to some malloc'd data of SIZE bytes and limit == p + SIZE
"len" here could be from some externally supplied data (e.g. from a TLS message).
The rules of C pointer arithmetic are such that "p + len" is only well defined where len <= SIZE. Therefore the above idiom is actually undefined behaviour.
For example this could cause problems if some malloc implementation provides an address for "p" such that "p + len" actually overflows for values of len that are too big and therefore p + len < limit.
OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 4th May 2016 by Guido Vranken. The fix was developed by Matt Caswell of the OpenSSL development team.
Constant time flag not preserved in DSA signing (CVE-2016-2178)
Severity: Low
Operations in the DSA signing algorithm should run in constant time in order to avoid side channel attacks. A flaw in the OpenSSL DSA implementation means that a non-constant time codepath is followed for certain operations. This has been demonstrated through a cache-timing attack to be sufficient for an attacker to recover the private DSA key.
OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 23rd May 2016 by César Pereida (Aalto University), Billy Brumley (Tampere University of Technology), and Yuval Yarom (The University of Adelaide and NICTA). The fix was developed by César Pereida.
DTLS buffered message DoS (CVE-2016-2179)
Severity: Low
In a DTLS connection where handshake messages are delivered out-of-order those messages that OpenSSL is not yet ready to process will be buffered for later use. Under certain circumstances, a flaw in the logic means that those messages do not get removed from the buffer even though the handshake has been completed. An attacker could force up to approx. 15 messages to remain in the buffer when they are no longer required. These messages will be cleared when the DTLS connection is closed. The default maximum size for a message is 100k. Therefore the attacker could force an additional 1500k to be consumed per connection. By opening many simulataneous connections an attacker could cause a DoS attack through memory exhaustion.
OpenSSL 1.0.2 DTLS users should upgrade to 1.0.2i OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 22nd June 2016 by Quan Luo. The fix was developed by Matt Caswell of the OpenSSL development team.
DTLS replay protection DoS (CVE-2016-2181)
Severity: Low
A flaw in the DTLS replay attack protection mechanism means that records that arrive for future epochs update the replay protection "window" before the MAC for the record has been validated. This could be exploited by an attacker by sending a record for the next epoch (which does not have to decrypt or have a valid MAC), with a very large sequence number. This means that all subsequent legitimate packets are dropped causing a denial of service for a specific DTLS connection.
OpenSSL 1.0.2 DTLS users should upgrade to 1.0.2i OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 21st November 2015 by the OCAP audit team. The fix was developed by Matt Caswell of the OpenSSL development team.
Certificate message OOB reads (CVE-2016-6306)
Severity: Low
In OpenSSL 1.0.2 and earlier some missing message length checks can result in OOB reads of up to 2 bytes beyond an allocated buffer. There is a theoretical DoS risk but this has not been observed in practice on common platforms.
The messages affected are client certificate, client certificate request and server certificate. As a result the attack can only be performed against a client or a server which enables client authentication.
OpenSSL 1.1.0 is not affected.
OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 22nd August 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL development team.
Excessive allocation of memory in tls_get_message_header() (CVE-2016-6307)
Severity: Low
A TLS message includes 3 bytes for its length in the header for the message. This would allow for messages up to 16Mb in length. Messages of this length are excessive and OpenSSL includes a check to ensure that a peer is sending reasonably sized messages in order to avoid too much memory being consumed to service a connection. A flaw in the logic of version 1.1.0 means that memory for the message is allocated too early, prior to the excessive message length check. Due to way memory is allocated in OpenSSL this could mean an attacker could force up to 21Mb to be allocated to service a connection. This could lead to a Denial of Service through memory exhaustion. However, the excessive message length check still takes place, and this would cause the connection to immediately fail. Assuming that the application calls SSL_free() on the failed conneciton in a timely manner then the 21Mb of allocated memory will then be immediately freed again. Therefore the excessive memory allocation will be transitory in nature. This then means that there is only a security impact if:
1) The application does not call SSL_free() in a timely manner in the event that the connection fails or 2) The application is working in a constrained environment where there is very little free memory or 3) The attacker initiates multiple connection attempts such that there are multiple connections in a state where memory has been allocated for the connection; SSL_free() has not yet been called; and there is insufficient memory to service the multiple requests.
Except in the instance of (1) above any Denial Of Service is likely to be transitory because as soon as the connection fails the memory is subsequently freed again in the SSL_free() call. However there is an increased risk during this period of application crashes due to the lack of memory - which would then mean a more serious Denial of Service.
This issue does not affect DTLS users.
OpenSSL 1.1.0 TLS users should upgrade to 1.1.0a
This issue was reported to OpenSSL on 18th September 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL development team.
Excessive allocation of memory in dtls1_preprocess_fragment() (CVE-2016-6308)
Severity: Low
This issue is very similar to CVE-2016-6307. The underlying defect is different but the security analysis and impacts are the same except that it impacts DTLS.
A DTLS message includes 3 bytes for its length in the header for the message. This would allow for messages up to 16Mb in length. Messages of this length are excessive and OpenSSL includes a check to ensure that a peer is sending reasonably sized messages in order to avoid too much memory being consumed to service a connection. A flaw in the logic of version 1.1.0 means that memory for the message is allocated too early, prior to the excessive message length check. Due to way memory is allocated in OpenSSL this could mean an attacker could force up to 21Mb to be allocated to service a connection. This could lead to a Denial of Service through memory exhaustion. However, the excessive message length check still takes place, and this would cause the connection to immediately fail. Assuming that the application calls SSL_free() on the failed conneciton in a timely manner then the 21Mb of allocated memory will then be immediately freed again. Therefore the excessive memory allocation will be transitory in nature. This then means that there is only a security impact if:
1) The application does not call SSL_free() in a timely manner in the event that the connection fails or 2) The application is working in a constrained environment where there is very little free memory or 3) The attacker initiates multiple connection attempts such that there are multiple connections in a state where memory has been allocated for the connection; SSL_free() has not yet been called; and there is insufficient memory to service the multiple requests.
Except in the instance of (1) above any Denial Of Service is likely to be transitory because as soon as the connection fails the memory is subsequently freed again in the SSL_free() call. However there is an increased risk during this period of application crashes due to the lack of memory - which would then mean a more serious Denial of Service.
This issue does not affect TLS users.
OpenSSL 1.1.0 DTLS users should upgrade to 1.1.0a
This issue was reported to OpenSSL on 18th September 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL development team.
Note
As per our previous announcements and our Release Strategy (https://www.openssl.org/policies/releasestrat.html), support for OpenSSL version 1.0.1 will cease on 31st December 2016. No security updates for that version will be provided after that date. Users of 1.0.1 are advised to upgrade.
Support for versions 0.9.8 and 1.0.0 ended on 31st December 2015. Those versions are no longer receiving security updates.
References
URL for this Security Advisory: https://www.openssl.org/news/secadv/20160922.txt
Note: the online version of the advisory may be updated with additional details over time.
For details of OpenSSL severity classifications please see: https://www.openssl.org/policies/secpolicy.html
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201609-0595",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "linux",
"scope": "eq",
"trust": 1.8,
"vendor": "oracle",
"version": "5"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.8,
"vendor": "oracle",
"version": "6"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.8,
"vendor": "oracle",
"version": "7"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1q"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1o"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2a"
},
{
"model": "icewall sso agent option",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "10.0"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1e"
},
{
"model": "icewall mcrp",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "3.0"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1m"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1s"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1l"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1t"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1r"
},
{
"model": "icewall sso",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "10.0"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1p"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1n"
},
{
"model": "icewall federation agent",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "3.0"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1f"
},
{
"model": "openssl",
"scope": "lt",
"trust": 0.8,
"vendor": "openssl",
"version": "1.1.0"
},
{
"model": "icewall federation agent",
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": "icewall mcrp",
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": "icewall sso",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "certd"
},
{
"model": "icewall sso",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "dfw"
},
{
"model": "icewall sso agent option",
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": "capssuite",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v3.0 to v4.0"
},
{
"model": "enterpriseidentitymanager",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "esmpro/serveragentservice",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "(linux edition )"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "sg3600 all series"
},
{
"model": "ix1000 series",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "ix2000 series",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "ix3000 series",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "secureware/pki application development kit",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "ver3.2"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "enterprise v8.2 to v9.4"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "express v8.2 to v9.4"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "foundation v8.2 to v8.5"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "standard v8.2 to v9.4"
},
{
"model": "webotx enterprise service bus",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v8.2 to v8.5"
},
{
"model": "webotx portal",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v8.2 to v9.1"
},
{
"model": "cosminexus http server",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "application server",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "application server for developers",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "web server",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "none"
},
{
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "(64)"
},
{
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "-r"
},
{
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "express"
},
{
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "standard-r"
},
{
"model": "ucosminexus application server enterprise",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server smart edition",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server standard",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "none"
},
{
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "01"
},
{
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "professional"
},
{
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "professional for plug-in"
},
{
"model": "ucosminexus developer light",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus developer standard",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus primary server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "base"
},
{
"model": "ucosminexus primary server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "base(64)"
},
{
"model": "ucosminexus service architect",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus service platform",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "none"
},
{
"model": "ucosminexus service platform",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "(64)"
},
{
"model": "ucosminexus service platform",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "- messaging"
},
{
"model": "paging server",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.26"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.22"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.16"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.14"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.13"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.12"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.11"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.10"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.9"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.8"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.18"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0"
},
{
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.3"
},
{
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.2"
},
{
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.71"
},
{
"model": "oss support tools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.9.15.9.8"
},
{
"model": "oss support tools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.8.15.7.15"
},
{
"model": "mysql workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.3.8"
},
{
"model": "mysql workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.1.5"
},
{
"model": "mysql workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.1.4"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.15"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.14"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.13"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.12"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.9"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.8"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.7"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.6"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.5"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.4"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.3"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.2"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.33"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.32"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.31"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.30"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.28"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.27"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.26"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.25"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.24"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.23"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.22"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.21"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.17"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.12"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.11"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.10"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.9"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.6"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.11"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.10"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.8"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.7"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.5"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.4"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.29"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.20"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.2"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.19"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.18"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.16"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.15"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.14"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.13"
},
{
"model": "enterprise manager ops center",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.3.2"
},
{
"model": "enterprise manager ops center",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.2.2"
},
{
"model": "enterprise manager ops center",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1.4"
},
{
"model": "enterprise manager base platform",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1"
},
{
"model": "enterprise manager base platform",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "13.2.0.0"
},
{
"model": "enterprise manager base platform",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "13.1.0.0"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.5.2"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.5.1"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.5"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.3"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2.2"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.4.1.2"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.5.2"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.5.1"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.5"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.3"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2.2"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.4.1.2"
},
{
"model": "business intelligence enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.2.1.3.0"
},
{
"model": "business intelligence enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.2.1.2.0"
},
{
"model": "business intelligence enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1.1.9.0"
},
{
"model": "business intelligence enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1.1.7.0"
},
{
"model": "api gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1.2.4.0"
},
{
"model": "access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.4.3.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.405"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.404"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.403"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.402"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.401"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.400"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.4"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.3"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.2"
},
{
"model": "email gateway 7.6.405h1165239",
"scope": null,
"trust": 0.3,
"vendor": "mcafee",
"version": null
},
{
"model": "email gateway 7.6.405h1157986",
"scope": null,
"trust": 0.3,
"vendor": "mcafee",
"version": null
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.3.2"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.3.1"
},
{
"model": "email gateway 7.6.2h968406",
"scope": null,
"trust": 0.3,
"vendor": "mcafee",
"version": null
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.1"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6"
},
{
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.2"
},
{
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.1"
},
{
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.0"
},
{
"model": "worklight consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.2"
},
{
"model": "worklight consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.1"
},
{
"model": "worklight consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.0"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"model": "tivoli provisioning manager for os deployment build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.151.05"
},
{
"model": "tivoli provisioning manager for os deployment intirim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.133"
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.3"
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.116"
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "tivoli provisioning manager for os deployment build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.20280.6"
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.19"
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"model": "tivoli provisioning manager for os deployment 5.1.fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"model": "tivoli provisioning manager for os deployment build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1051.07"
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.0.2"
},
{
"model": "tivoli provisioning manager for images system edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x7.1.1.0"
},
{
"model": "tivoli provisioning manager for images build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.20280.6"
},
{
"model": "tivoli provisioning manager for images",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.19"
},
{
"model": "tivoli provisioning manager for images",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.0"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.9"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.13"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.12"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.11"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.6"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"model": "smartcloud entry appliance fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.4"
},
{
"model": "smartcloud entry appliance fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.4"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"model": "smartcloud entry appliance fi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.0.4"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.0"
},
{
"model": "smartcloud entry appliance fi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.0.4"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.0"
},
{
"model": "smartcloud entry appliance fi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.4"
},
{
"model": "security virtual server protection for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1"
},
{
"model": "security virtual server protection for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.1"
},
{
"model": "security virtual server protection for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.3"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2.4"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2.3"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2.2"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2.1"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.9"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.8"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.6"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.5"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.4"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.3"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.2"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.10"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.1"
},
{
"model": "security guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0.1"
},
{
"model": "security guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.2"
},
{
"model": "security guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "security guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.6"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.5"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.4"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.3"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.1"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.13"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.12"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.11"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.7"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.6"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.5"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.4"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"model": "powerkvm",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"model": "powerkvm",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.0"
},
{
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.0"
},
{
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.0"
},
{
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.0.0"
},
{
"model": "lotus protector for mail security",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.8.3.0"
},
{
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3"
},
{
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "general parallel file system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.0"
},
{
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.20"
},
{
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.4.0"
},
{
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.3.0"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.11"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"model": "pixel xl",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0"
},
{
"model": "pixel c",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0"
},
{
"model": "pixel",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0"
},
{
"model": "nexus player",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0"
},
{
"model": "nexus",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "9"
},
{
"model": "nexus",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7(2013)"
},
{
"model": "nexus 6p",
"scope": null,
"trust": 0.3,
"vendor": "google",
"version": null
},
{
"model": "nexus",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6"
},
{
"model": "nexus",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5x"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.1.1"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.1"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.1.1"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.2"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.4.4"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex node for mcs",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings server multimedia platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "webex meetings for windows phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "80"
},
{
"model": "webex meetings for blackberry",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings client on-premises",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "webex meetings client hosted",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "webex meeting center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex business suite",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "visual quality experience tools server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "visual quality experience server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "virtualization experience media edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "virtual security gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "videoscape control suite",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "videoscape anyres live",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance ptz ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance media server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"model": "video surveillance 4300e and 4500e high-definition ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance series high-definition ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40000"
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "video distribution suite for internet streaming",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "universal small cell iuh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "universal small cell cloudbase factory recovery root filesystem",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.99.4"
},
{
"model": "universal small cell cloudbase factory recovery root filesystem",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "universal small cell series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70003.4.2.0"
},
{
"model": "universal small cell series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50003.4.2.0"
},
{
"model": "universal small cell series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50000"
},
{
"model": "unity express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unity connection",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified workforce optimization quality management solution",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "unified workforce optimization",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified sip proxy software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified meetingplace",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "99710"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "99510"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89610"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89450"
},
{
"model": "unified ip conference phone for third-party call control",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"model": "unified ip conference phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"model": "unified ip series phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "79000"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "69450"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "69010"
},
{
"model": "unified intelligent contact management enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified intelligence center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified communications manager session management edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified communications manager im \u0026 presence service (formerly c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified communications domain manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified attendant console premium edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified attendant console enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified attendant console department edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified attendant console business edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified attendant console advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ucs standalone c-series rack server integrated management cont",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "ucs manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ucs director",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ucs central software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ucs b-series blade servers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ucs series and series fabric interconnects",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "620063000"
},
{
"model": "uc integration for microsoft lync",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence video communication server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence tx9000 series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence system tx1310",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence system ex series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500-370"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500-320"
},
{
"model": "telepresence system series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "13000"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11000"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10000"
},
{
"model": "telepresence sx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence supervisor mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "80500"
},
{
"model": "telepresence server on virtual machine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8200"
},
{
"model": "telepresence server on multiparty media and",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3103200"
},
{
"model": "telepresence server and mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "701087100"
},
{
"model": "telepresence serial gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence profile series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence mx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence isdn link",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence isdn gateway mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83210"
},
{
"model": "telepresence isdn gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32410"
},
{
"model": "telepresence integrator c series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence content server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence conductor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tapi service provider",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tandberg codian mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83200"
},
{
"model": "tandberg codian isdn gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "stealthwatch udp director",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "stealthwatch management console",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "stealthwatch identity",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "stealthwatch flowcollector sflow",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "stealthwatch flowcollector netflow",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "spa525g 5-line ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "spa232d multi-line dect analog telephone adapter",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "spa122 analog telephone adapter with router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "spa112 2-port phone adapter",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "socialminer",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smart net total care local collector appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "smart care",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "small business series managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3000"
},
{
"model": "show and share",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "services provisioning platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "secure access control system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "registered envelope service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "proactive network operations center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime performance manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime optical for service providers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime network services controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime network",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime license manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime ip express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime infrastructure plug and play standalone gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime data center network manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "prime collaboration provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime collaboration deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime collaboration assurance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime access registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "partner support service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "packaged contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ons series multiservice provisioning platforms",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "onepk all-in-one virtual machine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus series switches standalone nx-os mode",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9000-0"
},
{
"model": "nexus series fabric switches aci mode",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9000-0"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50000"
},
{
"model": "nexus series blade switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40000"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1000v0"
},
{
"model": "network performance analysis",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "network analysis module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "netflow generation appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nac guest server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nac appliance clean access server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "nac appliance clean access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "mxe series media experience engines",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "35000"
},
{
"model": "multicast manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "media services interface",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mds series multilayer switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"model": "management appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jabber software development kit",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jabber guest",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jabber for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jabber for mac",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jabber for iphone and ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jabber for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jabber client framework components",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ip interoperability and collaboration system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ip series phones vpn feature",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8800-0"
},
{
"model": "ip series phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "78000"
},
{
"model": "intrusion prevention system solutions",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "intracer",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "hosted collaboration mediation fulfillment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "firesight system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "expressway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "enterprise content delivery system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "edge digital media player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3400"
},
{
"model": "edge digital media player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3000"
},
{
"model": "dx series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "content security management appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "content security appliance update servers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "connected grid routers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "computer telephony integration object server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "common services platform collector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cloupia unified infrastructure controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cloud web security",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cloud object storage",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "clean access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ata series analog terminal adaptors",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1900"
},
{
"model": "ata analog telephone adaptor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1870"
},
{
"model": "asr series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50000"
},
{
"model": "asa next-generation firewall services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "application policy infrastructure controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "application and content networking system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "anyconnect secure mobility client for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "anyconnect secure mobility client for mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x0"
},
{
"model": "anyconnect secure mobility client for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "anyconnect secure mobility client for ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "anyconnect secure mobility client for desktop platforms",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "anyconnect secure mobility client for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "27000"
},
{
"model": "agent for openflow",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "agent desktop for cisco unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "adaptive security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ace30 application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ace application control engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "47100"
},
{
"model": "industrial router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9100"
},
{
"model": "series stackable managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"model": "series digital media players",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44000"
},
{
"model": "series digital media players",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "43000"
},
{
"model": "series smart plus switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2200"
},
{
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "7"
},
{
"model": "vm virtualbox",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "5.1.8"
},
{
"model": "vm virtualbox",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.28"
},
{
"model": "oss support tools",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "8.15.17.3.14"
},
{
"model": "email gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.406-3402.103"
},
{
"model": "tivoli provisioning manager for os deployment build",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1051.08"
},
{
"model": "tivoli provisioning manager for os deployment build",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.20290.1"
},
{
"model": "tivoli provisioning manager for images build",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.20290.1"
},
{
"model": "sterling connect:express for unix ifix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.13150-13"
},
{
"model": "security network protection",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.3.1"
},
{
"model": "security network protection",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2.5"
},
{
"model": "security network protection",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.11"
},
{
"model": "powerkvm update",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.23"
},
{
"model": "powerkvm update",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.1.3-6513"
},
{
"model": "wireless lan controller",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.4"
},
{
"model": "webex meetings server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.1.30"
},
{
"model": "webex meetings for windows phone",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "82.8"
},
{
"model": "webex meetings client on-premises t32",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings client hosted t32",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex centers t32",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "virtualization experience media edition",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"model": "virtual security gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1.6"
},
{
"model": "videoscape anyres live",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9.7.2"
},
{
"model": "video surveillance ptz ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.9"
},
{
"model": "video surveillance series ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70002.9"
},
{
"model": "video surveillance series ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "60002.9"
},
{
"model": "video surveillance 4300e and 4500e high-definition ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.9"
},
{
"model": "video surveillance series high-definition ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "40002.9"
},
{
"model": "video surveillance series ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30002.9"
},
{
"model": "video distribution suite for internet streaming",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.003(002)"
},
{
"model": "universal small cell iuh",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.17.3"
},
{
"model": "universal small cell cloudbase factory recovery root filesystem",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.17.3"
},
{
"model": "universal small cell series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70003.5.12.23"
},
{
"model": "universal small cell series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "50003.5.12.23"
},
{
"model": "unity express",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10"
},
{
"model": "unified workforce optimization quality management solution 11.5 su1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "unified sip proxy software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10"
},
{
"model": "unified meetingplace 8.6mr1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "unified ip conference phone for third-party call control 9.3 sr3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8831"
},
{
"model": "unified ip conference phone 10.3.1sr4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8831"
},
{
"model": "unified ip phone 9.3 sr3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6901"
},
{
"model": "unified intelligent contact management enterprise",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6.1"
},
{
"model": "unified intelligence center",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6(1)"
},
{
"model": "unified contact center express",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6"
},
{
"model": "unified contact center enterprise",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6.1"
},
{
"model": "ucs standalone c-series rack server integrated management cont",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "-3.0"
},
{
"model": "ucs b-series blade servers",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1.3"
},
{
"model": "uc integration for microsoft lync",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6.3"
},
{
"model": "telepresence video communication server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x8.8.3"
},
{
"model": "telepresence tx9000 series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1"
},
{
"model": "telepresence system tx1310",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1"
},
{
"model": "telepresence system ex series tc7.3.7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "telepresence system ex series ce8.2.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "telepresence system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "500-376.1"
},
{
"model": "telepresence system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "500-326.1"
},
{
"model": "telepresence system series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30006.1"
},
{
"model": "telepresence system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "13006.1"
},
{
"model": "telepresence system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11006.1"
},
{
"model": "telepresence system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10006.1"
},
{
"model": "telepresence sx series tc7.3.7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "telepresence sx series ce8.2.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "telepresence server on multiparty media",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8204.4"
},
{
"model": "telepresence server on multiparty media and",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3103204.4"
},
{
"model": "telepresence server and mse",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "701087104.4"
},
{
"model": "telepresence profile series tc7.3.7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "telepresence profile series ce8.2.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "telepresence mx series tc7.3.7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "telepresence mx series ce8.2.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "telepresence mcu",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5(1.89)"
},
{
"model": "telepresence integrator c series tc7.3.7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "telepresence integrator c series ce8.2.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "spa232d multi-line dect analog telephone adapter",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.4.2"
},
{
"model": "spa122 analog telephone adapter with router",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.4.2"
},
{
"model": "spa112 2-port phone adapter",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.4.2"
},
{
"model": "services provisioning platform sfp1.1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "security manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.13"
},
{
"model": "secure access control system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.8.0.32.8"
},
{
"model": "secure access control system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.8.0.32.7"
},
{
"model": "prime performance manager sp1611",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.7"
},
{
"model": "prime network services controller 1.01u",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "prime network registrar",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.3.5"
},
{
"model": "prime network registrar",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0"
},
{
"model": "prime network",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "431"
},
{
"model": "prime infrastructure",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "prime collaboration provisioning",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6"
},
{
"model": "prime collaboration assurance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6"
},
{
"model": "ons series multiservice provisioning platforms",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1545410.7"
},
{
"model": "nexus series switches standalone nx-os mode 7.0 i5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9000-"
},
{
"model": "nexus series fabric switches aci mode",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9000-0"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70006.2.19"
},
{
"model": "nexus series switches 5.2.8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7000"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "60006.2.19"
},
{
"model": "nexus series switches 5.2.8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6000"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "50006.2.19"
},
{
"model": "nexus series switches 5.2.8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"model": "nexus series blade switches 4.1 e1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4000"
},
{
"model": "nexus series switches 5.2 sv3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1000v"
},
{
"model": "network analysis module",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2(2)"
},
{
"model": "network analysis module 6.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "netflow generation appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.1(1)"
},
{
"model": "mds series multilayer switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "90006.2.19"
},
{
"model": "mds series multilayer switches 5.2.8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9000"
},
{
"model": "jabber software development kit",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"model": "jabber guest",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11"
},
{
"model": "jabber for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"model": "jabber for mac",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"model": "jabber for iphone and ipad",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"model": "jabber for android",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"model": "jabber client framework components",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"model": "ip interoperability and collaboration system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0(1)"
},
{
"model": "ios and cisco ios xe software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "16.4"
},
{
"model": "ios and cisco ios xe software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "16.3"
},
{
"model": "ios and cisco ios xe software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "16.2"
},
{
"model": "ios and cisco ios xe software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "16.1"
},
{
"model": "ios and cisco ios xe software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "15.5(3)"
},
{
"model": "firesight system software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1.0.1"
},
{
"model": "firesight system software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.0.1.3"
},
{
"model": "firesight system software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.4.1.9"
},
{
"model": "firesight system software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.4.0.10"
},
{
"model": "expressway series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x8.8.3"
},
{
"model": "enterprise content delivery system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.9"
},
{
"model": "email security appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0.1"
},
{
"model": "edge digital media player 1.2rb1.0.3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "340"
},
{
"model": "edge digital media player 1.6rb5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "300"
},
{
"model": "digital media manager 5.4.1 rb4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "digital media manager 5.3.6 rb3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "dcm series d9900 digital content manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "content security management appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1.140"
},
{
"model": "connected grid routers",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "15.8.9"
},
{
"model": "connected grid routers",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.3"
},
{
"model": "computer telephony integration object server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6.1"
},
{
"model": "common services platform collector",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.11"
},
{
"model": "ata series analog terminal adaptors",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1901.3"
},
{
"model": "asr series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "500021.2"
},
{
"model": "asa next-generation firewall services",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1.2"
},
{
"model": "application policy infrastructure controller",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2(1)"
},
{
"model": "anyconnect secure mobility client for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.7"
},
{
"model": "anyconnect secure mobility client for mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x4.0.7"
},
{
"model": "anyconnect secure mobility client for linux",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.7"
},
{
"model": "anyconnect secure mobility client for ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.7"
},
{
"model": "anyconnect secure mobility client for desktop platforms",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3.4"
},
{
"model": "anyconnect secure mobility client for desktop platforms",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.4"
},
{
"model": "anyconnect secure mobility client for android",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.7"
},
{
"model": "aironet series access points",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "270016.4"
},
{
"model": "aironet series access points",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "270016.3"
},
{
"model": "aironet series access points",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "270016.2"
},
{
"model": "aironet series access points",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "270016.1"
},
{
"model": "aironet series access points",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "270015.5(3)"
},
{
"model": "industrial router 1.2.1rb4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "910"
},
{
"model": "series digital media players 5.4.1 rb4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4400"
},
{
"model": "series digital media players 5.3.6 rb3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4400"
},
{
"model": "series digital media players 5.4.1 rb4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4300"
},
{
"model": "series digital media players 5.3.6 rb3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4300"
}
],
"sources": [
{
"db": "BID",
"id": "92557"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004780"
},
{
"db": "NVD",
"id": "CVE-2016-2182"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:hp:icewall_sso:10.0:*:*:*:certd:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hp:icewall_mcrp:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hp:icewall_sso:10.0:*:*:*:dfw:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hp:icewall_sso_agent_option:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1m:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1j:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1h:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1r:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2g:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2h:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1t:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1p:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1k:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1n:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1q:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1l:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1o:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1i:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:oracle:linux:5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-2182"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "138870"
},
{
"db": "PACKETSTORM",
"id": "148521"
},
{
"db": "PACKETSTORM",
"id": "148525"
},
{
"db": "PACKETSTORM",
"id": "148524"
}
],
"trust": 0.4
},
"cve": "CVE-2016-2182",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": true,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2016-2182",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2016-2182",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-2182",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2016-2182",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-2182"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004780"
},
{
"db": "NVD",
"id": "CVE-2016-2182"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The BN_bn2dec function in crypto/bn/bn_print.c in OpenSSL before 1.1.0 does not properly validate division results, which allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact via unknown vectors. ( Out-of-bounds writes and application crashes ) There are vulnerabilities that are subject to unspecified impact, such as being put into a state. Supplementary information : CWE Vulnerability type by CWE-787: Out-of-bounds Write ( Out-of-bounds writing ) Has been identified. http://cwe.mitre.org/data/definitions/787.htmlService disruption by a third party ( Out-of-bounds writes and application crashes ) There is a possibility of being affected unspecified, such as being in a state. OpenSSL is prone to denial-of-service vulnerability. \nAn attacker may exploit this issue to crash the affected application, resulting in denial-of-service condition. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: openssl security update\nAdvisory ID: RHSA-2016:1940-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2016-1940.html\nIssue date: 2016-09-27\nCVE Names: CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 \n CVE-2016-2180 CVE-2016-2181 CVE-2016-2182 \n CVE-2016-6302 CVE-2016-6304 CVE-2016-6306 \n=====================================================================\n\n1. Summary:\n\nAn update for openssl is now available for Red Hat Enterprise Linux 6 and\nRed Hat Enterprise Linux 7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Desktop (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux HPC Node (v. 6) - x86_64\nRed Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64\nRed Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - x86_64\n\n3. Description:\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and\nTransport Layer Security (TLS) protocols, as well as a full-strength\ngeneral-purpose cryptography library. A remote attacker\ncould cause a TLS server using OpenSSL to consume an excessive amount of\nmemory and, possibly, exit unexpectedly after exhausting all available\nmemory, if it enabled OCSP stapling support. \n(CVE-2016-2178)\n\n* It was discovered that the Datagram TLS (DTLS) implementation could fail\nto release memory in certain cases. A malicious DTLS client could cause a\nDTLS server using OpenSSL to consume an excessive amount of memory and,\npossibly, exit unexpectedly after exhausting all available memory. A remote attacker could possibly use this flaw\nto make a DTLS server using OpenSSL to reject further packets sent from a\nDTLS client over an established DTLS connection. (CVE-2016-2181)\n\n* An out of bounds write flaw was discovered in the OpenSSL BN_bn2dec()\nfunction. (CVE-2016-2182)\n\n* A flaw was found in the DES/3DES cipher was used as part of the TLS/SSL\nprotocol. A man-in-the-middle attacker could use this flaw to recover some\nplaintext data by capturing large amounts of encrypted traffic between\nTLS/SSL server and client if the communication used a DES/3DES based\nciphersuite. (CVE-2016-2183)\n\nThis update mitigates the CVE-2016-2183 issue by lowering priority of DES\ncipher suites so they are not preferred over cipher suites using AES. For\ncompatibility reasons, DES cipher suites remain enabled by default and\nincluded in the set of cipher suites identified by the HIGH cipher string. \nFuture updates may move them to MEDIUM or not enable them by default. \n\n* An integer underflow flaw leading to a buffer over-read was found in the\nway OpenSSL parsed TLS session tickets. (CVE-2016-6302)\n\n* Multiple integer overflow flaws were found in the way OpenSSL performed\npointer arithmetic. A remote attacker could possibly use these flaws to\ncause a TLS/SSL server or client using OpenSSL to crash. (CVE-2016-2177)\n\n* An out of bounds read flaw was found in the way OpenSSL formatted Public\nKey Infrastructure Time-Stamp Protocol data for printing. A remote attacker could\npossibly use these flaws to crash a TLS/SSL server or client using OpenSSL. \n(CVE-2016-6306)\n\nRed Hat would like to thank the OpenSSL project for reporting CVE-2016-6304\nand CVE-2016-6306 and OpenVPN for reporting CVE-2016-2183. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library\nmust be restarted, or the system rebooted. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1341705 - CVE-2016-2177 openssl: Possible integer overflow vulnerabilities in codebase\n1343400 - CVE-2016-2178 openssl: Non-constant time codepath followed for certain operations in DSA implementation\n1359615 - CVE-2016-2180 OpenSSL: OOB read in TS_OBJ_print_bio()\n1367340 - CVE-2016-2182 openssl: Out-of-bounds write caused by unchecked errors in BN_bn2dec()\n1369113 - CVE-2016-2181 openssl: DTLS replay protection bypass allows DoS against DTLS connection\n1369383 - CVE-2016-2183 SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)\n1369504 - CVE-2016-2179 openssl: DTLS memory exhaustion DoS when messages are not removed from fragment buffer\n1369855 - CVE-2016-6302 openssl: Insufficient TLS session ticket HMAC length checks\n1377594 - CVE-2016-6306 openssl: certificate message OOB reads\n1377600 - CVE-2016-6304 openssl: OCSP Status Request extension unbounded memory growth\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 6):\n\nSource:\nopenssl-1.0.1e-48.el6_8.3.src.rpm\n\ni386:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\n\nx86_64:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Optional (v. 6):\n\ni386:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-static-1.0.1e-48.el6_8.3.i686.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-static-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node (v. 6):\n\nSource:\nopenssl-1.0.1e-48.el6_8.3.src.rpm\n\nx86_64:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Optional (v. 6):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-static-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 6):\n\nSource:\nopenssl-1.0.1e-48.el6_8.3.src.rpm\n\ni386:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\n\nppc64:\nopenssl-1.0.1e-48.el6_8.3.ppc.rpm\nopenssl-1.0.1e-48.el6_8.3.ppc64.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.ppc.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.ppc64.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.ppc.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.ppc64.rpm\n\ns390x:\nopenssl-1.0.1e-48.el6_8.3.s390.rpm\nopenssl-1.0.1e-48.el6_8.3.s390x.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.s390.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.s390x.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.s390.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.s390x.rpm\n\nx86_64:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 6):\n\ni386:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-static-1.0.1e-48.el6_8.3.i686.rpm\n\nppc64:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.ppc64.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.ppc64.rpm\nopenssl-static-1.0.1e-48.el6_8.3.ppc64.rpm\n\ns390x:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.s390x.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.s390x.rpm\nopenssl-static-1.0.1e-48.el6_8.3.s390x.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-static-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 6):\n\nSource:\nopenssl-1.0.1e-48.el6_8.3.src.rpm\n\ni386:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\n\nx86_64:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 6):\n\ni386:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-static-1.0.1e-48.el6_8.3.i686.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-static-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nopenssl-1.0.1e-51.el7_2.7.src.rpm\n\nx86_64:\nopenssl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-static-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-static-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nopenssl-1.0.1e-51.el7_2.7.src.rpm\n\nx86_64:\nopenssl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-static-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-static-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nopenssl-1.0.1e-51.el7_2.7.src.rpm\n\nppc64:\nopenssl-1.0.1e-51.el7_2.7.ppc64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.ppc.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.ppc64.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.ppc.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.ppc64.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.ppc.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.ppc64.rpm\n\nppc64le:\nopenssl-1.0.1e-51.el7_2.7.ppc64le.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.ppc64le.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.ppc64le.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.ppc64le.rpm\n\ns390x:\nopenssl-1.0.1e-51.el7_2.7.s390x.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.s390.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.s390x.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.s390.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.s390x.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.s390.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.s390x.rpm\n\nx86_64:\nopenssl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.ppc.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.ppc64.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.ppc64.rpm\nopenssl-static-1.0.1e-51.el7_2.7.ppc.rpm\nopenssl-static-1.0.1e-51.el7_2.7.ppc64.rpm\n\nppc64le:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.ppc64le.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.ppc64le.rpm\nopenssl-static-1.0.1e-51.el7_2.7.ppc64le.rpm\n\ns390x:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.s390.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.s390x.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.s390x.rpm\nopenssl-static-1.0.1e-51.el7_2.7.s390.rpm\nopenssl-static-1.0.1e-51.el7_2.7.s390x.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-static-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-static-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nopenssl-1.0.1e-51.el7_2.7.src.rpm\n\nx86_64:\nopenssl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-static-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-static-1.0.1e-51.el7_2.7.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2016-2177\nhttps://access.redhat.com/security/cve/CVE-2016-2178\nhttps://access.redhat.com/security/cve/CVE-2016-2179\nhttps://access.redhat.com/security/cve/CVE-2016-2180\nhttps://access.redhat.com/security/cve/CVE-2016-2181\nhttps://access.redhat.com/security/cve/CVE-2016-2182\nhttps://access.redhat.com/security/cve/CVE-2016-6302\nhttps://access.redhat.com/security/cve/CVE-2016-6304\nhttps://access.redhat.com/security/cve/CVE-2016-6306\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://www.openssl.org/news/secadv/20160922.txt\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFX6nnFXlSAg2UNWIIRAqklAJ9uGMit/wxZ0CfuGjR7Vi2+AjmGMwCfTpEI\nxpTW7ApBLmKhVjs49DGYouI=\n=4VgY\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. Solution:\n\nThe References section of this erratum contains a download link (you must\nlog in to download the update). Before applying the update, back up your\nexisting Red Hat JBoss Web Server installation (including all applications\nand configuration files). \n\nAfter installing the updated packages, the httpd daemon will be restarted\nautomatically. Additional information can be found at\n https://www.openssl.org/blog/blog/2016/06/27/undefined-pointer-arithmetic/ \n\nCVE-2016-2178\n\n Cesar Pereida, Billy Brumley and Yuval Yarom discovered a timing\n leak in the DSA code. \n\nCVE-2016-2179 / CVE-2016-2181\n\n Quan Luo and the OCAP audit team discovered denial of service\n vulnerabilities in DTLS. \n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 1.0.1t-1+deb8u4. \n\nFor the unstable distribution (sid), these problems will be fixed soon. ==========================================================================\nUbuntu Security Notice USN-3087-2\nSeptember 23, 2016\n\nopenssl regression\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 16.04 LTS\n- Ubuntu 14.04 LTS\n- Ubuntu 12.04 LTS\n\nSummary:\n\nUSN-3087-1 introduced a regression in OpenSSL. The fix for CVE-2016-2182 was\nincomplete and caused a regression when parsing certificates. This update\nfixes the problem. \n\nWe apologize for the inconvenience. This\n issue has only been addressed in Ubuntu 16.04 LTS in this update. (CVE-2016-2178)\n Quan Luo discovered that OpenSSL did not properly restrict the lifetime\n of queue entries in the DTLS implementation. (CVE-2016-2181)\n Shi Lei discovered that OpenSSL incorrectly validated division results. \n (CVE-2016-2182)\n Karthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES\n ciphers were vulnerable to birthday attacks. \n (CVE-2016-2183)\n Shi Lei discovered that OpenSSL incorrectly handled certain ticket lengths. (CVE-2016-6303)\n Shi Lei discovered that OpenSSL incorrectly performed certain message\n length checks. (CVE-2016-6306)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 16.04 LTS:\n libssl1.0.0 1.0.2g-1ubuntu4.5\n\nUbuntu 14.04 LTS:\n libssl1.0.0 1.0.1f-1ubuntu2.21\n\nUbuntu 12.04 LTS:\n libssl1.0.0 1.0.1-4ubuntu5.38\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. Description:\n\nThis release adds the new Apache HTTP Server 2.4.29 packages that are part\nof the JBoss Core Services offering. \n\nThis release serves as a replacement for Red Hat JBoss Core Services\nApache HTTP Server 2.4.23, and includes bug fixes and enhancements. Refer\nto the Release Notes for information on the most significant bug fixes,\nenhancements and component upgrades included in this release. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. JIRA issues fixed (https://issues.jboss.org/):\n\nJBCS-373 - Errata for httpd 2.4.29 GA RHEL 7\n\n7. \nOpenSSL Security Advisory [22 Sep 2016]\n========================================\n\nOCSP Status Request extension unbounded memory growth (CVE-2016-6304)\n=====================================================================\n\nSeverity: High\n\nA malicious client can send an excessively large OCSP Status Request extension. \nIf that client continually requests renegotiation, sending a large OCSP Status\nRequest extension each time, then there will be unbounded memory growth on the\nserver. This will eventually lead to a Denial Of Service attack through memory\nexhaustion. Servers with a default configuration are vulnerable even if they do\nnot support OCSP. Builds using the \"no-ocsp\" build time option are not affected. \n\nServers using OpenSSL versions prior to 1.0.1g are not vulnerable in a default\nconfiguration, instead only if an application explicitly enables OCSP stapling\nsupport. \n\nOpenSSL 1.1.0 users should upgrade to 1.1.0a\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 29th August 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL\ndevelopment team. \n\nSSL_peek() hang on empty record (CVE-2016-6305)\n===============================================\n\nSeverity: Moderate\n\nOpenSSL 1.1.0 SSL/TLS will hang during a call to SSL_peek() if the peer sends an\nempty record. This could be exploited by a malicious peer in a Denial Of Service\nattack. \n\nOpenSSL 1.1.0 users should upgrade to 1.1.0a\n\nThis issue was reported to OpenSSL on 10th September 2016 by Alex Gaynor. The\nfix was developed by Matt Caswell of the OpenSSL development team. \n\nSWEET32 Mitigation (CVE-2016-2183)\n==================================\n\nSeverity: Low\n\nSWEET32 (https://sweet32.info) is an attack on older block cipher algorithms\nthat use a block size of 64 bits. In mitigation for the SWEET32 attack DES based\nciphersuites have been moved from the HIGH cipherstring group to MEDIUM in\nOpenSSL 1.0.1 and OpenSSL 1.0.2. OpenSSL 1.1.0 since release has had these\nciphersuites disabled by default. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 16th August 2016 by Karthikeyan\nBhargavan and Gaetan Leurent (INRIA). The fix was developed by Rich Salz of the\nOpenSSL development team. \n\nOOB write in MDC2_Update() (CVE-2016-6303)\n==========================================\n\nSeverity: Low\n\nAn overflow can occur in MDC2_Update() either if called directly or\nthrough the EVP_DigestUpdate() function using MDC2. If an attacker\nis able to supply very large amounts of input data after a previous\ncall to EVP_EncryptUpdate() with a partial block then a length check\ncan overflow resulting in a heap corruption. \n\nThe amount of data needed is comparable to SIZE_MAX which is impractical\non most platforms. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 11th August 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL\ndevelopment team. \n\nMalformed SHA512 ticket DoS (CVE-2016-6302)\n===========================================\n\nSeverity: Low\n\nIf a server uses SHA512 for TLS session ticket HMAC it is vulnerable to a\nDoS attack where a malformed ticket will result in an OOB read which will\nultimately crash. \n\nThe use of SHA512 in TLS session tickets is comparatively rare as it requires\na custom server callback and ticket lookup mechanism. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 19th August 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL\ndevelopment team. \n\nOOB write in BN_bn2dec() (CVE-2016-2182)\n========================================\n\nSeverity: Low\n\nThe function BN_bn2dec() does not check the return value of BN_div_word(). \nThis can cause an OOB write if an application uses this function with an\noverly large BIGNUM. This could be a problem if an overly large certificate\nor CRL is printed out from an untrusted source. TLS is not affected because\nrecord limits will reject an oversized certificate before it is parsed. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 2nd August 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL\ndevelopment team. \n\nOOB read in TS_OBJ_print_bio() (CVE-2016-2180)\n==============================================\n\nSeverity: Low\n\nThe function TS_OBJ_print_bio() misuses OBJ_obj2txt(): the return value is\nthe total length the OID text representation would use and not the amount\nof data written. This will result in OOB reads when large OIDs are presented. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 21st July 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL\ndevelopment team. \n\nPointer arithmetic undefined behaviour (CVE-2016-2177)\n======================================================\n\nSeverity: Low\n\nAvoid some undefined pointer arithmetic\n\nA common idiom in the codebase is to check limits in the following manner:\n\"p + len \u003e limit\"\n\nWhere \"p\" points to some malloc\u0027d data of SIZE bytes and\nlimit == p + SIZE\n\n\"len\" here could be from some externally supplied data (e.g. from a TLS\nmessage). \n\nThe rules of C pointer arithmetic are such that \"p + len\" is only well\ndefined where len \u003c= SIZE. Therefore the above idiom is actually\nundefined behaviour. \n\nFor example this could cause problems if some malloc implementation\nprovides an address for \"p\" such that \"p + len\" actually overflows for\nvalues of len that are too big and therefore p + len \u003c limit. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 4th May 2016 by Guido Vranken. The\nfix was developed by Matt Caswell of the OpenSSL development team. \n\nConstant time flag not preserved in DSA signing (CVE-2016-2178)\n===============================================================\n\nSeverity: Low\n\nOperations in the DSA signing algorithm should run in constant time in order to\navoid side channel attacks. A flaw in the OpenSSL DSA implementation means that\na non-constant time codepath is followed for certain operations. This has been\ndemonstrated through a cache-timing attack to be sufficient for an attacker to\nrecover the private DSA key. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 23rd May 2016 by C\u00e9sar Pereida (Aalto\nUniversity), Billy Brumley (Tampere University of Technology), and Yuval Yarom\n(The University of Adelaide and NICTA). The fix was developed by C\u00e9sar Pereida. \n\nDTLS buffered message DoS (CVE-2016-2179)\n=========================================\n\nSeverity: Low\n\nIn a DTLS connection where handshake messages are delivered out-of-order those\nmessages that OpenSSL is not yet ready to process will be buffered for later\nuse. Under certain circumstances, a flaw in the logic means that those messages\ndo not get removed from the buffer even though the handshake has been completed. \nAn attacker could force up to approx. 15 messages to remain in the buffer when\nthey are no longer required. These messages will be cleared when the DTLS\nconnection is closed. The default maximum size for a message is 100k. Therefore\nthe attacker could force an additional 1500k to be consumed per connection. By\nopening many simulataneous connections an attacker could cause a DoS attack\nthrough memory exhaustion. \n\nOpenSSL 1.0.2 DTLS users should upgrade to 1.0.2i\nOpenSSL 1.0.1 DTLS users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 22nd June 2016 by Quan Luo. The fix was\ndeveloped by Matt Caswell of the OpenSSL development team. \n\nDTLS replay protection DoS (CVE-2016-2181)\n==========================================\n\nSeverity: Low\n\nA flaw in the DTLS replay attack protection mechanism means that records that\narrive for future epochs update the replay protection \"window\" before the MAC\nfor the record has been validated. This could be exploited by an attacker by\nsending a record for the next epoch (which does not have to decrypt or have a\nvalid MAC), with a very large sequence number. This means that all subsequent\nlegitimate packets are dropped causing a denial of service for a specific\nDTLS connection. \n\nOpenSSL 1.0.2 DTLS users should upgrade to 1.0.2i\nOpenSSL 1.0.1 DTLS users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 21st November 2015 by the OCAP audit team. \nThe fix was developed by Matt Caswell of the OpenSSL development team. \n\nCertificate message OOB reads (CVE-2016-6306)\n=============================================\n\nSeverity: Low\n\nIn OpenSSL 1.0.2 and earlier some missing message length checks can result in\nOOB reads of up to 2 bytes beyond an allocated buffer. There is a theoretical\nDoS risk but this has not been observed in practice on common platforms. \n\nThe messages affected are client certificate, client certificate request and\nserver certificate. As a result the attack can only be performed against\na client or a server which enables client authentication. \n\nOpenSSL 1.1.0 is not affected. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 22nd August 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL\ndevelopment team. \n\nExcessive allocation of memory in tls_get_message_header() (CVE-2016-6307)\n==========================================================================\n\nSeverity: Low\n\nA TLS message includes 3 bytes for its length in the header for the message. \nThis would allow for messages up to 16Mb in length. Messages of this length are\nexcessive and OpenSSL includes a check to ensure that a peer is sending\nreasonably sized messages in order to avoid too much memory being consumed to\nservice a connection. A flaw in the logic of version 1.1.0 means that memory for\nthe message is allocated too early, prior to the excessive message length\ncheck. Due to way memory is allocated in OpenSSL this could mean an attacker\ncould force up to 21Mb to be allocated to service a connection. This could lead\nto a Denial of Service through memory exhaustion. However, the excessive message\nlength check still takes place, and this would cause the connection to\nimmediately fail. Assuming that the application calls SSL_free() on the failed\nconneciton in a timely manner then the 21Mb of allocated memory will then be\nimmediately freed again. Therefore the excessive memory allocation will be\ntransitory in nature. This then means that there is only a security impact if:\n\n1) The application does not call SSL_free() in a timely manner in the\nevent that the connection fails\nor\n2) The application is working in a constrained environment where there\nis very little free memory\nor\n3) The attacker initiates multiple connection attempts such that there\nare multiple connections in a state where memory has been allocated for\nthe connection; SSL_free() has not yet been called; and there is\ninsufficient memory to service the multiple requests. \n\nExcept in the instance of (1) above any Denial Of Service is likely to\nbe transitory because as soon as the connection fails the memory is\nsubsequently freed again in the SSL_free() call. However there is an\nincreased risk during this period of application crashes due to the lack\nof memory - which would then mean a more serious Denial of Service. \n\nThis issue does not affect DTLS users. \n\nOpenSSL 1.1.0 TLS users should upgrade to 1.1.0a\n\nThis issue was reported to OpenSSL on 18th September 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL\ndevelopment team. \n\nExcessive allocation of memory in dtls1_preprocess_fragment() (CVE-2016-6308)\n=============================================================================\n\nSeverity: Low\n\nThis issue is very similar to CVE-2016-6307. The underlying defect is different\nbut the security analysis and impacts are the same except that it impacts DTLS. \n\nA DTLS message includes 3 bytes for its length in the header for the message. \nThis would allow for messages up to 16Mb in length. Messages of this length are\nexcessive and OpenSSL includes a check to ensure that a peer is sending\nreasonably sized messages in order to avoid too much memory being consumed to\nservice a connection. A flaw in the logic of version 1.1.0 means that memory for\nthe message is allocated too early, prior to the excessive message length\ncheck. Due to way memory is allocated in OpenSSL this could mean an attacker\ncould force up to 21Mb to be allocated to service a connection. This could lead\nto a Denial of Service through memory exhaustion. However, the excessive message\nlength check still takes place, and this would cause the connection to\nimmediately fail. Assuming that the application calls SSL_free() on the failed\nconneciton in a timely manner then the 21Mb of allocated memory will then be\nimmediately freed again. Therefore the excessive memory allocation will be\ntransitory in nature. This then means that there is only a security impact if:\n\n1) The application does not call SSL_free() in a timely manner in the\nevent that the connection fails\nor\n2) The application is working in a constrained environment where there\nis very little free memory\nor\n3) The attacker initiates multiple connection attempts such that there\nare multiple connections in a state where memory has been allocated for\nthe connection; SSL_free() has not yet been called; and there is\ninsufficient memory to service the multiple requests. \n\nExcept in the instance of (1) above any Denial Of Service is likely to\nbe transitory because as soon as the connection fails the memory is\nsubsequently freed again in the SSL_free() call. However there is an\nincreased risk during this period of application crashes due to the lack\nof memory - which would then mean a more serious Denial of Service. \n\nThis issue does not affect TLS users. \n\nOpenSSL 1.1.0 DTLS users should upgrade to 1.1.0a\n\nThis issue was reported to OpenSSL on 18th September 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL\ndevelopment team. \n\nNote\n====\n\nAs per our previous announcements and our Release Strategy\n(https://www.openssl.org/policies/releasestrat.html), support for OpenSSL\nversion 1.0.1 will cease on 31st December 2016. No security updates for that\nversion will be provided after that date. Users of 1.0.1 are advised to\nupgrade. \n\nSupport for versions 0.9.8 and 1.0.0 ended on 31st December 2015. Those\nversions are no longer receiving security updates. \n\nReferences\n==========\n\nURL for this Security Advisory:\nhttps://www.openssl.org/news/secadv/20160922.txt\n\nNote: the online version of the advisory may be updated with additional details\nover time. \n\nFor details of OpenSSL severity classifications please see:\nhttps://www.openssl.org/policies/secpolicy.html\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-2182"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004780"
},
{
"db": "BID",
"id": "92557"
},
{
"db": "VULMON",
"id": "CVE-2016-2182"
},
{
"db": "PACKETSTORM",
"id": "138870"
},
{
"db": "PACKETSTORM",
"id": "148521"
},
{
"db": "PACKETSTORM",
"id": "148525"
},
{
"db": "PACKETSTORM",
"id": "138817"
},
{
"db": "PACKETSTORM",
"id": "138820"
},
{
"db": "PACKETSTORM",
"id": "138826"
},
{
"db": "PACKETSTORM",
"id": "148524"
},
{
"db": "PACKETSTORM",
"id": "169633"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-2182",
"trust": 3.0
},
{
"db": "BID",
"id": "92557",
"trust": 1.4
},
{
"db": "MCAFEE",
"id": "SB10171",
"trust": 1.1
},
{
"db": "MCAFEE",
"id": "SB10215",
"trust": 1.1
},
{
"db": "SIEMENS",
"id": "SSA-412672",
"trust": 1.1
},
{
"db": "TENABLE",
"id": "TNS-2016-21",
"trust": 1.1
},
{
"db": "TENABLE",
"id": "TNS-2016-20",
"trust": 1.1
},
{
"db": "TENABLE",
"id": "TNS-2016-16",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1036688",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1037968",
"trust": 1.1
},
{
"db": "JUNIPER",
"id": "JSA10759",
"trust": 1.1
},
{
"db": "PULSESECURE",
"id": "SA40312",
"trust": 1.1
},
{
"db": "JVN",
"id": "JVNVU98667810",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004780",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-22-349-21",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-2182",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "138870",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148521",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148525",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "138817",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "138820",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "138826",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148524",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169633",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-2182"
},
{
"db": "BID",
"id": "92557"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004780"
},
{
"db": "PACKETSTORM",
"id": "138870"
},
{
"db": "PACKETSTORM",
"id": "148521"
},
{
"db": "PACKETSTORM",
"id": "148525"
},
{
"db": "PACKETSTORM",
"id": "138817"
},
{
"db": "PACKETSTORM",
"id": "138820"
},
{
"db": "PACKETSTORM",
"id": "138826"
},
{
"db": "PACKETSTORM",
"id": "148524"
},
{
"db": "PACKETSTORM",
"id": "169633"
},
{
"db": "NVD",
"id": "CVE-2016-2182"
}
]
},
"id": "VAR-201609-0595",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.39427244733333333
},
"last_update_date": "2024-07-23T22:06:46.651000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20160927-openssl",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160927-openssl"
},
{
"title": "hitachi-sec-2017-102",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/prod/comp/soft1/global/security/info/vuls/hitachi-sec-2017-102/index.html"
},
{
"title": "HPSBGN03658",
"trust": 0.8,
"url": "https://h20565.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05302448"
},
{
"title": "1995039",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039"
},
{
"title": "SB10171",
"trust": 0.8,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10171"
},
{
"title": "NV17-001",
"trust": 0.8,
"url": "http://jpn.nec.com/security-info/secinfo/nv17-001.html"
},
{
"title": "OpenSSL 1.0.2 Series Release Notes",
"trust": 0.8,
"url": "https://www.openssl.org/news/openssl-1.0.2-notes.html"
},
{
"title": "OpenSSL 1.0.1 Series Release Notes",
"trust": 0.8,
"url": "https://www.openssl.org/news/openssl-1.0.1-notes.html"
},
{
"title": "Check for errors in BN_bn2dec()",
"trust": 0.8,
"url": "https://git.openssl.org/?p=openssl.git;a=commit;h=07bed46f332fce8c1d157689a2cdf915a982ae34"
},
{
"title": "Oracle Critical Patch Update Advisory - October 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"title": "Oracle Linux Bulletin - October 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html"
},
{
"title": "Oracle VM Server for x86 Bulletin - October 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html"
},
{
"title": "SA40312",
"trust": 0.8,
"url": "https://kb.pulsesecure.net/articles/pulse_security_advisories/sa40312"
},
{
"title": "SA132",
"trust": 0.8,
"url": "https://bto.bluecoat.com/security-advisory/sa132"
},
{
"title": "JSA10759",
"trust": 0.8,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10759"
},
{
"title": "Splunk Enterprise 6.4.5 addresses multiple vulnerabilities",
"trust": 0.8,
"url": "http://www.splunk.com/view/sp-caaapue"
},
{
"title": "Splunk Enterprise 6.5.1 addresses multiple OpenSSL vulnerabilities",
"trust": 0.8,
"url": "http://www.splunk.com/view/sp-caaapsv"
},
{
"title": "TNS-2016-16",
"trust": 0.8,
"url": "https://www.tenable.com/security/tns-2016-16"
},
{
"title": "TLSA-2016-28",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2016/tlsa-2016-28j.html"
},
{
"title": "hitachi-sec-2017-102",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/prod/comp/soft1/security/info/vuls/hitachi-sec-2017-102/index.html"
},
{
"title": "Red Hat: Moderate: Red Hat JBoss Core Services Apache HTTP Server 2.4.29 RHEL 7 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20182185 - security advisory"
},
{
"title": "Red Hat: Moderate: Red Hat JBoss Core Services Apache HTTP Server 2.4.29 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20182187 - security advisory"
},
{
"title": "Red Hat: Important: openssl security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20161940 - security advisory"
},
{
"title": "Red Hat: Moderate: Red Hat JBoss Core Services Apache HTTP Server 2.4.29 RHEL 6 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20182186 - security advisory"
},
{
"title": "Red Hat: CVE-2016-2182",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2016-2182"
},
{
"title": "Arch Linux Issues: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=cve-2016-2182"
},
{
"title": "Ubuntu Security Notice: openssl vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3087-1"
},
{
"title": "Ubuntu Security Notice: openssl regression",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3087-2"
},
{
"title": "Amazon Linux AMI: ALAS-2016-755",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2016-755"
},
{
"title": "Arch Linux Advisories: [ASA-201609-23] openssl: multiple issues",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=asa-201609-23"
},
{
"title": "Arch Linux Advisories: [ASA-201609-24] lib32-openssl: multiple issues",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=asa-201609-24"
},
{
"title": "IBM: IBM Security Bulletin: Fabric OS firmware for Brocade 8Gb SAN Switch Module for BladeCenter is affected by vulnerabilities in OpenSSL and OpenSSH",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=b7f5b1e7edcafce07f28205855d4db49"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - January 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=69e9536e77203a3c76b24dd89f4f9300"
},
{
"title": "Android Security Bulletins: Android Security Bulletin\u2014March 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=65d776aaa82a91341631d2aa61736067"
},
{
"title": "Tenable Security Advisories: [R7] Nessus 6.9 Fixes Multiple Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=tns-2016-16"
},
{
"title": "Symantec Security Advisories: SA132 : OpenSSL Vulnerabilities 22-Sep-2016 and 26-Sep-2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=1e6dcaf5dac6ef96a7d917a8c1393040"
},
{
"title": "Cisco: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: September 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20160927-openssl"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=05aabe19d38058b7814ef5514aab4c0c"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - July 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=ac5af5dd99788925425f5747ec672707"
},
{
"title": "Tenable Security Advisories: [R3] PVS 5.2.0 Fixes Multiple Third-party Library Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=tns-2016-20"
},
{
"title": "Tenable Security Advisories: [R2] LCE 4.8.2 Fixes Multiple Third-party Library Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=tns-2016-21"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - July 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=586e6062440cdd312211d748e028164e"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - October 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=6839c4d3fd328571c675c335d58b5591"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - July 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=2f446a7e1ea263c0c3a365776c6713f2"
},
{
"title": "Forcepoint Security Advisories: CVE-2016-2180 to -2183, -6302 to -6309, -2179, -7052 OpenSSL Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=forcepoint_security_advisories\u0026qid=a9dd8a175d084c7432b7ad47715ac50c"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - April 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=a31bff03e9909229fd67996884614fdf"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - January 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=e2a7f287e9acc8c64ab3df71130bc64d"
},
{
"title": "Oracle VM Server for x86 Bulletins: Oracle VM Server for x86 Bulletin - October 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_vm_server_for_x86_bulletins\u0026qid=21c0efa2643d707e2f50a501209eb75c"
},
{
"title": "Oracle Linux Bulletins: Oracle Linux Bulletin - October 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=13f3551b67d913fba90df4b2c0dae0bf"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - April 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=4019ca77f50c7a34e4d97833e6f3321e"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - April 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=143b3fb255063c81571469eaa3cf0a87"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=523d3f220a64ff01dd95e064bd37566a"
},
{
"title": "CVE Scanning of Alpine base images using Multi Stage builds in Docker 17.05\nSummary",
"trust": 0.1,
"url": "https://github.com/tomwillfixit/alpine-cvecheck "
},
{
"title": "hackerone-publicy-disclosed",
"trust": 0.1,
"url": "https://github.com/imhunterand/hackerone-publicy-disclosed "
},
{
"title": "OpenSSL-CVE-lib",
"trust": 0.1,
"url": "https://github.com/chnzzh/openssl-cve-lib "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-2182"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004780"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-004780"
},
{
"db": "NVD",
"id": "CVE-2016-2182"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.4,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039"
},
{
"trust": 1.4,
"url": "https://source.android.com/security/bulletin/2017-03-01.html"
},
{
"trust": 1.4,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"trust": 1.3,
"url": "http://www.ubuntu.com/usn/usn-3087-1"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/bid/92557"
},
{
"trust": 1.2,
"url": "http://rhn.redhat.com/errata/rhsa-2016-1940.html"
},
{
"trust": 1.2,
"url": "http://www.ubuntu.com/usn/usn-3087-2"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2018:2185"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2018:2186"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2018:2187"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05302448"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html"
},
{
"trust": 1.1,
"url": "http://www.splunk.com/view/sp-caaapue"
},
{
"trust": 1.1,
"url": "http://www.splunk.com/view/sp-caaapsv"
},
{
"trust": 1.1,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10171"
},
{
"trust": 1.1,
"url": "https://kb.pulsesecure.net/articles/pulse_security_advisories/sa40312"
},
{
"trust": 1.1,
"url": "https://bto.bluecoat.com/security-advisory/sa132"
},
{
"trust": 1.1,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10759"
},
{
"trust": 1.1,
"url": "https://www.tenable.com/security/tns-2016-16"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1037968"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1036688"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"trust": 1.1,
"url": "https://www.tenable.com/security/tns-2016-21"
},
{
"trust": 1.1,
"url": "https://www.tenable.com/security/tns-2016-20"
},
{
"trust": 1.1,
"url": "https://security.freebsd.org/advisories/freebsd-sa-16:26.openssl.asc"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00011.html"
},
{
"trust": 1.1,
"url": "http://seclists.org/fulldisclosure/2017/jul/31"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-c05302448"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00022.html"
},
{
"trust": 1.1,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00031.html"
},
{
"trust": 1.1,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170322-01-openssl-en"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00011.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00023.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00032.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00012.html"
},
{
"trust": 1.1,
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1749-security-advisory-24"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00029.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00010.html"
},
{
"trust": 1.1,
"url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en\u0026docid=emr_na-hpesbhf03856en_us"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00024.html"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2016/dsa-3673"
},
{
"trust": 1.1,
"url": "https://source.android.com/security/bulletin/2017-03-01"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00005.html"
},
{
"trust": 1.1,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10215"
},
{
"trust": 1.1,
"url": "https://support.f5.com/csp/article/k01276005"
},
{
"trust": 1.1,
"url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03856en_us"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"trust": 1.1,
"url": "https://git.openssl.org/?p=openssl.git%3ba=commit%3bh=07bed46f332fce8c1d157689a2cdf915a982ae34"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2182"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu98667810/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-2182"
},
{
"trust": 0.8,
"url": "http://www.bizmobile.co.jp/news_02.php?id=4069\u0026nc=1"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2182"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6302"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6306"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2178"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2179"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2177"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2181"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6304"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2180"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2016-6306"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.4,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2016-2182"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2016-6302"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6303"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2183"
},
{
"trust": 0.3,
"url": "http://openssl.org/"
},
{
"trust": 0.3,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1367340"
},
{
"trust": 0.3,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160927-openssl"
},
{
"trust": 0.3,
"url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory21.asc"
},
{
"trust": 0.3,
"url": "https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-openssl-affect-ibm-worklight-and-ibm-mobilefirst-platform-foundation-2/"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1024394"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=isg3t1024401"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1024507"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1024648"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1021643"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
},
{
"trust": 0.3,
"url": "https://kc.mcafee.com/resources/sites/mcafee/content/live/product_documentation/27000/pd27128/en_us/meg_7_6_406_3402_103_release_notes_en_us.pdf"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21991724"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21992348"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21992898"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21993061"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21993875"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995392"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995393"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995691"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-3731"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-7055"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-3738"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-3731"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-3737"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-3732"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-3738"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-3732"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_core_services/2.4.29/"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2016-7055"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-3737"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-3736"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-3736"
},
{
"trust": 0.2,
"url": "https://www.openssl.org/news/secadv/20160922.txt"
},
{
"trust": 0.2,
"url": "https://issues.jboss.org/):"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/787.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=48600"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/3087-1/"
},
{
"trust": 0.1,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-21"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2180"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2177"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2181"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-6304"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2179"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2178"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/blog/blog/2016/06/27/undefined-pointer-arithmetic/"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1-4ubuntu5.37"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu2.20"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.2g-1ubuntu4.4"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu2.21"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1-4ubuntu5.38"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.2g-1ubuntu4.5"
},
{
"trust": 0.1,
"url": "https://launchpad.net/bugs/1626883"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6308"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/policies/secpolicy.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6305"
},
{
"trust": 0.1,
"url": "https://sweet32.info)"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/policies/releasestrat.html),"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6307"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-2182"
},
{
"db": "BID",
"id": "92557"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004780"
},
{
"db": "PACKETSTORM",
"id": "138870"
},
{
"db": "PACKETSTORM",
"id": "148521"
},
{
"db": "PACKETSTORM",
"id": "148525"
},
{
"db": "PACKETSTORM",
"id": "138817"
},
{
"db": "PACKETSTORM",
"id": "138820"
},
{
"db": "PACKETSTORM",
"id": "138826"
},
{
"db": "PACKETSTORM",
"id": "148524"
},
{
"db": "PACKETSTORM",
"id": "169633"
},
{
"db": "NVD",
"id": "CVE-2016-2182"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2016-2182"
},
{
"db": "BID",
"id": "92557"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004780"
},
{
"db": "PACKETSTORM",
"id": "138870"
},
{
"db": "PACKETSTORM",
"id": "148521"
},
{
"db": "PACKETSTORM",
"id": "148525"
},
{
"db": "PACKETSTORM",
"id": "138817"
},
{
"db": "PACKETSTORM",
"id": "138820"
},
{
"db": "PACKETSTORM",
"id": "138826"
},
{
"db": "PACKETSTORM",
"id": "148524"
},
{
"db": "PACKETSTORM",
"id": "169633"
},
{
"db": "NVD",
"id": "CVE-2016-2182"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-09-16T00:00:00",
"db": "VULMON",
"id": "CVE-2016-2182"
},
{
"date": "2016-08-16T00:00:00",
"db": "BID",
"id": "92557"
},
{
"date": "2016-09-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-004780"
},
{
"date": "2016-09-27T19:32:00",
"db": "PACKETSTORM",
"id": "138870"
},
{
"date": "2018-07-12T21:45:18",
"db": "PACKETSTORM",
"id": "148521"
},
{
"date": "2018-07-12T21:48:57",
"db": "PACKETSTORM",
"id": "148525"
},
{
"date": "2016-09-22T22:22:00",
"db": "PACKETSTORM",
"id": "138817"
},
{
"date": "2016-09-22T22:25:00",
"db": "PACKETSTORM",
"id": "138820"
},
{
"date": "2016-09-23T19:19:00",
"db": "PACKETSTORM",
"id": "138826"
},
{
"date": "2018-07-12T21:48:49",
"db": "PACKETSTORM",
"id": "148524"
},
{
"date": "2016-09-22T12:12:12",
"db": "PACKETSTORM",
"id": "169633"
},
{
"date": "2016-09-16T05:59:02.627000",
"db": "NVD",
"id": "CVE-2016-2182"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2016-2182"
},
{
"date": "2018-02-05T15:00:00",
"db": "BID",
"id": "92557"
},
{
"date": "2017-10-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-004780"
},
{
"date": "2023-11-07T02:31:01.797000",
"db": "NVD",
"id": "CVE-2016-2182"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "138870"
},
{
"db": "PACKETSTORM",
"id": "148525"
},
{
"db": "PACKETSTORM",
"id": "138820"
},
{
"db": "PACKETSTORM",
"id": "138826"
},
{
"db": "PACKETSTORM",
"id": "148524"
}
],
"trust": 0.5
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL of crypto/bn/bn_print.c of BN_bn2dec Service disruption in functionality (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-004780"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Failure to Handle Exceptional Conditions",
"sources": [
{
"db": "BID",
"id": "92557"
}
],
"trust": 0.3
}
}
VAR-201609-0593
Vulnerability from variot - Updated: 2024-07-23 22:01Multiple memory leaks in t1_lib.c in OpenSSL before 1.0.1u, 1.0.2 before 1.0.2i, and 1.1.0 before 1.1.0a allow remote attackers to cause a denial of service (memory consumption) via large OCSP Status Request extensions. OpenSSL is prone to denial-of-service vulnerability. An attacker may exploit this issue to cause a denial-of-service condition. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience.
This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 1 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.23, and includes bug fixes, which are documented in the Release Notes document linked to in the References. (CVE-2016-6304)
-
It was discovered that the mod_session_crypto module of httpd did not use any mechanisms to verify integrity of the encrypted session data stored in the user's browser. (CVE-2016-0736)
-
It was discovered that the mod_auth_digest module of httpd did not properly check for memory allocation failures. (CVE-2016-8610)
-
It was discovered that the HTTP parser in httpd incorrectly allowed certain characters not permitted by the HTTP protocol specification to appear unencoded in HTTP request headers. If httpd was used in conjunction with a proxy or backend server that interpreted those characters differently, a remote attacker could possibly use this flaw to inject data into HTTP responses, resulting in proxy cache poisoning. (CVE-2016-8743)
-
A vulnerability was found in httpd's handling of the LimitRequestFields directive in mod_http2, affecting servers with HTTP/2 enabled. An attacker could send crafted requests with headers larger than the server's available memory, causing httpd to crash. After installing the updated packages, the httpd daemon will be restarted automatically. Bugs fixed (https://bugzilla.redhat.com/):
1377600 - CVE-2016-6304 openssl: OCSP Status Request extension unbounded memory growth 1384743 - CVE-2016-8610 SSL/TLS: Malformed plain-text ALERT packets could cause remote DoS 1401528 - CVE-2016-8740 httpd: Incomplete handling of LimitRequestFields directive in mod_http2 1406744 - CVE-2016-0736 httpd: Padding Oracle in Apache mod_session_crypto 1406753 - CVE-2016-2161 httpd: DoS vulnerability in mod_auth_digest 1406822 - CVE-2016-8743 httpd: Apache HTTP Request Parsing Whitespace Defects 1412120 - CVE-2016-7056 openssl: ECDSA P-256 timing attack key recovery
- JIRA issues fixed (https://issues.jboss.org/):
JBCS-319 - Errata for httpd 2.4.23 SP1 RHEL 7
Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. The updates are documented in the Release Notes document linked to in the References. If sendfile processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could lead to invalid responses or information disclosure. (CVE-2017-5647)
- A vulnerability was discovered in the error page mechanism in Tomcat's DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. Solution:
Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files). -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: openssl security update Advisory ID: RHSA-2016:1940-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-1940.html Issue date: 2016-09-27 CVE Names: CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-2180 CVE-2016-2181 CVE-2016-2182 CVE-2016-6302 CVE-2016-6304 CVE-2016-6306 =====================================================================
- Summary:
An update for openssl is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
- Description:
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library. (CVE-2016-2178)
-
It was discovered that the Datagram TLS (DTLS) implementation could fail to release memory in certain cases. A malicious DTLS client could cause a DTLS server using OpenSSL to consume an excessive amount of memory and, possibly, exit unexpectedly after exhausting all available memory. A remote attacker could possibly use this flaw to make a DTLS server using OpenSSL to reject further packets sent from a DTLS client over an established DTLS connection. (CVE-2016-2181)
-
An out of bounds write flaw was discovered in the OpenSSL BN_bn2dec() function. (CVE-2016-2182)
-
A flaw was found in the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite. (CVE-2016-2183)
This update mitigates the CVE-2016-2183 issue by lowering priority of DES cipher suites so they are not preferred over cipher suites using AES. For compatibility reasons, DES cipher suites remain enabled by default and included in the set of cipher suites identified by the HIGH cipher string. Future updates may move them to MEDIUM or not enable them by default.
-
An integer underflow flaw leading to a buffer over-read was found in the way OpenSSL parsed TLS session tickets. (CVE-2016-6302)
-
Multiple integer overflow flaws were found in the way OpenSSL performed pointer arithmetic. A remote attacker could possibly use these flaws to cause a TLS/SSL server or client using OpenSSL to crash. (CVE-2016-2177)
-
An out of bounds read flaw was found in the way OpenSSL formatted Public Key Infrastructure Time-Stamp Protocol data for printing. An attacker could possibly cause an application using OpenSSL to crash if it printed time stamp data from the attacker. A remote attacker could possibly use these flaws to crash a TLS/SSL server or client using OpenSSL. (CVE-2016-6306)
Red Hat would like to thank the OpenSSL project for reporting CVE-2016-6304 and CVE-2016-6306 and OpenVPN for reporting CVE-2016-2183.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.
- Bugs fixed (https://bugzilla.redhat.com/):
1341705 - CVE-2016-2177 openssl: Possible integer overflow vulnerabilities in codebase 1343400 - CVE-2016-2178 openssl: Non-constant time codepath followed for certain operations in DSA implementation 1359615 - CVE-2016-2180 OpenSSL: OOB read in TS_OBJ_print_bio() 1367340 - CVE-2016-2182 openssl: Out-of-bounds write caused by unchecked errors in BN_bn2dec() 1369113 - CVE-2016-2181 openssl: DTLS replay protection bypass allows DoS against DTLS connection 1369383 - CVE-2016-2183 SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32) 1369504 - CVE-2016-2179 openssl: DTLS memory exhaustion DoS when messages are not removed from fragment buffer 1369855 - CVE-2016-6302 openssl: Insufficient TLS session ticket HMAC length checks 1377594 - CVE-2016-6306 openssl: certificate message OOB reads 1377600 - CVE-2016-6304 openssl: OCSP Status Request extension unbounded memory growth
- Package List:
Red Hat Enterprise Linux Desktop (v. 6):
Source: openssl-1.0.1e-48.el6_8.3.src.rpm
i386: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm
x86_64: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
i386: openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm openssl-perl-1.0.1e-48.el6_8.3.i686.rpm openssl-static-1.0.1e-48.el6_8.3.i686.rpm
x86_64: openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm openssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-static-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source: openssl-1.0.1e-48.el6_8.3.src.rpm
x86_64: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
x86_64: openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm openssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-static-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source: openssl-1.0.1e-48.el6_8.3.src.rpm
i386: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm
ppc64: openssl-1.0.1e-48.el6_8.3.ppc.rpm openssl-1.0.1e-48.el6_8.3.ppc64.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.ppc.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.ppc64.rpm openssl-devel-1.0.1e-48.el6_8.3.ppc.rpm openssl-devel-1.0.1e-48.el6_8.3.ppc64.rpm
s390x: openssl-1.0.1e-48.el6_8.3.s390.rpm openssl-1.0.1e-48.el6_8.3.s390x.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.s390.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.s390x.rpm openssl-devel-1.0.1e-48.el6_8.3.s390.rpm openssl-devel-1.0.1e-48.el6_8.3.s390x.rpm
x86_64: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
i386: openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-perl-1.0.1e-48.el6_8.3.i686.rpm openssl-static-1.0.1e-48.el6_8.3.i686.rpm
ppc64: openssl-debuginfo-1.0.1e-48.el6_8.3.ppc64.rpm openssl-perl-1.0.1e-48.el6_8.3.ppc64.rpm openssl-static-1.0.1e-48.el6_8.3.ppc64.rpm
s390x: openssl-debuginfo-1.0.1e-48.el6_8.3.s390x.rpm openssl-perl-1.0.1e-48.el6_8.3.s390x.rpm openssl-static-1.0.1e-48.el6_8.3.s390x.rpm
x86_64: openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm openssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-static-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source: openssl-1.0.1e-48.el6_8.3.src.rpm
i386: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm
x86_64: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
i386: openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-perl-1.0.1e-48.el6_8.3.i686.rpm openssl-static-1.0.1e-48.el6_8.3.i686.rpm
x86_64: openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm openssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-static-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux Client (v. 7):
Source: openssl-1.0.1e-51.el7_2.7.src.rpm
x86_64: openssl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-libs-1.0.1e-51.el7_2.7.i686.rpm openssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64: openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-devel-1.0.1e-51.el7_2.7.i686.rpm openssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm openssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-static-1.0.1e-51.el7_2.7.i686.rpm openssl-static-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: openssl-1.0.1e-51.el7_2.7.src.rpm
x86_64: openssl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-libs-1.0.1e-51.el7_2.7.i686.rpm openssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
x86_64: openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-devel-1.0.1e-51.el7_2.7.i686.rpm openssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm openssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-static-1.0.1e-51.el7_2.7.i686.rpm openssl-static-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: openssl-1.0.1e-51.el7_2.7.src.rpm
ppc64: openssl-1.0.1e-51.el7_2.7.ppc64.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.ppc.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.ppc64.rpm openssl-devel-1.0.1e-51.el7_2.7.ppc.rpm openssl-devel-1.0.1e-51.el7_2.7.ppc64.rpm openssl-libs-1.0.1e-51.el7_2.7.ppc.rpm openssl-libs-1.0.1e-51.el7_2.7.ppc64.rpm
ppc64le: openssl-1.0.1e-51.el7_2.7.ppc64le.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.ppc64le.rpm openssl-devel-1.0.1e-51.el7_2.7.ppc64le.rpm openssl-libs-1.0.1e-51.el7_2.7.ppc64le.rpm
s390x: openssl-1.0.1e-51.el7_2.7.s390x.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.s390.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.s390x.rpm openssl-devel-1.0.1e-51.el7_2.7.s390.rpm openssl-devel-1.0.1e-51.el7_2.7.s390x.rpm openssl-libs-1.0.1e-51.el7_2.7.s390.rpm openssl-libs-1.0.1e-51.el7_2.7.s390x.rpm
x86_64: openssl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-devel-1.0.1e-51.el7_2.7.i686.rpm openssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm openssl-libs-1.0.1e-51.el7_2.7.i686.rpm openssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64: openssl-debuginfo-1.0.1e-51.el7_2.7.ppc.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.ppc64.rpm openssl-perl-1.0.1e-51.el7_2.7.ppc64.rpm openssl-static-1.0.1e-51.el7_2.7.ppc.rpm openssl-static-1.0.1e-51.el7_2.7.ppc64.rpm
ppc64le: openssl-debuginfo-1.0.1e-51.el7_2.7.ppc64le.rpm openssl-perl-1.0.1e-51.el7_2.7.ppc64le.rpm openssl-static-1.0.1e-51.el7_2.7.ppc64le.rpm
s390x: openssl-debuginfo-1.0.1e-51.el7_2.7.s390.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.s390x.rpm openssl-perl-1.0.1e-51.el7_2.7.s390x.rpm openssl-static-1.0.1e-51.el7_2.7.s390.rpm openssl-static-1.0.1e-51.el7_2.7.s390x.rpm
x86_64: openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-static-1.0.1e-51.el7_2.7.i686.rpm openssl-static-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: openssl-1.0.1e-51.el7_2.7.src.rpm
x86_64: openssl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-devel-1.0.1e-51.el7_2.7.i686.rpm openssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm openssl-libs-1.0.1e-51.el7_2.7.i686.rpm openssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64: openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-static-1.0.1e-51.el7_2.7.i686.rpm openssl-static-1.0.1e-51.el7_2.7.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2016-2177 https://access.redhat.com/security/cve/CVE-2016-2178 https://access.redhat.com/security/cve/CVE-2016-2179 https://access.redhat.com/security/cve/CVE-2016-2180 https://access.redhat.com/security/cve/CVE-2016-2181 https://access.redhat.com/security/cve/CVE-2016-2182 https://access.redhat.com/security/cve/CVE-2016-6302 https://access.redhat.com/security/cve/CVE-2016-6304 https://access.redhat.com/security/cve/CVE-2016-6306 https://access.redhat.com/security/updates/classification/#important https://www.openssl.org/news/secadv/20160922.txt
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFX6nnFXlSAg2UNWIIRAqklAJ9uGMit/wxZ0CfuGjR7Vi2+AjmGMwCfTpEI xpTW7ApBLmKhVjs49DGYouI= =4VgY -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce .
The References section of this erratum contains a download link (you must log in to download the update). Additional information can be found at https://www.openssl.org/blog/blog/2016/06/27/undefined-pointer-arithmetic/
CVE-2016-2178
Cesar Pereida, Billy Brumley and Yuval Yarom discovered a timing
leak in the DSA code.
CVE-2016-2179 / CVE-2016-2181
Quan Luo and the OCAP audit team discovered denial of service
vulnerabilities in DTLS.
For the stable distribution (jessie), these problems have been fixed in version 1.0.1t-1+deb8u4.
For the unstable distribution (sid), these problems will be fixed soon. The JBoss server process must be restarted for the update to take effect. ========================================================================== Ubuntu Security Notice USN-3087-2 September 23, 2016
openssl regression
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary:
USN-3087-1 introduced a regression in OpenSSL. The fix for CVE-2016-2182 was incomplete and caused a regression when parsing certificates. This update fixes the problem.
We apologize for the inconvenience. This issue has only been addressed in Ubuntu 16.04 LTS in this update. (CVE-2016-2178) Quan Luo discovered that OpenSSL did not properly restrict the lifetime of queue entries in the DTLS implementation. (CVE-2016-2181) Shi Lei discovered that OpenSSL incorrectly validated division results. (CVE-2016-2182) Karthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES ciphers were vulnerable to birthday attacks. (CVE-2016-2183) Shi Lei discovered that OpenSSL incorrectly handled certain ticket lengths. (CVE-2016-6303) Shi Lei discovered that OpenSSL incorrectly performed certain message length checks. (CVE-2016-6306)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 16.04 LTS: libssl1.0.0 1.0.2g-1ubuntu4.5
Ubuntu 14.04 LTS: libssl1.0.0 1.0.1f-1ubuntu2.21
Ubuntu 12.04 LTS: libssl1.0.0 1.0.1-4ubuntu5.38
After a standard system update you need to reboot your computer to make all the necessary changes. If that client continually requests renegotiation, sending a large OCSP Status Request extension each time, then there will be unbounded memory growth on the server. Servers with a default configuration are vulnerable even if they do not support OCSP. Builds using the "no-ocsp" build time option are not affected.
Servers using OpenSSL versions prior to 1.0.1g are not vulnerable in a default configuration, instead only if an application explicitly enables OCSP stapling support.
OpenSSL 1.1.0 users should upgrade to 1.1.0a OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 29th August 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL development team.
SSL_peek() hang on empty record (CVE-2016-6305)
Severity: Moderate
OpenSSL 1.1.0 SSL/TLS will hang during a call to SSL_peek() if the peer sends an empty record. This could be exploited by a malicious peer in a Denial Of Service attack.
OpenSSL 1.1.0 users should upgrade to 1.1.0a
This issue was reported to OpenSSL on 10th September 2016 by Alex Gaynor. The fix was developed by Matt Caswell of the OpenSSL development team.
SWEET32 Mitigation (CVE-2016-2183)
Severity: Low
SWEET32 (https://sweet32.info) is an attack on older block cipher algorithms that use a block size of 64 bits. In mitigation for the SWEET32 attack DES based ciphersuites have been moved from the HIGH cipherstring group to MEDIUM in OpenSSL 1.0.1 and OpenSSL 1.0.2. OpenSSL 1.1.0 since release has had these ciphersuites disabled by default.
OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 16th August 2016 by Karthikeyan Bhargavan and Gaetan Leurent (INRIA). The fix was developed by Rich Salz of the OpenSSL development team.
OOB write in MDC2_Update() (CVE-2016-6303)
Severity: Low
An overflow can occur in MDC2_Update() either if called directly or through the EVP_DigestUpdate() function using MDC2. If an attacker is able to supply very large amounts of input data after a previous call to EVP_EncryptUpdate() with a partial block then a length check can overflow resulting in a heap corruption.
The amount of data needed is comparable to SIZE_MAX which is impractical on most platforms.
OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 11th August 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL development team.
Malformed SHA512 ticket DoS (CVE-2016-6302)
Severity: Low
If a server uses SHA512 for TLS session ticket HMAC it is vulnerable to a DoS attack where a malformed ticket will result in an OOB read which will ultimately crash.
The use of SHA512 in TLS session tickets is comparatively rare as it requires a custom server callback and ticket lookup mechanism.
OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 19th August 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL development team.
OOB write in BN_bn2dec() (CVE-2016-2182)
Severity: Low
The function BN_bn2dec() does not check the return value of BN_div_word(). This can cause an OOB write if an application uses this function with an overly large BIGNUM. This could be a problem if an overly large certificate or CRL is printed out from an untrusted source. TLS is not affected because record limits will reject an oversized certificate before it is parsed.
OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 2nd August 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL development team.
OOB read in TS_OBJ_print_bio() (CVE-2016-2180)
Severity: Low
The function TS_OBJ_print_bio() misuses OBJ_obj2txt(): the return value is the total length the OID text representation would use and not the amount of data written. This will result in OOB reads when large OIDs are presented.
OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 21st July 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL development team.
Pointer arithmetic undefined behaviour (CVE-2016-2177)
Severity: Low
Avoid some undefined pointer arithmetic
A common idiom in the codebase is to check limits in the following manner: "p + len > limit"
Where "p" points to some malloc'd data of SIZE bytes and limit == p + SIZE
"len" here could be from some externally supplied data (e.g. from a TLS message).
The rules of C pointer arithmetic are such that "p + len" is only well defined where len <= SIZE. Therefore the above idiom is actually undefined behaviour.
For example this could cause problems if some malloc implementation provides an address for "p" such that "p + len" actually overflows for values of len that are too big and therefore p + len < limit.
OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 4th May 2016 by Guido Vranken. The fix was developed by Matt Caswell of the OpenSSL development team.
Constant time flag not preserved in DSA signing (CVE-2016-2178)
Severity: Low
Operations in the DSA signing algorithm should run in constant time in order to avoid side channel attacks. A flaw in the OpenSSL DSA implementation means that a non-constant time codepath is followed for certain operations. This has been demonstrated through a cache-timing attack to be sufficient for an attacker to recover the private DSA key.
OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 23rd May 2016 by César Pereida (Aalto University), Billy Brumley (Tampere University of Technology), and Yuval Yarom (The University of Adelaide and NICTA). The fix was developed by César Pereida.
DTLS buffered message DoS (CVE-2016-2179)
Severity: Low
In a DTLS connection where handshake messages are delivered out-of-order those messages that OpenSSL is not yet ready to process will be buffered for later use. Under certain circumstances, a flaw in the logic means that those messages do not get removed from the buffer even though the handshake has been completed. An attacker could force up to approx. 15 messages to remain in the buffer when they are no longer required. These messages will be cleared when the DTLS connection is closed. The default maximum size for a message is 100k. Therefore the attacker could force an additional 1500k to be consumed per connection. By opening many simulataneous connections an attacker could cause a DoS attack through memory exhaustion.
OpenSSL 1.0.2 DTLS users should upgrade to 1.0.2i OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 22nd June 2016 by Quan Luo. The fix was developed by Matt Caswell of the OpenSSL development team.
DTLS replay protection DoS (CVE-2016-2181)
Severity: Low
A flaw in the DTLS replay attack protection mechanism means that records that arrive for future epochs update the replay protection "window" before the MAC for the record has been validated. This could be exploited by an attacker by sending a record for the next epoch (which does not have to decrypt or have a valid MAC), with a very large sequence number. This means that all subsequent legitimate packets are dropped causing a denial of service for a specific DTLS connection.
OpenSSL 1.0.2 DTLS users should upgrade to 1.0.2i OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 21st November 2015 by the OCAP audit team. The fix was developed by Matt Caswell of the OpenSSL development team.
Certificate message OOB reads (CVE-2016-6306)
Severity: Low
In OpenSSL 1.0.2 and earlier some missing message length checks can result in OOB reads of up to 2 bytes beyond an allocated buffer. There is a theoretical DoS risk but this has not been observed in practice on common platforms.
The messages affected are client certificate, client certificate request and server certificate. As a result the attack can only be performed against a client or a server which enables client authentication.
OpenSSL 1.1.0 is not affected.
OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 22nd August 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL development team.
Excessive allocation of memory in tls_get_message_header() (CVE-2016-6307)
Severity: Low
A TLS message includes 3 bytes for its length in the header for the message. This would allow for messages up to 16Mb in length. Messages of this length are excessive and OpenSSL includes a check to ensure that a peer is sending reasonably sized messages in order to avoid too much memory being consumed to service a connection. A flaw in the logic of version 1.1.0 means that memory for the message is allocated too early, prior to the excessive message length check. Due to way memory is allocated in OpenSSL this could mean an attacker could force up to 21Mb to be allocated to service a connection. However, the excessive message length check still takes place, and this would cause the connection to immediately fail. Assuming that the application calls SSL_free() on the failed conneciton in a timely manner then the 21Mb of allocated memory will then be immediately freed again. Therefore the excessive memory allocation will be transitory in nature. This then means that there is only a security impact if:
1) The application does not call SSL_free() in a timely manner in the event that the connection fails or 2) The application is working in a constrained environment where there is very little free memory or 3) The attacker initiates multiple connection attempts such that there are multiple connections in a state where memory has been allocated for the connection; SSL_free() has not yet been called; and there is insufficient memory to service the multiple requests.
Except in the instance of (1) above any Denial Of Service is likely to be transitory because as soon as the connection fails the memory is subsequently freed again in the SSL_free() call. However there is an increased risk during this period of application crashes due to the lack of memory - which would then mean a more serious Denial of Service.
This issue does not affect DTLS users.
OpenSSL 1.1.0 TLS users should upgrade to 1.1.0a
This issue was reported to OpenSSL on 18th September 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL development team.
Excessive allocation of memory in dtls1_preprocess_fragment() (CVE-2016-6308)
Severity: Low
This issue is very similar to CVE-2016-6307. The underlying defect is different but the security analysis and impacts are the same except that it impacts DTLS.
A DTLS message includes 3 bytes for its length in the header for the message. This would allow for messages up to 16Mb in length. Messages of this length are excessive and OpenSSL includes a check to ensure that a peer is sending reasonably sized messages in order to avoid too much memory being consumed to service a connection. A flaw in the logic of version 1.1.0 means that memory for the message is allocated too early, prior to the excessive message length check. Due to way memory is allocated in OpenSSL this could mean an attacker could force up to 21Mb to be allocated to service a connection. However, the excessive message length check still takes place, and this would cause the connection to immediately fail. Assuming that the application calls SSL_free() on the failed conneciton in a timely manner then the 21Mb of allocated memory will then be immediately freed again. Therefore the excessive memory allocation will be transitory in nature. This then means that there is only a security impact if:
1) The application does not call SSL_free() in a timely manner in the event that the connection fails or 2) The application is working in a constrained environment where there is very little free memory or 3) The attacker initiates multiple connection attempts such that there are multiple connections in a state where memory has been allocated for the connection; SSL_free() has not yet been called; and there is insufficient memory to service the multiple requests.
Except in the instance of (1) above any Denial Of Service is likely to be transitory because as soon as the connection fails the memory is subsequently freed again in the SSL_free() call. However there is an increased risk during this period of application crashes due to the lack of memory - which would then mean a more serious Denial of Service.
This issue does not affect TLS users.
OpenSSL 1.1.0 DTLS users should upgrade to 1.1.0a
This issue was reported to OpenSSL on 18th September 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL development team.
Note
As per our previous announcements and our Release Strategy (https://www.openssl.org/policies/releasestrat.html), support for OpenSSL version 1.0.1 will cease on 31st December 2016. No security updates for that version will be provided after that date. Users of 1.0.1 are advised to upgrade.
Support for versions 0.9.8 and 1.0.0 ended on 31st December 2015. Those versions are no longer receiving security updates.
References
URL for this Security Advisory: https://www.openssl.org/news/secadv/20160922.txt
Note: the online version of the advisory may be updated with additional details over time.
For details of OpenSSL severity classifications please see: https://www.openssl.org/policies/secpolicy.html
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201609-0593",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.2d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.2c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.2e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.2f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.2"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.2a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.2b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1q"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1m"
},
{
"model": "node.js",
"scope": "lt",
"trust": 1.0,
"vendor": "nodejs",
"version": "6.7.0"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2h"
},
{
"model": "node.js",
"scope": "gte",
"trust": 1.0,
"vendor": "nodejs",
"version": "6.0.0"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1r"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1p"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1a"
},
{
"model": "node.js",
"scope": "gte",
"trust": 1.0,
"vendor": "nodejs",
"version": "0.10.0"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1o"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1n"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1f"
},
{
"model": "node.js",
"scope": "lt",
"trust": 1.0,
"vendor": "nodejs",
"version": "0.12.16"
},
{
"model": "node.js",
"scope": "gte",
"trust": 1.0,
"vendor": "nodejs",
"version": "4.0.0"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1e"
},
{
"model": "node.js",
"scope": "lt",
"trust": 1.0,
"vendor": "nodejs",
"version": "4.6.0"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1s"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1l"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.1.0"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1t"
},
{
"model": "node.js",
"scope": "lt",
"trust": 1.0,
"vendor": "nodejs",
"version": "0.10.47"
},
{
"model": "suse linux enterprise module for web scripting",
"scope": "eq",
"trust": 1.0,
"vendor": "novell",
"version": "12.0"
},
{
"model": "node.js",
"scope": "gte",
"trust": 1.0,
"vendor": "nodejs",
"version": "0.12.0"
},
{
"model": "openssl",
"scope": "lt",
"trust": 0.8,
"vendor": "openssl",
"version": "1.1.0"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "enterprise v8.2 to v9.4"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "foundation v8.2 to v8.5"
},
{
"model": "enterpriseidentitymanager",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "st ard v8.2 to v9.4"
},
{
"model": "ix2000 series",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "secureware/pki application development kit",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "ver3.2"
},
{
"model": "webotx enterprise service bus",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v8.2 to v8.5"
},
{
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "none"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "sg3600 all series"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.2i"
},
{
"model": "linux enterprise module for web scripting",
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": "ucosminexus primary server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "base"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "express v8.2 to v9.4"
},
{
"model": "ucosminexus service platform",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "enterprisedirectoryserver",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v8.0 to v8.1"
},
{
"model": "ix1000 series",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "cosminexus http server",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "capssuite",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v3.0 to v4.0"
},
{
"model": "webotx portal",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v8.2 to v9.1"
},
{
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "-r"
},
{
"model": "esmpro/serveragentservice",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "all versions (linux edition )"
},
{
"model": "openssl",
"scope": "lt",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.2"
},
{
"model": "ix3000 series",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "node.js",
"scope": null,
"trust": 0.8,
"vendor": "node js",
"version": null
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.8,
"vendor": "openssl",
"version": "1.1.0a"
},
{
"model": "paging server",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "0"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.10"
},
{
"model": "webex centers t32",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "fujitsu m10-1 server xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2280"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.3"
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "sterling connect:express for unix ifix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.13150-13"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.34"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2.2.0"
},
{
"model": "clean access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.2"
},
{
"model": "fujitsu m10-4 server xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2271"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.22"
},
{
"model": "nexus series blade switches 4.1 e1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4000"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.0.0"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.9"
},
{
"model": "telepresence content server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "proactive network operations center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "sparc enterprise m5000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1118"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.5"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "69010"
},
{
"model": "anyconnect secure mobility client for linux",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.7"
},
{
"model": "ucs central software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance media server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.13"
},
{
"model": "nac appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "7.0.3"
},
{
"model": "stealthwatch management console",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 1.0.1e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "tivoli provisioning manager for os deployment 5.1.fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.16"
},
{
"model": "ios and cisco ios xe software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "16.2"
},
{
"model": "anyconnect secure mobility client for android",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.7"
},
{
"model": "project openssl 1.0.2g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "jabber software development kit",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"model": "project openssl 1.0.1a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "computer telephony integration object server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified workforce optimization",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "industrial router 1.2.1rb4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "910"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.0.1"
},
{
"model": "communications session border controller scz7.4.0",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.8"
},
{
"model": "powerkvm",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.2.0"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1209"
},
{
"model": "ip interoperability and collaboration system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "asr series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50000"
},
{
"model": "edge digital media player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3400"
},
{
"model": "nexus series switches standalone nx-os mode",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9000-0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.29"
},
{
"model": "unified contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network protection",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.3.1"
},
{
"model": "nexus series switches standalone nx-os mode 7.0 i5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9000-"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.11"
},
{
"model": "nexus series switches 5.2.8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7000"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.8"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.0.10"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3361"
},
{
"model": "anyconnect secure mobility client for desktop platforms",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.20"
},
{
"model": "smartcloud entry appliance fi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.4"
},
{
"model": "sparc enterprise m8000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1121"
},
{
"model": "sdk for node.js",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.0.0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.3"
},
{
"model": "jabber guest",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.23"
},
{
"model": "prime license manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance ptz ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.9"
},
{
"model": "series digital media players 5.3.6 rb3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4300"
},
{
"model": "stealthwatch flowcollector sflow",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3394"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.6"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.0"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2.2"
},
{
"model": "visual quality experience server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.20"
},
{
"model": "content security management appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance series ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "60002.9"
},
{
"model": "agent for openflow",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime collaboration provisioning",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.3"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.2.4"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.2"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.8"
},
{
"model": "ons series multiservice provisioning platforms",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1"
},
{
"model": "anyconnect secure mobility client for desktop platforms",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.4"
},
{
"model": "netsight appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "7.0.3"
},
{
"model": "telepresence sx series ce8.2.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "prime collaboration assurance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.21"
},
{
"model": "asa next-generation firewall services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.6"
},
{
"model": "email security appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0.1"
},
{
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8200"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.12"
},
{
"model": "unified communications manager im \u0026 presence service (formerly c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ios and cisco ios xe software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "16.3"
},
{
"model": "sparc enterprise m3000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1121"
},
{
"model": "identifi wireless",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "10.11"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2.2"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.5"
},
{
"model": "webex meetings for blackberry",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.24"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.22"
},
{
"model": "project openssl 1.0.1g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.20"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.0"
},
{
"model": "infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "9"
},
{
"model": "infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "10.1"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.0.12"
},
{
"model": "fujitsu m12-2 server xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3000"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "10.2"
},
{
"model": "security virtual server protection for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.1"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.2"
},
{
"model": "infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "10"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.0.2"
},
{
"model": "firesight system software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.0.1.3"
},
{
"model": "anyconnect secure mobility client for mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x4.0.7"
},
{
"model": "common services platform collector",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.11"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"model": "partner support service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "media services interface",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cloud web security",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 1.0.1i",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "prime collaboration assurance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6"
},
{
"model": "jabber for iphone and ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.6"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0"
},
{
"model": "email gateway 7.6.2h968406",
"scope": null,
"trust": 0.3,
"vendor": "mcafee",
"version": null
},
{
"model": "unified attendant console advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "common services platform collector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "anyconnect secure mobility client for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence mx series ce8.2.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.6.2"
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "spectrum control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.8"
},
{
"model": "webex meetings client on-premises",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "project openssl 1.0.1s",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "unified intelligence center",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6(1)"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2.0.12"
},
{
"model": "services provisioning platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nac appliance clean access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.0.0"
},
{
"model": "ucs b-series blade servers",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1.3"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.6"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10000"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "tivoli provisioning manager for os deployment build",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.20290.1"
},
{
"model": "jabber for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "asa next-generation firewall services",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1.2"
},
{
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.0.0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.14"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.405"
},
{
"model": "communications session border controller scz7.3.0",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "api gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1.2.4.0"
},
{
"model": "unified attendant console premium edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.5"
},
{
"model": "services provisioning platform sfp1.1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.7"
},
{
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mysql workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.1.5"
},
{
"model": "video surveillance series high-definition ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40000"
},
{
"model": "jabber for android",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"model": "anyconnect secure mobility client for desktop platforms",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3.4"
},
{
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.2.2"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2.0.2"
},
{
"model": "infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "12"
},
{
"model": "video surveillance series ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30002.9"
},
{
"model": "series digital media players 5.3.6 rb3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4400"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4.1.0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2.1.4"
},
{
"model": "project openssl 1.0.1r",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "mysql workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.3.8"
},
{
"model": "cognos metrics manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"model": "fujitsu m12-2s server xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2290"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.10"
},
{
"model": "sparc enterprise m4000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1118"
},
{
"model": "stealthwatch identity",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "aironet series access points",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "270016.2"
},
{
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.2.1"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.44"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.1.0"
},
{
"model": "application policy infrastructure controller",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2(1)"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.30"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.2"
},
{
"model": "jboss web server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "0"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.1.0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.26"
},
{
"model": "aironet series access points",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "270016.1"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.19"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2.0.4"
},
{
"model": "show and share",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified workforce optimization quality management solution 11.5 su1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "telepresence system ex series tc7.3.7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "universal small cell iuh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.5"
},
{
"model": "infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "11.1"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.24"
},
{
"model": "tivoli provisioning manager for images",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.19"
},
{
"model": "ucs director",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tivoli provisioning manager for images build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.20280.6"
},
{
"model": "infinity",
"scope": "ne",
"trust": 0.3,
"vendor": "pexip",
"version": "13"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.3"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.16"
},
{
"model": "jabber client framework components",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"model": "telepresence isdn link",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence profile series tc7.3.7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings client on-premises t32",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "dcm series d9900 digital content manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.4"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70006.2.19"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.5.1"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.6"
},
{
"model": "unified attendant console business edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.2.3"
},
{
"model": "project openssl 1.0.2i",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.14"
},
{
"model": "tealeaf customer experience",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "aironet series access points",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "270016.4"
},
{
"model": "bigfix remote control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.2"
},
{
"model": "powerkvm",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "enterprise manager ops center",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1.4"
},
{
"model": "mds series multilayer switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"model": "prime network services controller 1.01u",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.12"
},
{
"model": "oss support tools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.9.15.9.8"
},
{
"model": "firesight system software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.4.0.10"
},
{
"model": "worklight consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.0"
},
{
"model": "universal small cell series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50000"
},
{
"model": "nexus series switches 5.2 sv3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1000v"
},
{
"model": "telepresence system tx1310",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified communications domain manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "fujitsu m10-1 server xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2320"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.34"
},
{
"model": "telepresence server on multiparty media and",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3103204.4"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.4"
},
{
"model": "tivoli provisioning manager for os deployment build",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1051.08"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.10"
},
{
"model": "project openssl 1.0.2h",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "nac guest server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "enterprise content delivery system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.2"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.11"
},
{
"model": "anyconnect secure mobility client for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "fujitsu m10-4s server xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2271"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.1"
},
{
"model": "telepresence system ex series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime collaboration deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2.1.0"
},
{
"model": "webex business suite",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "dx series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ios and cisco ios xe software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "15.5(3)"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.6.6"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2.1.2"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.18"
},
{
"model": "anyconnect secure mobility client for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.19"
},
{
"model": "fujitsu m12-2 server xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2320"
},
{
"model": "nexus series blade switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40000"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.17"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.18"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5.0.0"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.11"
},
{
"model": "telepresence system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "500-376.1"
},
{
"model": "jabber for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"model": "telepresence profile series ce8.2.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.14"
},
{
"model": "enterprise manager base platform",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "13.1.0.0"
},
{
"model": "purview appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "7.0.3"
},
{
"model": "ace30 application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.28"
},
{
"model": "edge digital media player 1.6rb5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "300"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "69450"
},
{
"model": "telepresence isdn gateway mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83210"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.10"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.43"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4.0.0"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.6.1.0"
},
{
"model": "jabber software development kit",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "wireless lan controller",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.4"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2.0.6"
},
{
"model": "uc integration for microsoft lync",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6.3"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.18"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.0.0"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4.5.0"
},
{
"model": "rational application developer for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "unified contact center enterprise",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6.1"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.404"
},
{
"model": "telepresence system tx1310",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1"
},
{
"model": "spa112 2-port phone adapter",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.4.2"
},
{
"model": "tivoli provisioning manager for os deployment build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.151.05"
},
{
"model": "connected grid routers",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.3"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.4.1.2"
},
{
"model": "enterprise manager base platform",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1"
},
{
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3"
},
{
"model": "netsight appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "6.0"
},
{
"model": "telepresence mx series tc7.3.7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.16"
},
{
"model": "ip interoperability and collaboration system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0(1)"
},
{
"model": "sparc enterprise m4000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1121"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.4"
},
{
"model": "sparc enterprise m9000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1117"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.26"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.14"
},
{
"model": "project openssl 1.0.1c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "nac appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "6.3.0.179"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.35"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.11"
},
{
"model": "spa122 analog telephone adapter with router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "universal small cell series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "50003.5.12.23"
},
{
"model": "universal small cell series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50003.4.2.0"
},
{
"model": "connected grid routers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "uc integration for microsoft lync",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0.1"
},
{
"model": "mysql enterprise monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.1.1049"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1768"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.36"
},
{
"model": "openssh for gpfs for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5"
},
{
"model": "netsight appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "6.4"
},
{
"model": "project openssl 1.0.1f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.401"
},
{
"model": "project openssl 1.0.2a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.8"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.15"
},
{
"model": "bigfix remote control",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.3"
},
{
"model": "unity express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "fujitsu m10-4s server xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2320"
},
{
"model": "project openssl 1.0.2f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.22"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "13000"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.30"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.9"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.19"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.10"
},
{
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.0"
},
{
"model": "tivoli provisioning manager for images",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.0"
},
{
"model": "macos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.12.1"
},
{
"model": "tandberg codian isdn gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "email gateway 7.6.405h1165239",
"scope": null,
"trust": 0.3,
"vendor": "mcafee",
"version": null
},
{
"model": "jabber guest",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11"
},
{
"model": "netsight appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "6.3"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.9"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.6"
},
{
"model": "business intelligence enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1.1.9.0"
},
{
"model": "digital media manager 5.3.6 rb3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4.4.0"
},
{
"model": "identifi wireless",
"scope": "ne",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "10.21"
},
{
"model": "series digital media players",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44000"
},
{
"model": "ata series analog terminal adaptors",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1901.3"
},
{
"model": "prime network services controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ata series analog terminal adaptors",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1900"
},
{
"model": "asr series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "500021.2"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2.2.2"
},
{
"model": "project openssl 1.0.1t",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.15"
},
{
"model": "ons series multiservice provisioning platforms",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1545410.7"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.12"
},
{
"model": "telepresence system series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "cognos metrics manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.23"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.24"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.12"
},
{
"model": "worklight consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.2"
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.19"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2.3"
},
{
"model": "hosted collaboration mediation fulfillment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified communications manager session management edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.0.4"
},
{
"model": "fujitsu m10-4 server xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2230"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.2"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.27"
},
{
"model": "security guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.2"
},
{
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.0"
},
{
"model": "webex meetings server multimedia platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "unified ip conference phone 10.3.1sr4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8831"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.7"
},
{
"model": "prime network registrar",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.3.5"
},
{
"model": "netsight appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "6.3.0.179"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2.2.4"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.20"
},
{
"model": "project openssl 1.0.2d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "series stackable managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"model": "prime access registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified intelligent contact management enterprise",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6.1"
},
{
"model": "stealthwatch flowcollector netflow",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.14"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.3.2"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.0.6"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4.3.0"
},
{
"model": "ucs manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "network analysis module",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2(2)"
},
{
"model": "video surveillance 4300e and 4500e high-definition ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified attendant console department edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.26"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.0.8"
},
{
"model": "ip series phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "78000"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "27000"
},
{
"model": "onepk all-in-one virtual machine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3387"
},
{
"model": "fujitsu m10-4 server xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2290"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.6.0.1"
},
{
"model": "netsight appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "7.0"
},
{
"model": "industrial router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9100"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.1"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "unified intelligence center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "sparc enterprise m5000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1121"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "11"
},
{
"model": "video distribution suite for internet streaming",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "13006.1"
},
{
"model": "sdk for node.js",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.7.0.0"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.7.1"
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.116"
},
{
"model": "cloupia unified infrastructure controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50000"
},
{
"model": "telepresence system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11006.1"
},
{
"model": "agent desktop for cisco unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "packaged contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.0"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.31"
},
{
"model": "adaptive security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.8"
},
{
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.2"
},
{
"model": "telepresence sx series tc7.3.7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "tealeaf customer experience",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.19"
},
{
"model": "cognos metrics manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.5"
},
{
"model": "project openssl 1.0.1n",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "nac appliance clean access server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "project openssl 1.0.1o",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "fujitsu m10-4 server xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2280"
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"model": "sdk for node.js",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.4"
},
{
"model": "webex meetings for windows phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "80"
},
{
"model": "firesight system software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1.0.1"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.27"
},
{
"model": "spa232d multi-line dect analog telephone adapter",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "fujitsu m12-2s server xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2230"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.1"
},
{
"model": "prime optical for service providers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.10"
},
{
"model": "smart care",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "8"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4.6.0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.16"
},
{
"model": "universal small cell cloudbase factory recovery root filesystem",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.99.4"
},
{
"model": "security network protection",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.11"
},
{
"model": "edge digital media player 1.2rb1.0.3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "340"
},
{
"model": "network performance analysis",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.1.8"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "60006.2.19"
},
{
"model": "unified ip conference phone for third-party call control",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "fujitsu m12-1 server xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2230"
},
{
"model": "project openssl 1.0.2e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "sonas",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.2.5"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.14"
},
{
"model": "webex meetings for windows phone",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "82.8"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.2.0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.1.0"
},
{
"model": "security guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "project openssl 1.0.1q",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "spectrum control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.10"
},
{
"model": "universal small cell cloudbase factory recovery root filesystem",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.0"
},
{
"model": "secure access control system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.8.0.32.7"
},
{
"model": "fujitsu m10-1 server xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2271"
},
{
"model": "telepresence integrator c series ce8.2.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "tivoli provisioning manager for os deployment intirim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.133"
},
{
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.3"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.9"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2"
},
{
"model": "webex meetings client hosted",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.13"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2.0.8"
},
{
"model": "content security management appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1.140"
},
{
"model": "security virtual server protection for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.8"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"model": "stealthwatch udp director",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "intrusion prevention system solutions",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified ip conference phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"model": "nexus series switches 5.2.8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6000"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.18"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2.1"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.36"
},
{
"model": "fujitsu m12-1 server xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2290"
},
{
"model": "smartcloud entry appliance fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.4"
},
{
"model": "jabber client framework components",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime ip express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified sip proxy software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.4"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.6"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"model": "mysql workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.1.4"
},
{
"model": "communications session border controller scz7.2.0",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "security manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "netflow generation appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jabber for mac",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.403"
},
{
"model": "unified sip proxy software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "purview appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "6.0"
},
{
"model": "mysql enterprise monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.1.4.7895"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "99510"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.20"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.3"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89450"
},
{
"model": "telepresence supervisor mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "80500"
},
{
"model": "tivoli provisioning manager for os deployment build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.20280.6"
},
{
"model": "netsight appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "5.0"
},
{
"model": "telepresence server and mse",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "701087104.4"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.10"
},
{
"model": "ucs series and series fabric interconnects",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "620063000"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.12"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2.2"
},
{
"model": "webex meeting center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.11"
},
{
"model": "communications eagle lnp application processor",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.0"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.4"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.24"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.6.0.0"
},
{
"model": "nac appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "6.0"
},
{
"model": "purview appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "6.4"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.0"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.1"
},
{
"model": "netflow generation appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.1(1)"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.8"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.13"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.5.2"
},
{
"model": "enterprise content management system monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2.2"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.6"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.0"
},
{
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.71"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.11"
},
{
"model": "socialminer",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nac appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "6.4"
},
{
"model": "sparc enterprise m8000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1117"
},
{
"model": "powerkvm update",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.1.3-6513"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.34"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.2.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "spa112 2-port phone adapter",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "intracer",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance series high-definition ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "40002.9"
},
{
"model": "purview appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "6.3"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.18"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.0.2"
},
{
"model": "tivoli provisioning manager for os deployment build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1051.07"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.3"
},
{
"model": "jabber for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "oss support tools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.8.15.7.15"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.26"
},
{
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.1.3"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.4"
},
{
"model": "business intelligence enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.2.1.3.0"
},
{
"model": "prime infrastructure",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "telepresence video communication server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nac appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "6.3"
},
{
"model": "infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "9.1"
},
{
"model": "video surveillance 4300e and 4500e high-definition ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.9"
},
{
"model": "jboss core services on rhel server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "70"
},
{
"model": "powerkvm update",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.23"
},
{
"model": "computer telephony integration object server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6.1"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11000"
},
{
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "7"
},
{
"model": "telepresence sx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.18"
},
{
"model": "telepresence server on multiparty media and",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3103200"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.2"
},
{
"model": "enterprise content management system monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.1"
},
{
"model": "content security appliance update servers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.0.1"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"model": "videoscape anyres live",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9.7.2"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "99710"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.6.4"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.6"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.9"
},
{
"model": "sparc enterprise m3000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1117"
},
{
"model": "netsight appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "4.4"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.32"
},
{
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.2.3"
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.0.2"
},
{
"model": "security guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.4"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.1"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"model": "firesight system software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.4.1.9"
},
{
"model": "macos",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "10.12.2"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.13"
},
{
"model": "universal small cell iuh",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.17.3"
},
{
"model": "ata analog telephone adaptor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1870"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1.1"
},
{
"model": "project openssl 1.0.1m",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "ios and cisco ios xe software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "16.4"
},
{
"model": "telepresence system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "500-326.1"
},
{
"model": "unity express",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10"
},
{
"model": "expressway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "virtualization experience media edition",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"model": "vm virtualbox",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "5.1.8"
},
{
"model": "sdk for node.js",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.15"
},
{
"model": "small business series managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3000"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.35"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.3.1"
},
{
"model": "fujitsu m12-2s server xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3000"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.6"
},
{
"model": "telepresence system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10006.1"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2.0.0"
},
{
"model": "telepresence isdn gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32410"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.30"
},
{
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "edge digital media player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3000"
},
{
"model": "series smart plus switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2200"
},
{
"model": "fujitsu m12-1 server xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3000"
},
{
"model": "enterprise manager ops center",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.2.2"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"model": "sparc enterprise m9000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1118"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.21"
},
{
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.0"
},
{
"model": "smartcloud entry appliance fi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.0.4"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1000v0"
},
{
"model": "netsight appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "5.1"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.34"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.5.1"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.5"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.6"
},
{
"model": "mysql enterprise monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.4.1102"
},
{
"model": "virtual security gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.32"
},
{
"model": "access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.4.3.0"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.5"
},
{
"model": "nac appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "7.0"
},
{
"model": "fujitsu m10-4s server xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2230"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.38"
},
{
"model": "telepresence tx9000 series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.35"
},
{
"model": "smartcloud entry appliance fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.4"
},
{
"model": "netsight appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "7.0.5"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.21"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.22"
},
{
"model": "project openssl 1.0.1j",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.12"
},
{
"model": "series digital media players",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "43000"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.1.6"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.1.4"
},
{
"model": "universal small cell series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70003.4.2.0"
},
{
"model": "telepresence system series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30006.1"
},
{
"model": "unity connection",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.4"
},
{
"model": "security manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.13"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.0"
},
{
"model": "ucs b-series blade servers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"model": "identifi wireless",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "10.11.1"
},
{
"model": "mysql enterprise monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.1.3.7856"
},
{
"model": "ucs standalone c-series rack server integrated management cont",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.12"
},
{
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.1"
},
{
"model": "telepresence integrator c series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "spectrum control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.9"
},
{
"model": "security network protection",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2.5"
},
{
"model": "project openssl 1.0.1d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "fujitsu m10-4s server xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2290"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.6.0.0"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3381"
},
{
"model": "enterprise content delivery system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.9"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.5.1"
},
{
"model": "infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "7"
},
{
"model": "mds series multilayer switches 5.2.8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9000"
},
{
"model": "series digital media players 5.4.1 rb4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4300"
},
{
"model": "ucs standalone c-series rack server integrated management cont",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "-3.0"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.2.1"
},
{
"model": "ios and cisco ios xe software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "16.1"
},
{
"model": "infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "4"
},
{
"model": "prime network",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence tx9000 series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4.2.0"
},
{
"model": "prime performance manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tealeaf customer experience on cloud network capture add-on",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "16.1.01"
},
{
"model": "smart net total care local collector appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "prime collaboration provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.12"
},
{
"model": "project openssl 1.1.0a",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "connected grid routers",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "15.8.9"
},
{
"model": "network analysis module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.5.2"
},
{
"model": "nexus series fabric switches aci mode",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9000-0"
},
{
"model": "fujitsu m10-4 server xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2320"
},
{
"model": "prime performance manager sp1611",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.7"
},
{
"model": "worklight consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.1"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.12"
},
{
"model": "fujitsu m10-4s server xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2280"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.22"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.6.0"
},
{
"model": "unified ip phone 9.3 sr3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6901"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.16"
},
{
"model": "telepresence server and mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "701087100"
},
{
"model": "infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "12.2"
},
{
"model": "jboss core services on rhel server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "60"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.1.3"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.10"
},
{
"model": "mds series multilayer switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "90006.2.19"
},
{
"model": "aironet series access points",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "270015.5(3)"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.18"
},
{
"model": "spectrum control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.11"
},
{
"model": "telepresence server on virtual machine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mysql enterprise monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.3.0.1098"
},
{
"model": "webex meetings for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational application developer for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"model": "nexus series switches 5.2.8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3376"
},
{
"model": "nac appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "5.0"
},
{
"model": "digital media manager 5.4.1 rb4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "unified workforce optimization quality management solution",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "telepresence integrator c series tc7.3.7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.3"
},
{
"model": "sparc enterprise m9000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1121"
},
{
"model": "spa122 analog telephone adapter with router",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.4.2"
},
{
"model": "cloud object storage",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.1"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.2"
},
{
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.2"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.14"
},
{
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.2.4"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.3"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.4"
},
{
"model": "unified intelligent contact management enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "purview appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "7.0.6"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.10"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2.4"
},
{
"model": "application and content networking system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 1.0.1k",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "anyconnect secure mobility client for ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "business intelligence enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1.1.7.0"
},
{
"model": "ace application control engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "47100"
},
{
"model": "oss support tools",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "8.15.17.3.14"
},
{
"model": "anyconnect secure mobility client for mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x0"
},
{
"model": "fujitsu m12-2s server xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2320"
},
{
"model": "business intelligence enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.2.1.2.0"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.2"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.4.1.2"
},
{
"model": "tealeaf customer experience",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.2"
},
{
"model": "project openssl 1.0.1b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "prime infrastructure plug and play standalone gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.2"
},
{
"model": "tivoli provisioning manager for images build",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.20290.1"
},
{
"model": "virtual security gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1.6"
},
{
"model": "nac appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "7.0.6"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "50006.2.19"
},
{
"model": "project openssl 1.0.1u",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.0.14"
},
{
"model": "telepresence conductor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "application policy infrastructure controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0"
},
{
"model": "jabber for mac",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "fujitsu m12-1 server xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2320"
},
{
"model": "infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "8.1"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.2.2"
},
{
"model": "jabber for iphone and ipad",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"model": "prime network registrar",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.3"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.0.0"
},
{
"model": "cognos metrics manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2"
},
{
"model": "infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "12.1"
},
{
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.0"
},
{
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.1"
},
{
"model": "telepresence video communication server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x8.8.3"
},
{
"model": "netsight appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "7.0.6"
},
{
"model": "communications eagle lnp application processor",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.0.0"
},
{
"model": "sparc enterprise m4000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1117"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.4.1"
},
{
"model": "series digital media players 5.4.1 rb4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4400"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0"
},
{
"model": "multicast manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "aironet series access points",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "270016.3"
},
{
"model": "sterling b2b integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"model": "anyconnect secure mobility client for ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.7"
},
{
"model": "infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "5"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.16"
},
{
"model": "secure access control system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.8.0.32.8"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.4"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.8"
},
{
"model": "webex node for mcs",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence mcu",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5(1.89)"
},
{
"model": "management appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "anyconnect secure mobility client for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.7"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.1.2"
},
{
"model": "videoscape anyres live",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance ptz ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.2"
},
{
"model": "video distribution suite for internet streaming",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.003(002)"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2"
},
{
"model": "telepresence server on multiparty media",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8204.4"
},
{
"model": "telepresence serial gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.3"
},
{
"model": "project openssl 1.0.2c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.4"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.400"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89610"
},
{
"model": "expressway series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x8.8.3"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.12"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.3"
},
{
"model": "prime network",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "431"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.28"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.7"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500-320"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.33"
},
{
"model": "unified attendant console enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.14"
},
{
"model": "unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "fujitsu m10-1 server xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2230"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.26"
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.36"
},
{
"model": "network analysis module 6.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "telepresence system ex series ce8.2.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "prime data center network manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mxe series media experience engines",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "35000"
},
{
"model": "nac appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "5.1"
},
{
"model": "project openssl 1.0.2b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "universal small cell cloudbase factory recovery root filesystem",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.17.3"
},
{
"model": "videoscape control suite",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tandberg codian mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83200"
},
{
"model": "ip series phones vpn feature",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8800-0"
},
{
"model": "sparc enterprise m8000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1118"
},
{
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.0"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.9"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.3"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.42"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.25"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"model": "enterprise manager base platform",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "13.2.0.0"
},
{
"model": "tealeaf customer experience",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"model": "unified meetingplace 8.6mr1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "email gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.406-3402.103"
},
{
"model": "telepresence mx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tapi service provider",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance series ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70002.9"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500-370"
},
{
"model": "fujitsu m12-2 server xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2230"
},
{
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.2"
},
{
"model": "spa525g 5-line ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence profile series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.1.0"
},
{
"model": "secure access control system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified ip conference phone for third-party call control 9.3 sr3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8831"
},
{
"model": "unified ip series phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "79000"
},
{
"model": "fujitsu m10-1 server xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2290"
},
{
"model": "spa232d multi-line dect analog telephone adapter",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.4.2"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.6"
},
{
"model": "visual quality experience tools server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "virtualization experience media edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus series fabric switches aci mode",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9000-0"
},
{
"model": "enterprise manager ops center",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.3.2"
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "email gateway 7.6.405h1157986",
"scope": null,
"trust": 0.3,
"vendor": "mcafee",
"version": null
},
{
"model": "project openssl 1.0.1l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.7"
},
{
"model": "registered envelope service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.35"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.5"
},
{
"model": "universal small cell series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70003.5.12.23"
},
{
"model": "firesight system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smartcloud entry appliance fi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.0.4"
},
{
"model": "webex meetings client hosted t32",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.2"
},
{
"model": "unified meetingplace",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security virtual server protection for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1"
},
{
"model": "unified contact center express",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6"
},
{
"model": "infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "6"
},
{
"model": "tivoli provisioning manager for images system edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x7.1.1.0"
},
{
"model": "webex meetings server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.1.30"
},
{
"model": "sparc enterprise m3000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1118"
},
{
"model": "fujitsu m12-2 server xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2290"
},
{
"model": "project openssl 1.0.1h",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "sparc enterprise m5000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1117"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.13"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.402"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2.0.10"
},
{
"model": "project openssl 1.0.1p",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "93150"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004990"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-579"
},
{
"db": "NVD",
"id": "CVE-2016-6304"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2h:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2:beta3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2:beta2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1m:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1j:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1:beta2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1h:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1r:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1:beta3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1t:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1p:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1k:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1n:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1q:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1l:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1o:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1i:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
"cpe_name": [],
"versionEndExcluding": "0.12.16",
"versionStartIncluding": "0.12.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
"cpe_name": [],
"versionEndExcluding": "0.10.47",
"versionStartIncluding": "0.10.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.7.0",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.6.0",
"versionStartIncluding": "4.0.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:novell:suse_linux_enterprise_module_for_web_scripting:12.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-6304"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "142848"
},
{
"db": "PACKETSTORM",
"id": "143874"
},
{
"db": "PACKETSTORM",
"id": "138870"
},
{
"db": "PACKETSTORM",
"id": "142849"
},
{
"db": "PACKETSTORM",
"id": "143176"
},
{
"db": "PACKETSTORM",
"id": "139769"
},
{
"db": "PACKETSTORM",
"id": "143181"
}
],
"trust": 0.7
},
"cve": "CVE-2016-6304",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.8,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2016-6304",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2016-6304",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-6304",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201609-579",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2016-6304",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-6304"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004990"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-579"
},
{
"db": "NVD",
"id": "CVE-2016-6304"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple memory leaks in t1_lib.c in OpenSSL before 1.0.1u, 1.0.2 before 1.0.2i, and 1.1.0 before 1.1.0a allow remote attackers to cause a denial of service (memory consumption) via large OCSP Status Request extensions. OpenSSL is prone to denial-of-service vulnerability. \nAn attacker may exploit this issue to cause a denial-of-service condition. This software, such as Apache HTTP Server, is\ncommon to multiple JBoss middleware products, and is packaged under Red Hat\nJBoss Core Services to allow for faster distribution of updates, and for a\nmore consistent update experience. \n\nThis release of Red Hat JBoss Core Services Apache HTTP Server 2.4.23\nService Pack 1 serves as a replacement for Red Hat JBoss Core Services\nApache HTTP Server 2.4.23, and includes bug fixes, which are documented in\nthe Release Notes document linked to in the References. (CVE-2016-6304)\n\n* It was discovered that the mod_session_crypto module of httpd did not use\nany mechanisms to verify integrity of the encrypted session data stored in\nthe user\u0027s browser. (CVE-2016-0736)\n\n* It was discovered that the mod_auth_digest module of httpd did not\nproperly check for memory allocation failures. \n(CVE-2016-8610)\n\n* It was discovered that the HTTP parser in httpd incorrectly allowed\ncertain characters not permitted by the HTTP protocol specification to\nappear unencoded in HTTP request headers. If httpd was used in conjunction\nwith a proxy or backend server that interpreted those characters\ndifferently, a remote attacker could possibly use this flaw to inject data\ninto HTTP responses, resulting in proxy cache poisoning. (CVE-2016-8743)\n\n* A vulnerability was found in httpd\u0027s handling of the LimitRequestFields\ndirective in mod_http2, affecting servers with HTTP/2 enabled. An attacker\ncould send crafted requests with headers larger than the server\u0027s available\nmemory, causing httpd to crash. After installing the updated\npackages, the httpd daemon will be restarted automatically. Bugs fixed (https://bugzilla.redhat.com/):\n\n1377600 - CVE-2016-6304 openssl: OCSP Status Request extension unbounded memory growth\n1384743 - CVE-2016-8610 SSL/TLS: Malformed plain-text ALERT packets could cause remote DoS\n1401528 - CVE-2016-8740 httpd: Incomplete handling of LimitRequestFields directive in mod_http2\n1406744 - CVE-2016-0736 httpd: Padding Oracle in Apache mod_session_crypto\n1406753 - CVE-2016-2161 httpd: DoS vulnerability in mod_auth_digest\n1406822 - CVE-2016-8743 httpd: Apache HTTP Request Parsing Whitespace Defects\n1412120 - CVE-2016-7056 openssl: ECDSA P-256 timing attack key recovery\n\n6. JIRA issues fixed (https://issues.jboss.org/):\n\nJBCS-319 - Errata for httpd 2.4.23 SP1 RHEL 7\n\n7. \n\nApache Tomcat is a servlet container for the Java Servlet and JavaServer\nPages (JSP) technologies. The updates are documented in the Release Notes document\nlinked to in the References. If sendfile processing completed quickly, it was\npossible for the Processor to be added to the processor cache twice. This\ncould lead to invalid responses or information disclosure. (CVE-2017-5647)\n\n* A vulnerability was discovered in the error page mechanism in Tomcat\u0027s\nDefaultServlet implementation. A crafted HTTP request could cause undesired\nside effects, possibly including the removal or replacement of the custom\nerror page. Solution:\n\nBefore applying the update, back up your existing Red Hat JBoss Web Server\ninstallation (including all applications and configuration files). -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: openssl security update\nAdvisory ID: RHSA-2016:1940-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2016-1940.html\nIssue date: 2016-09-27\nCVE Names: CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 \n CVE-2016-2180 CVE-2016-2181 CVE-2016-2182 \n CVE-2016-6302 CVE-2016-6304 CVE-2016-6306 \n=====================================================================\n\n1. Summary:\n\nAn update for openssl is now available for Red Hat Enterprise Linux 6 and\nRed Hat Enterprise Linux 7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Desktop (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux HPC Node (v. 6) - x86_64\nRed Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64\nRed Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - x86_64\n\n3. Description:\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and\nTransport Layer Security (TLS) protocols, as well as a full-strength\ngeneral-purpose cryptography library. \n(CVE-2016-2178)\n\n* It was discovered that the Datagram TLS (DTLS) implementation could fail\nto release memory in certain cases. A malicious DTLS client could cause a\nDTLS server using OpenSSL to consume an excessive amount of memory and,\npossibly, exit unexpectedly after exhausting all available memory. A remote attacker could possibly use this flaw\nto make a DTLS server using OpenSSL to reject further packets sent from a\nDTLS client over an established DTLS connection. (CVE-2016-2181)\n\n* An out of bounds write flaw was discovered in the OpenSSL BN_bn2dec()\nfunction. (CVE-2016-2182)\n\n* A flaw was found in the DES/3DES cipher was used as part of the TLS/SSL\nprotocol. A man-in-the-middle attacker could use this flaw to recover some\nplaintext data by capturing large amounts of encrypted traffic between\nTLS/SSL server and client if the communication used a DES/3DES based\nciphersuite. (CVE-2016-2183)\n\nThis update mitigates the CVE-2016-2183 issue by lowering priority of DES\ncipher suites so they are not preferred over cipher suites using AES. For\ncompatibility reasons, DES cipher suites remain enabled by default and\nincluded in the set of cipher suites identified by the HIGH cipher string. \nFuture updates may move them to MEDIUM or not enable them by default. \n\n* An integer underflow flaw leading to a buffer over-read was found in the\nway OpenSSL parsed TLS session tickets. (CVE-2016-6302)\n\n* Multiple integer overflow flaws were found in the way OpenSSL performed\npointer arithmetic. A remote attacker could possibly use these flaws to\ncause a TLS/SSL server or client using OpenSSL to crash. (CVE-2016-2177)\n\n* An out of bounds read flaw was found in the way OpenSSL formatted Public\nKey Infrastructure Time-Stamp Protocol data for printing. An attacker could\npossibly cause an application using OpenSSL to crash if it printed time\nstamp data from the attacker. A remote attacker could\npossibly use these flaws to crash a TLS/SSL server or client using OpenSSL. \n(CVE-2016-6306)\n\nRed Hat would like to thank the OpenSSL project for reporting CVE-2016-6304\nand CVE-2016-6306 and OpenVPN for reporting CVE-2016-2183. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library\nmust be restarted, or the system rebooted. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1341705 - CVE-2016-2177 openssl: Possible integer overflow vulnerabilities in codebase\n1343400 - CVE-2016-2178 openssl: Non-constant time codepath followed for certain operations in DSA implementation\n1359615 - CVE-2016-2180 OpenSSL: OOB read in TS_OBJ_print_bio()\n1367340 - CVE-2016-2182 openssl: Out-of-bounds write caused by unchecked errors in BN_bn2dec()\n1369113 - CVE-2016-2181 openssl: DTLS replay protection bypass allows DoS against DTLS connection\n1369383 - CVE-2016-2183 SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)\n1369504 - CVE-2016-2179 openssl: DTLS memory exhaustion DoS when messages are not removed from fragment buffer\n1369855 - CVE-2016-6302 openssl: Insufficient TLS session ticket HMAC length checks\n1377594 - CVE-2016-6306 openssl: certificate message OOB reads\n1377600 - CVE-2016-6304 openssl: OCSP Status Request extension unbounded memory growth\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 6):\n\nSource:\nopenssl-1.0.1e-48.el6_8.3.src.rpm\n\ni386:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\n\nx86_64:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Optional (v. 6):\n\ni386:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-static-1.0.1e-48.el6_8.3.i686.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-static-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node (v. 6):\n\nSource:\nopenssl-1.0.1e-48.el6_8.3.src.rpm\n\nx86_64:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Optional (v. 6):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-static-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 6):\n\nSource:\nopenssl-1.0.1e-48.el6_8.3.src.rpm\n\ni386:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\n\nppc64:\nopenssl-1.0.1e-48.el6_8.3.ppc.rpm\nopenssl-1.0.1e-48.el6_8.3.ppc64.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.ppc.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.ppc64.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.ppc.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.ppc64.rpm\n\ns390x:\nopenssl-1.0.1e-48.el6_8.3.s390.rpm\nopenssl-1.0.1e-48.el6_8.3.s390x.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.s390.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.s390x.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.s390.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.s390x.rpm\n\nx86_64:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 6):\n\ni386:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-static-1.0.1e-48.el6_8.3.i686.rpm\n\nppc64:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.ppc64.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.ppc64.rpm\nopenssl-static-1.0.1e-48.el6_8.3.ppc64.rpm\n\ns390x:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.s390x.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.s390x.rpm\nopenssl-static-1.0.1e-48.el6_8.3.s390x.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-static-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 6):\n\nSource:\nopenssl-1.0.1e-48.el6_8.3.src.rpm\n\ni386:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\n\nx86_64:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 6):\n\ni386:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-static-1.0.1e-48.el6_8.3.i686.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-static-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nopenssl-1.0.1e-51.el7_2.7.src.rpm\n\nx86_64:\nopenssl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-static-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-static-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nopenssl-1.0.1e-51.el7_2.7.src.rpm\n\nx86_64:\nopenssl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-static-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-static-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nopenssl-1.0.1e-51.el7_2.7.src.rpm\n\nppc64:\nopenssl-1.0.1e-51.el7_2.7.ppc64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.ppc.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.ppc64.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.ppc.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.ppc64.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.ppc.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.ppc64.rpm\n\nppc64le:\nopenssl-1.0.1e-51.el7_2.7.ppc64le.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.ppc64le.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.ppc64le.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.ppc64le.rpm\n\ns390x:\nopenssl-1.0.1e-51.el7_2.7.s390x.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.s390.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.s390x.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.s390.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.s390x.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.s390.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.s390x.rpm\n\nx86_64:\nopenssl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.ppc.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.ppc64.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.ppc64.rpm\nopenssl-static-1.0.1e-51.el7_2.7.ppc.rpm\nopenssl-static-1.0.1e-51.el7_2.7.ppc64.rpm\n\nppc64le:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.ppc64le.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.ppc64le.rpm\nopenssl-static-1.0.1e-51.el7_2.7.ppc64le.rpm\n\ns390x:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.s390.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.s390x.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.s390x.rpm\nopenssl-static-1.0.1e-51.el7_2.7.s390.rpm\nopenssl-static-1.0.1e-51.el7_2.7.s390x.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-static-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-static-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nopenssl-1.0.1e-51.el7_2.7.src.rpm\n\nx86_64:\nopenssl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-static-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-static-1.0.1e-51.el7_2.7.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2016-2177\nhttps://access.redhat.com/security/cve/CVE-2016-2178\nhttps://access.redhat.com/security/cve/CVE-2016-2179\nhttps://access.redhat.com/security/cve/CVE-2016-2180\nhttps://access.redhat.com/security/cve/CVE-2016-2181\nhttps://access.redhat.com/security/cve/CVE-2016-2182\nhttps://access.redhat.com/security/cve/CVE-2016-6302\nhttps://access.redhat.com/security/cve/CVE-2016-6304\nhttps://access.redhat.com/security/cve/CVE-2016-6306\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://www.openssl.org/news/secadv/20160922.txt\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFX6nnFXlSAg2UNWIIRAqklAJ9uGMit/wxZ0CfuGjR7Vi2+AjmGMwCfTpEI\nxpTW7ApBLmKhVjs49DGYouI=\n=4VgY\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n\nThe References section of this erratum contains a download link (you must\nlog in to download the update). Additional information can be found at\n https://www.openssl.org/blog/blog/2016/06/27/undefined-pointer-arithmetic/ \n\nCVE-2016-2178\n\n Cesar Pereida, Billy Brumley and Yuval Yarom discovered a timing\n leak in the DSA code. \n\nCVE-2016-2179 / CVE-2016-2181\n\n Quan Luo and the OCAP audit team discovered denial of service\n vulnerabilities in DTLS. \n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 1.0.1t-1+deb8u4. \n\nFor the unstable distribution (sid), these problems will be fixed soon. The JBoss server process must be restarted for the update\nto take effect. ==========================================================================\nUbuntu Security Notice USN-3087-2\nSeptember 23, 2016\n\nopenssl regression\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 16.04 LTS\n- Ubuntu 14.04 LTS\n- Ubuntu 12.04 LTS\n\nSummary:\n\nUSN-3087-1 introduced a regression in OpenSSL. The fix for CVE-2016-2182 was\nincomplete and caused a regression when parsing certificates. This update\nfixes the problem. \n\nWe apologize for the inconvenience. This\n issue has only been addressed in Ubuntu 16.04 LTS in this update. (CVE-2016-2178)\n Quan Luo discovered that OpenSSL did not properly restrict the lifetime\n of queue entries in the DTLS implementation. (CVE-2016-2181)\n Shi Lei discovered that OpenSSL incorrectly validated division results. \n (CVE-2016-2182)\n Karthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES\n ciphers were vulnerable to birthday attacks. \n (CVE-2016-2183)\n Shi Lei discovered that OpenSSL incorrectly handled certain ticket lengths. (CVE-2016-6303)\n Shi Lei discovered that OpenSSL incorrectly performed certain message\n length checks. (CVE-2016-6306)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 16.04 LTS:\n libssl1.0.0 1.0.2g-1ubuntu4.5\n\nUbuntu 14.04 LTS:\n libssl1.0.0 1.0.1f-1ubuntu2.21\n\nUbuntu 12.04 LTS:\n libssl1.0.0 1.0.1-4ubuntu5.38\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. \nIf that client continually requests renegotiation, sending a large OCSP Status\nRequest extension each time, then there will be unbounded memory growth on the\nserver. Servers with a default configuration are vulnerable even if they do\nnot support OCSP. Builds using the \"no-ocsp\" build time option are not affected. \n\nServers using OpenSSL versions prior to 1.0.1g are not vulnerable in a default\nconfiguration, instead only if an application explicitly enables OCSP stapling\nsupport. \n\nOpenSSL 1.1.0 users should upgrade to 1.1.0a\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 29th August 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL\ndevelopment team. \n\nSSL_peek() hang on empty record (CVE-2016-6305)\n===============================================\n\nSeverity: Moderate\n\nOpenSSL 1.1.0 SSL/TLS will hang during a call to SSL_peek() if the peer sends an\nempty record. This could be exploited by a malicious peer in a Denial Of Service\nattack. \n\nOpenSSL 1.1.0 users should upgrade to 1.1.0a\n\nThis issue was reported to OpenSSL on 10th September 2016 by Alex Gaynor. The\nfix was developed by Matt Caswell of the OpenSSL development team. \n\nSWEET32 Mitigation (CVE-2016-2183)\n==================================\n\nSeverity: Low\n\nSWEET32 (https://sweet32.info) is an attack on older block cipher algorithms\nthat use a block size of 64 bits. In mitigation for the SWEET32 attack DES based\nciphersuites have been moved from the HIGH cipherstring group to MEDIUM in\nOpenSSL 1.0.1 and OpenSSL 1.0.2. OpenSSL 1.1.0 since release has had these\nciphersuites disabled by default. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 16th August 2016 by Karthikeyan\nBhargavan and Gaetan Leurent (INRIA). The fix was developed by Rich Salz of the\nOpenSSL development team. \n\nOOB write in MDC2_Update() (CVE-2016-6303)\n==========================================\n\nSeverity: Low\n\nAn overflow can occur in MDC2_Update() either if called directly or\nthrough the EVP_DigestUpdate() function using MDC2. If an attacker\nis able to supply very large amounts of input data after a previous\ncall to EVP_EncryptUpdate() with a partial block then a length check\ncan overflow resulting in a heap corruption. \n\nThe amount of data needed is comparable to SIZE_MAX which is impractical\non most platforms. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 11th August 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL\ndevelopment team. \n\nMalformed SHA512 ticket DoS (CVE-2016-6302)\n===========================================\n\nSeverity: Low\n\nIf a server uses SHA512 for TLS session ticket HMAC it is vulnerable to a\nDoS attack where a malformed ticket will result in an OOB read which will\nultimately crash. \n\nThe use of SHA512 in TLS session tickets is comparatively rare as it requires\na custom server callback and ticket lookup mechanism. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 19th August 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL\ndevelopment team. \n\nOOB write in BN_bn2dec() (CVE-2016-2182)\n========================================\n\nSeverity: Low\n\nThe function BN_bn2dec() does not check the return value of BN_div_word(). \nThis can cause an OOB write if an application uses this function with an\noverly large BIGNUM. This could be a problem if an overly large certificate\nor CRL is printed out from an untrusted source. TLS is not affected because\nrecord limits will reject an oversized certificate before it is parsed. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 2nd August 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL\ndevelopment team. \n\nOOB read in TS_OBJ_print_bio() (CVE-2016-2180)\n==============================================\n\nSeverity: Low\n\nThe function TS_OBJ_print_bio() misuses OBJ_obj2txt(): the return value is\nthe total length the OID text representation would use and not the amount\nof data written. This will result in OOB reads when large OIDs are presented. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 21st July 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL\ndevelopment team. \n\nPointer arithmetic undefined behaviour (CVE-2016-2177)\n======================================================\n\nSeverity: Low\n\nAvoid some undefined pointer arithmetic\n\nA common idiom in the codebase is to check limits in the following manner:\n\"p + len \u003e limit\"\n\nWhere \"p\" points to some malloc\u0027d data of SIZE bytes and\nlimit == p + SIZE\n\n\"len\" here could be from some externally supplied data (e.g. from a TLS\nmessage). \n\nThe rules of C pointer arithmetic are such that \"p + len\" is only well\ndefined where len \u003c= SIZE. Therefore the above idiom is actually\nundefined behaviour. \n\nFor example this could cause problems if some malloc implementation\nprovides an address for \"p\" such that \"p + len\" actually overflows for\nvalues of len that are too big and therefore p + len \u003c limit. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 4th May 2016 by Guido Vranken. The\nfix was developed by Matt Caswell of the OpenSSL development team. \n\nConstant time flag not preserved in DSA signing (CVE-2016-2178)\n===============================================================\n\nSeverity: Low\n\nOperations in the DSA signing algorithm should run in constant time in order to\navoid side channel attacks. A flaw in the OpenSSL DSA implementation means that\na non-constant time codepath is followed for certain operations. This has been\ndemonstrated through a cache-timing attack to be sufficient for an attacker to\nrecover the private DSA key. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 23rd May 2016 by C\u00e9sar Pereida (Aalto\nUniversity), Billy Brumley (Tampere University of Technology), and Yuval Yarom\n(The University of Adelaide and NICTA). The fix was developed by C\u00e9sar Pereida. \n\nDTLS buffered message DoS (CVE-2016-2179)\n=========================================\n\nSeverity: Low\n\nIn a DTLS connection where handshake messages are delivered out-of-order those\nmessages that OpenSSL is not yet ready to process will be buffered for later\nuse. Under certain circumstances, a flaw in the logic means that those messages\ndo not get removed from the buffer even though the handshake has been completed. \nAn attacker could force up to approx. 15 messages to remain in the buffer when\nthey are no longer required. These messages will be cleared when the DTLS\nconnection is closed. The default maximum size for a message is 100k. Therefore\nthe attacker could force an additional 1500k to be consumed per connection. By\nopening many simulataneous connections an attacker could cause a DoS attack\nthrough memory exhaustion. \n\nOpenSSL 1.0.2 DTLS users should upgrade to 1.0.2i\nOpenSSL 1.0.1 DTLS users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 22nd June 2016 by Quan Luo. The fix was\ndeveloped by Matt Caswell of the OpenSSL development team. \n\nDTLS replay protection DoS (CVE-2016-2181)\n==========================================\n\nSeverity: Low\n\nA flaw in the DTLS replay attack protection mechanism means that records that\narrive for future epochs update the replay protection \"window\" before the MAC\nfor the record has been validated. This could be exploited by an attacker by\nsending a record for the next epoch (which does not have to decrypt or have a\nvalid MAC), with a very large sequence number. This means that all subsequent\nlegitimate packets are dropped causing a denial of service for a specific\nDTLS connection. \n\nOpenSSL 1.0.2 DTLS users should upgrade to 1.0.2i\nOpenSSL 1.0.1 DTLS users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 21st November 2015 by the OCAP audit team. \nThe fix was developed by Matt Caswell of the OpenSSL development team. \n\nCertificate message OOB reads (CVE-2016-6306)\n=============================================\n\nSeverity: Low\n\nIn OpenSSL 1.0.2 and earlier some missing message length checks can result in\nOOB reads of up to 2 bytes beyond an allocated buffer. There is a theoretical\nDoS risk but this has not been observed in practice on common platforms. \n\nThe messages affected are client certificate, client certificate request and\nserver certificate. As a result the attack can only be performed against\na client or a server which enables client authentication. \n\nOpenSSL 1.1.0 is not affected. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 22nd August 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL\ndevelopment team. \n\nExcessive allocation of memory in tls_get_message_header() (CVE-2016-6307)\n==========================================================================\n\nSeverity: Low\n\nA TLS message includes 3 bytes for its length in the header for the message. \nThis would allow for messages up to 16Mb in length. Messages of this length are\nexcessive and OpenSSL includes a check to ensure that a peer is sending\nreasonably sized messages in order to avoid too much memory being consumed to\nservice a connection. A flaw in the logic of version 1.1.0 means that memory for\nthe message is allocated too early, prior to the excessive message length\ncheck. Due to way memory is allocated in OpenSSL this could mean an attacker\ncould force up to 21Mb to be allocated to service a connection. However, the excessive message\nlength check still takes place, and this would cause the connection to\nimmediately fail. Assuming that the application calls SSL_free() on the failed\nconneciton in a timely manner then the 21Mb of allocated memory will then be\nimmediately freed again. Therefore the excessive memory allocation will be\ntransitory in nature. This then means that there is only a security impact if:\n\n1) The application does not call SSL_free() in a timely manner in the\nevent that the connection fails\nor\n2) The application is working in a constrained environment where there\nis very little free memory\nor\n3) The attacker initiates multiple connection attempts such that there\nare multiple connections in a state where memory has been allocated for\nthe connection; SSL_free() has not yet been called; and there is\ninsufficient memory to service the multiple requests. \n\nExcept in the instance of (1) above any Denial Of Service is likely to\nbe transitory because as soon as the connection fails the memory is\nsubsequently freed again in the SSL_free() call. However there is an\nincreased risk during this period of application crashes due to the lack\nof memory - which would then mean a more serious Denial of Service. \n\nThis issue does not affect DTLS users. \n\nOpenSSL 1.1.0 TLS users should upgrade to 1.1.0a\n\nThis issue was reported to OpenSSL on 18th September 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL\ndevelopment team. \n\nExcessive allocation of memory in dtls1_preprocess_fragment() (CVE-2016-6308)\n=============================================================================\n\nSeverity: Low\n\nThis issue is very similar to CVE-2016-6307. The underlying defect is different\nbut the security analysis and impacts are the same except that it impacts DTLS. \n\nA DTLS message includes 3 bytes for its length in the header for the message. \nThis would allow for messages up to 16Mb in length. Messages of this length are\nexcessive and OpenSSL includes a check to ensure that a peer is sending\nreasonably sized messages in order to avoid too much memory being consumed to\nservice a connection. A flaw in the logic of version 1.1.0 means that memory for\nthe message is allocated too early, prior to the excessive message length\ncheck. Due to way memory is allocated in OpenSSL this could mean an attacker\ncould force up to 21Mb to be allocated to service a connection. However, the excessive message\nlength check still takes place, and this would cause the connection to\nimmediately fail. Assuming that the application calls SSL_free() on the failed\nconneciton in a timely manner then the 21Mb of allocated memory will then be\nimmediately freed again. Therefore the excessive memory allocation will be\ntransitory in nature. This then means that there is only a security impact if:\n\n1) The application does not call SSL_free() in a timely manner in the\nevent that the connection fails\nor\n2) The application is working in a constrained environment where there\nis very little free memory\nor\n3) The attacker initiates multiple connection attempts such that there\nare multiple connections in a state where memory has been allocated for\nthe connection; SSL_free() has not yet been called; and there is\ninsufficient memory to service the multiple requests. \n\nExcept in the instance of (1) above any Denial Of Service is likely to\nbe transitory because as soon as the connection fails the memory is\nsubsequently freed again in the SSL_free() call. However there is an\nincreased risk during this period of application crashes due to the lack\nof memory - which would then mean a more serious Denial of Service. \n\nThis issue does not affect TLS users. \n\nOpenSSL 1.1.0 DTLS users should upgrade to 1.1.0a\n\nThis issue was reported to OpenSSL on 18th September 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL\ndevelopment team. \n\nNote\n====\n\nAs per our previous announcements and our Release Strategy\n(https://www.openssl.org/policies/releasestrat.html), support for OpenSSL\nversion 1.0.1 will cease on 31st December 2016. No security updates for that\nversion will be provided after that date. Users of 1.0.1 are advised to\nupgrade. \n\nSupport for versions 0.9.8 and 1.0.0 ended on 31st December 2015. Those\nversions are no longer receiving security updates. \n\nReferences\n==========\n\nURL for this Security Advisory:\nhttps://www.openssl.org/news/secadv/20160922.txt\n\nNote: the online version of the advisory may be updated with additional details\nover time. \n\nFor details of OpenSSL severity classifications please see:\nhttps://www.openssl.org/policies/secpolicy.html\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-6304"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004990"
},
{
"db": "BID",
"id": "93150"
},
{
"db": "VULMON",
"id": "CVE-2016-6304"
},
{
"db": "PACKETSTORM",
"id": "142848"
},
{
"db": "PACKETSTORM",
"id": "143874"
},
{
"db": "PACKETSTORM",
"id": "138870"
},
{
"db": "PACKETSTORM",
"id": "142849"
},
{
"db": "PACKETSTORM",
"id": "143176"
},
{
"db": "PACKETSTORM",
"id": "138817"
},
{
"db": "PACKETSTORM",
"id": "139769"
},
{
"db": "PACKETSTORM",
"id": "143181"
},
{
"db": "PACKETSTORM",
"id": "138826"
},
{
"db": "PACKETSTORM",
"id": "169633"
}
],
"trust": 2.88
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-6304",
"trust": 3.8
},
{
"db": "BID",
"id": "93150",
"trust": 2.0
},
{
"db": "MCAFEE",
"id": "SB10171",
"trust": 1.7
},
{
"db": "MCAFEE",
"id": "SB10215",
"trust": 1.7
},
{
"db": "SIEMENS",
"id": "SSA-412672",
"trust": 1.7
},
{
"db": "TENABLE",
"id": "TNS-2016-21",
"trust": 1.7
},
{
"db": "TENABLE",
"id": "TNS-2016-20",
"trust": 1.7
},
{
"db": "TENABLE",
"id": "TNS-2016-16",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1036878",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1037640",
"trust": 1.7
},
{
"db": "PACKETSTORM",
"id": "139091",
"trust": 1.7
},
{
"db": "JUNIPER",
"id": "JSA10759",
"trust": 1.7
},
{
"db": "PULSESECURE",
"id": "SA40312",
"trust": 1.7
},
{
"db": "JVN",
"id": "JVNVU98667810",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004990",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2021.0680",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.0696",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4645",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-21-054-03",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201609-579",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-22-349-21",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-6304",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "142848",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "143874",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "138870",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "142849",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "143176",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "138817",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "139769",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "143181",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "138826",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169633",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-6304"
},
{
"db": "BID",
"id": "93150"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004990"
},
{
"db": "PACKETSTORM",
"id": "142848"
},
{
"db": "PACKETSTORM",
"id": "143874"
},
{
"db": "PACKETSTORM",
"id": "138870"
},
{
"db": "PACKETSTORM",
"id": "142849"
},
{
"db": "PACKETSTORM",
"id": "143176"
},
{
"db": "PACKETSTORM",
"id": "138817"
},
{
"db": "PACKETSTORM",
"id": "139769"
},
{
"db": "PACKETSTORM",
"id": "143181"
},
{
"db": "PACKETSTORM",
"id": "138826"
},
{
"db": "PACKETSTORM",
"id": "169633"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-579"
},
{
"db": "NVD",
"id": "CVE-2016-6304"
}
]
},
"id": "VAR-201609-0593",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.37975769357142847
},
"last_update_date": "2024-07-23T22:01:08.857000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20160927-openssl",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160927-openssl"
},
{
"title": "hitachi-sec-2017-103",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/prod/comp/soft1/global/security/info/vuls/hitachi-sec-2017-103/index.html"
},
{
"title": "1995039",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039"
},
{
"title": "NV17-001",
"trust": 0.8,
"url": "http://jpn.nec.com/security-info/secinfo/nv17-001.html"
},
{
"title": "OpenSSL 1.1.0 Series Release Notes",
"trust": 0.8,
"url": "https://www.openssl.org/news/openssl-1.1.0-notes.html"
},
{
"title": "OpenSSL 1.0.2 Series Release Notes",
"trust": 0.8,
"url": "https://www.openssl.org/news/openssl-1.0.2-notes.html"
},
{
"title": "OpenSSL 1.0.1 Series Release Notes",
"trust": 0.8,
"url": "https://www.openssl.org/news/openssl-1.0.1-notes.html"
},
{
"title": "Security updates for all active release lines, September 2016",
"trust": 0.8,
"url": "https://nodejs.org/en/blog/vulnerability/september-2016-security-releases/"
},
{
"title": "Fix OCSP Status Request extension unbounded memory growth",
"trust": 0.8,
"url": "https://git.openssl.org/?p=openssl.git;a=commit;h=2c0d295e26306e15a92eb23a84a1802005c1c137"
},
{
"title": "OCSP Status Request extension unbounded memory growth (CVE-2016-6304)",
"trust": 0.8,
"url": "https://www.openssl.org/news/secadv/20160922.txt"
},
{
"title": "SUSE-SU-2016:2470",
"trust": 0.8,
"url": "https://lists.opensuse.org/opensuse-security-announce/2016-10/msg00013.html"
},
{
"title": "Oracle Critical Patch Update Advisory - October 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"title": "Oracle Linux Bulletin - October 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html"
},
{
"title": "Oracle VM Server for x86 Bulletin - October 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html"
},
{
"title": "SA40312",
"trust": 0.8,
"url": "https://kb.pulsesecure.net/articles/pulse_security_advisories/sa40312"
},
{
"title": "SA132",
"trust": 0.8,
"url": "https://bto.bluecoat.com/security-advisory/sa132"
},
{
"title": "JSA10759",
"trust": 0.8,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10759"
},
{
"title": "Splunk Enterprise 6.4.5 addresses multiple vulnerabilities",
"trust": 0.8,
"url": "http://www.splunk.com/view/sp-caaapue"
},
{
"title": "Splunk Enterprise 6.5.1 addresses multiple OpenSSL vulnerabilities",
"trust": 0.8,
"url": "http://www.splunk.com/view/sp-caaapsv#opensslvulnerabilitiesincludingsweet32addressedbyversionupgradeto101uand102jspl129207"
},
{
"title": "TNS-2016-16",
"trust": 0.8,
"url": "https://www.tenable.com/security/tns-2016-16"
},
{
"title": "hitachi-sec-2017-103",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/prod/comp/soft1/security/info/vuls/hitachi-sec-2017-103/index.html"
},
{
"title": "OpenSSL Repair measures for memory leaks",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=64358"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2016/09/23/openssl_swats_a_dozen_bugs_one_notable_nasty/"
},
{
"title": "Red Hat: Important: openssl security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20162802 - security advisory"
},
{
"title": "Red Hat: Important: Red Hat JBoss Enterprise Application Platform 6.4.16 natives update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20171659 - security advisory"
},
{
"title": "Red Hat: Important: Red Hat JBoss Enterprise Application Platform 6.4.16 natives update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20171658 - security advisory"
},
{
"title": "Red Hat: Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 1 for RHEL 6",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20171414 - security advisory"
},
{
"title": "Red Hat: Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 1 for RHEL 7",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20171413 - security advisory"
},
{
"title": "Red Hat: Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 1",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20171415 - security advisory"
},
{
"title": "Amazon Linux AMI: ALAS-2016-749",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2016-749"
},
{
"title": "Red Hat: Important: openssl security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20161940 - security advisory"
},
{
"title": "Red Hat: CVE-2016-6304",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2016-6304"
},
{
"title": "Arch Linux Issues: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=cve-2016-6304"
},
{
"title": "Red Hat: Important: Red Hat JBoss Web Server 3.1.0 Service Pack 1 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20171801 - security advisory"
},
{
"title": "Red Hat: Important: Red Hat JBoss Web Server Service Pack 1 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20171802 - security advisory"
},
{
"title": "Ubuntu Security Notice: openssl vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3087-1"
},
{
"title": "Ubuntu Security Notice: openssl regression",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3087-2"
},
{
"title": "Arch Linux Advisories: [ASA-201609-23] openssl: multiple issues",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=asa-201609-23"
},
{
"title": "Arch Linux Advisories: [ASA-201609-24] lib32-openssl: multiple issues",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=asa-201609-24"
},
{
"title": "Debian CVElist Bug Report Logs: Security fixes from the October 2016 CPU",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=712a3573d4790c3bc5a64dddbbf15d5d"
},
{
"title": "Forcepoint Security Advisories: CVE-2016-6304 OCSP Status Request Extension Security Vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=forcepoint_security_advisories\u0026qid=9b728419f5660d2dfe495a4122ce2f24"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - January 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=69e9536e77203a3c76b24dd89f4f9300"
},
{
"title": "Tenable Security Advisories: [R7] Nessus 6.9 Fixes Multiple Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=tns-2016-16"
},
{
"title": "Symantec Security Advisories: SA132 : OpenSSL Vulnerabilities 22-Sep-2016 and 26-Sep-2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=1e6dcaf5dac6ef96a7d917a8c1393040"
},
{
"title": "Cisco: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: September 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20160927-openssl"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=05aabe19d38058b7814ef5514aab4c0c"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - July 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=ac5af5dd99788925425f5747ec672707"
},
{
"title": "Tenable Security Advisories: [R3] PVS 5.2.0 Fixes Multiple Third-party Library Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=tns-2016-20"
},
{
"title": "Tenable Security Advisories: [R2] LCE 4.8.2 Fixes Multiple Third-party Library Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=tns-2016-21"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - October 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=6839c4d3fd328571c675c335d58b5591"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - July 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=2f446a7e1ea263c0c3a365776c6713f2"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - April 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=a31bff03e9909229fd67996884614fdf"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - January 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=e2a7f287e9acc8c64ab3df71130bc64d"
},
{
"title": "Oracle VM Server for x86 Bulletins: Oracle VM Server for x86 Bulletin - October 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_vm_server_for_x86_bulletins\u0026qid=21c0efa2643d707e2f50a501209eb75c"
},
{
"title": "Forcepoint Security Advisories: CVE-2016-2180 to -2183, -6302 to -6309, -2179, -7052 OpenSSL Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=forcepoint_security_advisories\u0026qid=a9dd8a175d084c7432b7ad47715ac50c"
},
{
"title": "Oracle Linux Bulletins: Oracle Linux Bulletin - October 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=13f3551b67d913fba90df4b2c0dae0bf"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - April 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=4019ca77f50c7a34e4d97833e6f3321e"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - April 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=143b3fb255063c81571469eaa3cf0a87"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=523d3f220a64ff01dd95e064bd37566a"
},
{
"title": "openssl-x509-vulnerabilities",
"trust": 0.1,
"url": "https://github.com/guidovranken/openssl-x509-vulnerabilities "
},
{
"title": "CheckCVE for Probe Manager",
"trust": 0.1,
"url": "https://github.com/treussart/probemanager_checkcve "
},
{
"title": "hackerone-publicy-disclosed",
"trust": 0.1,
"url": "https://github.com/imhunterand/hackerone-publicy-disclosed "
},
{
"title": "OpenSSL-CVE-lib",
"trust": 0.1,
"url": "https://github.com/chnzzh/openssl-cve-lib "
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/oracle-fixes-253-vulnerabilities-in-last-cpu-of-2016/121375/"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/openssl-patches-high-severity-ocsp-bug-mitigates-sweet32-attack/120845/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-6304"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004990"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-579"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-401",
"trust": 1.0
},
{
"problemtype": "CWE-399",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-004990"
},
{
"db": "NVD",
"id": "CVE-2016-6304"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "https://www.openssl.org/news/secadv/20160922.txt"
},
{
"trust": 2.0,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039"
},
{
"trust": 2.0,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"trust": 2.0,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"trust": 2.0,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"trust": 1.8,
"url": "http://rhn.redhat.com/errata/rhsa-2016-2802.html"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2017:2493"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2017:1658"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2017:1414"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2017:1413"
},
{
"trust": 1.8,
"url": "http://rhn.redhat.com/errata/rhsa-2017-1659.html"
},
{
"trust": 1.8,
"url": "http://rhn.redhat.com/errata/rhsa-2016-1940.html"
},
{
"trust": 1.8,
"url": "http://www.ubuntu.com/usn/usn-3087-2"
},
{
"trust": 1.8,
"url": "http://www.ubuntu.com/usn/usn-3087-1"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00013.html"
},
{
"trust": 1.7,
"url": "https://nodejs.org/en/blog/vulnerability/september-2016-security-releases/"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/93150"
},
{
"trust": 1.7,
"url": "http://www.splunk.com/view/sp-caaapue"
},
{
"trust": 1.7,
"url": "http://www.splunk.com/view/sp-caaapsv"
},
{
"trust": 1.7,
"url": "https://security.gentoo.org/glsa/201612-16"
},
{
"trust": 1.7,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10171"
},
{
"trust": 1.7,
"url": "https://bto.bluecoat.com/security-advisory/sa132"
},
{
"trust": 1.7,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10759"
},
{
"trust": 1.7,
"url": "https://www.tenable.com/security/tns-2016-16"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1037640"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1036878"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"trust": 1.7,
"url": "https://www.tenable.com/security/tns-2016-21"
},
{
"trust": 1.7,
"url": "https://www.tenable.com/security/tns-2016-20"
},
{
"trust": 1.7,
"url": "https://security.freebsd.org/advisories/freebsd-sa-16:26.openssl.asc"
},
{
"trust": 1.7,
"url": "https://access.redhat.com/errata/rhsa-2017:2494"
},
{
"trust": 1.7,
"url": "https://access.redhat.com/errata/rhsa-2017:1802"
},
{
"trust": 1.7,
"url": "https://access.redhat.com/errata/rhsa-2017:1801"
},
{
"trust": 1.7,
"url": "http://rhn.redhat.com/errata/rhsa-2017-1415.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-11/msg00027.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-11/msg00021.html"
},
{
"trust": 1.7,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10215"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00005.html"
},
{
"trust": 1.7,
"url": "https://kb.pulsesecure.net/articles/pulse_security_advisories/sa40312"
},
{
"trust": 1.7,
"url": "http://www.debian.org/security/2016/dsa-3673"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00024.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00010.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00029.html"
},
{
"trust": 1.7,
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1749-security-advisory-24"
},
{
"trust": 1.7,
"url": "http://seclists.org/fulldisclosure/2016/oct/62"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00012.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00032.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00023.html"
},
{
"trust": 1.7,
"url": "http://seclists.org/fulldisclosure/2016/dec/47"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00011.html"
},
{
"trust": 1.7,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170322-01-openssl-en"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00031.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00011.html"
},
{
"trust": 1.7,
"url": "http://seclists.org/fulldisclosure/2017/jul/31"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00021.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00022.html"
},
{
"trust": 1.7,
"url": "http://packetstormsecurity.com/files/139091/openssl-x509-parsing-double-free-invalid-free.html"
},
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
},
{
"trust": 1.1,
"url": "https://git.openssl.org/?p=openssl.git%3ba=commit%3bh=2c0d295e26306e15a92eb23a84a1802005c1c137"
},
{
"trust": 1.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6304"
},
{
"trust": 0.9,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160927-openssl"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-6304"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu98667810/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-6304"
},
{
"trust": 0.8,
"url": "http://www.bizmobile.co.jp/news_02.php?id=4069\u0026nc=1"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.7,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/security/cve/cve-2016-6304"
},
{
"trust": 0.7,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2178"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2177"
},
{
"trust": 0.6,
"url": "https://git.openssl.org/?p=openssl.git;a=commit;h=2c0d295e26306e15a92eb23a84a1802005c1c137"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-201914246-1.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.0680"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4645/"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-054-03"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2016-8610"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-8610"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2182"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6302"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2179"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2181"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6306"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2180"
},
{
"trust": 0.3,
"url": "http://openssl.org/"
},
{
"trust": 0.3,
"url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory21.asc"
},
{
"trust": 0.3,
"url": "https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-openssl-affect-ibm-worklight-and-ibm-mobilefirst-platform-foundation-2/"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1024394"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=isg3t1024401"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1024648"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1021643"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
},
{
"trust": 0.3,
"url": "https://kc.mcafee.com/resources/sites/mcafee/content/live/product_documentation/27000/pd27128/en_us/meg_7_6_406_3402_103_release_notes_en_us.pdf"
},
{
"trust": 0.3,
"url": "https://www.pexip.com/sites/pexip/files/pexip_security_bulletin_2016-10-07.pdf"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21991896"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1009586"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1s1009648"
},
{
"trust": 0.3,
"url": "https://www-01.ibm.com/support/docview.wss?uid=swg21985392"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21991724"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21992427"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21992681"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21992898"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21993061"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21993856"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21993875"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21994534"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21994861"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995038"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995129"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995392"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995393"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995691"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995886"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21996181"
},
{
"trust": 0.3,
"url": "https://gtacknowledge.extremenetworks.com/articles/vulnerability_notice/vn-2016-009-cve-2016-6304"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2016-2177"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2016-2178"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6303"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2183"
},
{
"trust": 0.2,
"url": "https://issues.jboss.org/):"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-8740"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-0736"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-8743"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/documentation/en/red-hat-jboss-core-services/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-7056"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-8743"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2161"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-8740"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-7056"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0736"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-2161"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/articles/2688611"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/solutions/222023"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?product=appplatform\u0026downloadtype=securitypatches\u0026version=6.4"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/401.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2016:2802"
},
{
"trust": 0.1,
"url": "https://github.com/guidovranken/openssl-x509-vulnerabilities"
},
{
"trust": 0.1,
"url": "https://github.com/treussart/probemanager_checkcve"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-21"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=49001"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/3087-1/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2017-5664"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2017-5647"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-5647"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/3155411"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-5664"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2180"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-6306"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2181"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2179"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2182"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-6302"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en/jboss-enterprise-application-platform/"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/blog/blog/2016/06/27/undefined-pointer-arithmetic/"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu2.21"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1-4ubuntu5.38"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.2g-1ubuntu4.5"
},
{
"trust": 0.1,
"url": "https://launchpad.net/bugs/1626883"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6308"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/policies/secpolicy.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6305"
},
{
"trust": 0.1,
"url": "https://sweet32.info)"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/policies/releasestrat.html),"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6307"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-6304"
},
{
"db": "BID",
"id": "93150"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004990"
},
{
"db": "PACKETSTORM",
"id": "142848"
},
{
"db": "PACKETSTORM",
"id": "143874"
},
{
"db": "PACKETSTORM",
"id": "138870"
},
{
"db": "PACKETSTORM",
"id": "142849"
},
{
"db": "PACKETSTORM",
"id": "143176"
},
{
"db": "PACKETSTORM",
"id": "138817"
},
{
"db": "PACKETSTORM",
"id": "139769"
},
{
"db": "PACKETSTORM",
"id": "143181"
},
{
"db": "PACKETSTORM",
"id": "138826"
},
{
"db": "PACKETSTORM",
"id": "169633"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-579"
},
{
"db": "NVD",
"id": "CVE-2016-6304"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2016-6304"
},
{
"db": "BID",
"id": "93150"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004990"
},
{
"db": "PACKETSTORM",
"id": "142848"
},
{
"db": "PACKETSTORM",
"id": "143874"
},
{
"db": "PACKETSTORM",
"id": "138870"
},
{
"db": "PACKETSTORM",
"id": "142849"
},
{
"db": "PACKETSTORM",
"id": "143176"
},
{
"db": "PACKETSTORM",
"id": "138817"
},
{
"db": "PACKETSTORM",
"id": "139769"
},
{
"db": "PACKETSTORM",
"id": "143181"
},
{
"db": "PACKETSTORM",
"id": "138826"
},
{
"db": "PACKETSTORM",
"id": "169633"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-579"
},
{
"db": "NVD",
"id": "CVE-2016-6304"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-09-26T00:00:00",
"db": "VULMON",
"id": "CVE-2016-6304"
},
{
"date": "2016-09-23T00:00:00",
"db": "BID",
"id": "93150"
},
{
"date": "2016-09-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-004990"
},
{
"date": "2017-06-07T22:47:57",
"db": "PACKETSTORM",
"id": "142848"
},
{
"date": "2017-08-22T05:29:02",
"db": "PACKETSTORM",
"id": "143874"
},
{
"date": "2016-09-27T19:32:00",
"db": "PACKETSTORM",
"id": "138870"
},
{
"date": "2017-06-07T22:48:07",
"db": "PACKETSTORM",
"id": "142849"
},
{
"date": "2017-06-28T22:12:00",
"db": "PACKETSTORM",
"id": "143176"
},
{
"date": "2016-09-22T22:22:00",
"db": "PACKETSTORM",
"id": "138817"
},
{
"date": "2016-11-17T23:52:44",
"db": "PACKETSTORM",
"id": "139769"
},
{
"date": "2017-06-28T22:37:00",
"db": "PACKETSTORM",
"id": "143181"
},
{
"date": "2016-09-23T19:19:00",
"db": "PACKETSTORM",
"id": "138826"
},
{
"date": "2016-09-22T12:12:12",
"db": "PACKETSTORM",
"id": "169633"
},
{
"date": "2016-09-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201609-579"
},
{
"date": "2016-09-26T19:59:00.157000",
"db": "NVD",
"id": "CVE-2016-6304"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2016-6304"
},
{
"date": "2018-04-18T09:00:00",
"db": "BID",
"id": "93150"
},
{
"date": "2017-10-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-004990"
},
{
"date": "2022-12-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201609-579"
},
{
"date": "2023-11-07T02:33:57.020000",
"db": "NVD",
"id": "CVE-2016-6304"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "138870"
},
{
"db": "PACKETSTORM",
"id": "139769"
},
{
"db": "PACKETSTORM",
"id": "138826"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-579"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL of t1_lib.c Denial of service in Japan (DoS) Vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-004990"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201609-579"
}
],
"trust": 0.6
}
}
VAR-201708-1547
Vulnerability from variot - Updated: 2024-07-23 21:56The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of crafted "KOD" messages. The NTP.org reference implementation of ntpd contains multiple vulnerabilities. NTP Contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Network Time Protocol is prone to a denial-of-service vulnerability. An attacker can leverage this issue to cause a denial-of-service condition. Oracle Integrated Lights Out Manager is prone to a remote security vulnerability in ILOM. The vulnerability can be exploited over the 'SSH' protocol. The 'SSH' sub component is affected. This vulnerability affects the following supported versions: 3.0, 3.1, 3.2 NOTE: This BID is being retired as it is a duplicate of BID 75990 (OpenSSH Login Handling Security Bypass Weakness). Summary:
Updated ntp packages that fix two security issues are now available for Red Hat Enterprise Linux 6 and 7.
Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, noarch, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch, x86_64
It was discovered that ntpd as a client did not correctly check timestamps in Kiss-of-Death packets. (CVE-2015-7704)
It was found that ntpd did not correctly implement the threshold limitation for the '-g' option, which is used to set the time without any restrictions. A man-in-the-middle attacker able to intercept NTP traffic between a connecting client and an NTP server could use this flaw to force that client to make multiple steps larger than the panic threshold, effectively changing the time to an arbitrary value. (CVE-2015-5300)
Red Hat would like to thank Aanchal Malhotra, Isaac E. Cohen, and Sharon Goldberg of Boston University for reporting these issues.
All ntp users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1271070 - CVE-2015-7704 ntp: disabling synchronization via crafted KoD packet 1271076 - CVE-2015-5300 ntp: MITM attacker can force ntpd to make a step larger than the panic threshold
- Package List:
Red Hat Enterprise Linux Desktop (v. 6):
Source: ntp-4.2.6p5-5.el6_7.2.src.rpm
i386: ntp-4.2.6p5-5.el6_7.2.i686.rpm ntp-debuginfo-4.2.6p5-5.el6_7.2.i686.rpm ntpdate-4.2.6p5-5.el6_7.2.i686.rpm
x86_64: ntp-4.2.6p5-5.el6_7.2.x86_64.rpm ntp-debuginfo-4.2.6p5-5.el6_7.2.x86_64.rpm ntpdate-4.2.6p5-5.el6_7.2.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
i386: ntp-debuginfo-4.2.6p5-5.el6_7.2.i686.rpm ntp-perl-4.2.6p5-5.el6_7.2.i686.rpm
noarch: ntp-doc-4.2.6p5-5.el6_7.2.noarch.rpm
x86_64: ntp-debuginfo-4.2.6p5-5.el6_7.2.x86_64.rpm ntp-perl-4.2.6p5-5.el6_7.2.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source: ntp-4.2.6p5-5.el6_7.2.src.rpm
x86_64: ntp-4.2.6p5-5.el6_7.2.x86_64.rpm ntp-debuginfo-4.2.6p5-5.el6_7.2.x86_64.rpm ntpdate-4.2.6p5-5.el6_7.2.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
noarch: ntp-doc-4.2.6p5-5.el6_7.2.noarch.rpm
x86_64: ntp-debuginfo-4.2.6p5-5.el6_7.2.x86_64.rpm ntp-perl-4.2.6p5-5.el6_7.2.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source: ntp-4.2.6p5-5.el6_7.2.src.rpm
i386: ntp-4.2.6p5-5.el6_7.2.i686.rpm ntp-debuginfo-4.2.6p5-5.el6_7.2.i686.rpm ntpdate-4.2.6p5-5.el6_7.2.i686.rpm
ppc64: ntp-4.2.6p5-5.el6_7.2.ppc64.rpm ntp-debuginfo-4.2.6p5-5.el6_7.2.ppc64.rpm ntpdate-4.2.6p5-5.el6_7.2.ppc64.rpm
s390x: ntp-4.2.6p5-5.el6_7.2.s390x.rpm ntp-debuginfo-4.2.6p5-5.el6_7.2.s390x.rpm ntpdate-4.2.6p5-5.el6_7.2.s390x.rpm
x86_64: ntp-4.2.6p5-5.el6_7.2.x86_64.rpm ntp-debuginfo-4.2.6p5-5.el6_7.2.x86_64.rpm ntpdate-4.2.6p5-5.el6_7.2.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
i386: ntp-debuginfo-4.2.6p5-5.el6_7.2.i686.rpm ntp-perl-4.2.6p5-5.el6_7.2.i686.rpm
noarch: ntp-doc-4.2.6p5-5.el6_7.2.noarch.rpm
ppc64: ntp-debuginfo-4.2.6p5-5.el6_7.2.ppc64.rpm ntp-perl-4.2.6p5-5.el6_7.2.ppc64.rpm
s390x: ntp-debuginfo-4.2.6p5-5.el6_7.2.s390x.rpm ntp-perl-4.2.6p5-5.el6_7.2.s390x.rpm
x86_64: ntp-debuginfo-4.2.6p5-5.el6_7.2.x86_64.rpm ntp-perl-4.2.6p5-5.el6_7.2.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source: ntp-4.2.6p5-5.el6_7.2.src.rpm
i386: ntp-4.2.6p5-5.el6_7.2.i686.rpm ntp-debuginfo-4.2.6p5-5.el6_7.2.i686.rpm ntpdate-4.2.6p5-5.el6_7.2.i686.rpm
x86_64: ntp-4.2.6p5-5.el6_7.2.x86_64.rpm ntp-debuginfo-4.2.6p5-5.el6_7.2.x86_64.rpm ntpdate-4.2.6p5-5.el6_7.2.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
i386: ntp-debuginfo-4.2.6p5-5.el6_7.2.i686.rpm ntp-perl-4.2.6p5-5.el6_7.2.i686.rpm
noarch: ntp-doc-4.2.6p5-5.el6_7.2.noarch.rpm
x86_64: ntp-debuginfo-4.2.6p5-5.el6_7.2.x86_64.rpm ntp-perl-4.2.6p5-5.el6_7.2.x86_64.rpm
Red Hat Enterprise Linux Client (v. 7):
Source: ntp-4.2.6p5-19.el7_1.3.src.rpm
x86_64: ntp-4.2.6p5-19.el7_1.3.x86_64.rpm ntp-debuginfo-4.2.6p5-19.el7_1.3.x86_64.rpm ntpdate-4.2.6p5-19.el7_1.3.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
noarch: ntp-doc-4.2.6p5-19.el7_1.3.noarch.rpm ntp-perl-4.2.6p5-19.el7_1.3.noarch.rpm
x86_64: ntp-debuginfo-4.2.6p5-19.el7_1.3.x86_64.rpm sntp-4.2.6p5-19.el7_1.3.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: ntp-4.2.6p5-19.el7_1.3.src.rpm
x86_64: ntp-4.2.6p5-19.el7_1.3.x86_64.rpm ntp-debuginfo-4.2.6p5-19.el7_1.3.x86_64.rpm ntpdate-4.2.6p5-19.el7_1.3.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
noarch: ntp-doc-4.2.6p5-19.el7_1.3.noarch.rpm ntp-perl-4.2.6p5-19.el7_1.3.noarch.rpm
x86_64: ntp-debuginfo-4.2.6p5-19.el7_1.3.x86_64.rpm sntp-4.2.6p5-19.el7_1.3.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: ntp-4.2.6p5-19.el7_1.3.src.rpm
ppc64: ntp-4.2.6p5-19.el7_1.3.ppc64.rpm ntp-debuginfo-4.2.6p5-19.el7_1.3.ppc64.rpm ntpdate-4.2.6p5-19.el7_1.3.ppc64.rpm
s390x: ntp-4.2.6p5-19.el7_1.3.s390x.rpm ntp-debuginfo-4.2.6p5-19.el7_1.3.s390x.rpm ntpdate-4.2.6p5-19.el7_1.3.s390x.rpm
x86_64: ntp-4.2.6p5-19.el7_1.3.x86_64.rpm ntp-debuginfo-4.2.6p5-19.el7_1.3.x86_64.rpm ntpdate-4.2.6p5-19.el7_1.3.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: ntp-4.2.6p5-19.ael7b_1.3.src.rpm
ppc64le: ntp-4.2.6p5-19.ael7b_1.3.ppc64le.rpm ntp-debuginfo-4.2.6p5-19.ael7b_1.3.ppc64le.rpm ntpdate-4.2.6p5-19.ael7b_1.3.ppc64le.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
noarch: ntp-doc-4.2.6p5-19.el7_1.3.noarch.rpm ntp-perl-4.2.6p5-19.el7_1.3.noarch.rpm
ppc64: ntp-debuginfo-4.2.6p5-19.el7_1.3.ppc64.rpm sntp-4.2.6p5-19.el7_1.3.ppc64.rpm
s390x: ntp-debuginfo-4.2.6p5-19.el7_1.3.s390x.rpm sntp-4.2.6p5-19.el7_1.3.s390x.rpm
x86_64: ntp-debuginfo-4.2.6p5-19.el7_1.3.x86_64.rpm sntp-4.2.6p5-19.el7_1.3.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
noarch: ntp-doc-4.2.6p5-19.ael7b_1.3.noarch.rpm ntp-perl-4.2.6p5-19.ael7b_1.3.noarch.rpm
ppc64le: ntp-debuginfo-4.2.6p5-19.ael7b_1.3.ppc64le.rpm sntp-4.2.6p5-19.ael7b_1.3.ppc64le.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: ntp-4.2.6p5-19.el7_1.3.src.rpm
x86_64: ntp-4.2.6p5-19.el7_1.3.x86_64.rpm ntp-debuginfo-4.2.6p5-19.el7_1.3.x86_64.rpm ntpdate-4.2.6p5-19.el7_1.3.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
noarch: ntp-doc-4.2.6p5-19.el7_1.3.noarch.rpm ntp-perl-4.2.6p5-19.el7_1.3.noarch.rpm
x86_64: ntp-debuginfo-4.2.6p5-19.el7_1.3.x86_64.rpm sntp-4.2.6p5-19.el7_1.3.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2015-5300 https://access.redhat.com/security/cve/CVE-2015-7704 https://access.redhat.com/security/updates/classification/#important
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2015 Red Hat, Inc.
Gentoo Linux Security Advisory GLSA 201607-15
https://security.gentoo.org/
Severity: Normal Title: NTP: Multiple vulnerabilities Date: July 20, 2016 Bugs: #563774, #572452, #581528, #584954 ID: 201607-15
Synopsis
Multiple vulnerabilities have been found in NTP, the worst of which could lead to Denial of Service.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-misc/ntp < 4.2.8_p8 >= 4.2.8_p8
Description
Multiple vulnerabilities have been discovered in NTP. Please review the CVE identifiers referenced below for details.
Resolution
All NTP users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/ntp-4.2.8_p8"
References
[ 1 ] CVE-2015-7691 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7691 [ 2 ] CVE-2015-7692 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7692 [ 3 ] CVE-2015-7701 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7701 [ 4 ] CVE-2015-7702 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7702 [ 5 ] CVE-2015-7703 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7703 [ 6 ] CVE-2015-7704 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7704 [ 7 ] CVE-2015-7705 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7705 [ 8 ] CVE-2015-7848 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7848 [ 9 ] CVE-2015-7849 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7849 [ 10 ] CVE-2015-7850 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7850 [ 11 ] CVE-2015-7851 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7851 [ 12 ] CVE-2015-7852 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7852 [ 13 ] CVE-2015-7853 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7853 [ 14 ] CVE-2015-7854 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7854 [ 15 ] CVE-2015-7855 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7855 [ 16 ] CVE-2015-7871 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7871 [ 17 ] CVE-2015-7973 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7973 [ 18 ] CVE-2015-7974 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7974 [ 19 ] CVE-2015-7975 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7975 [ 20 ] CVE-2015-7976 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7976 [ 21 ] CVE-2015-7977 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7977 [ 22 ] CVE-2015-7978 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7978 [ 23 ] CVE-2015-7979 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7979 [ 24 ] CVE-2015-8138 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8138 [ 25 ] CVE-2015-8139 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8139 [ 26 ] CVE-2015-8140 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8140 [ 27 ] CVE-2015-8158 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8158 [ 28 ] CVE-2016-1547 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1547 [ 29 ] CVE-2016-1548 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1548 [ 30 ] CVE-2016-1549 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1549 [ 31 ] CVE-2016-1550 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1550 [ 32 ] CVE-2016-1551 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1551 [ 33 ] CVE-2016-2516 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2516 [ 34 ] CVE-2016-2517 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2517 [ 35 ] CVE-2016-2518 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2518 [ 36 ] CVE-2016-2519 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2519 [ 37 ] CVE-2016-4953 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4953 [ 38 ] CVE-2016-4954 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4954 [ 39 ] CVE-2016-4955 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4955 [ 40 ] CVE-2016-4956 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4956 [ 41 ] CVE-2016-4957 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4957
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201607-15
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
.
Release Date: 2016-09-21 Last Updated: 2016-09-21
Potential Security Impact: Multiple Remote Vulnerabilities
Source: Hewlett Packard Enterprise, Product Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities in NTP have been addressed with HPE Comware 7 (CW7) network products.
References:
- CVE-2015-7704
- CVE-2015-7705
- CVE-2015-7855
- CVE-2015-7871
- PSRT110228
- SSRT102943
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. - Comware 7 (CW7) Products - Please refer to the RESOLUTION below for a list of impacted products. All product versions are impacted prior to the fixed versions listed.
BACKGROUND
CVSS Base Metrics ================= Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector
CVE-2015-7704
6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
6.4 (AV:N/AC:L/Au:N/C:N/I:P/A:P)
CVE-2015-7705
6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
6.4 (AV:N/AC:L/Au:N/C:N/I:P/A:P)
CVE-2015-7855
6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
6.4 (AV:N/AC:L/Au:N/C:N/I:P/A:P)
CVE-2015-7871
5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
5.0 (AV:N/AC:L/Au:N/C:N/I:P/A:N)
Information on CVSS is documented in
HPE Customer Notice HPSN-2008-002 here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499
RESOLUTION HPE has released the following software updates to resolve the vulnerabilities in HPE Comware 7 network products.
COMWARE 7 Products
- 12500 (Comware 7) - Version: R7377
- HP Network Products
- JC072B HP 12500 Main Processing Unit
- JC085A HP A12518 Switch Chassis
- JC086A HP A12508 Switch Chassis
- JC652A HP 12508 DC Switch Chassis
- JC653A HP 12518 DC Switch Chassis
- JC654A HP 12504 AC Switch Chassis
- JC655A HP 12504 DC Switch Chassis
- JF430A HP A12518 Switch Chassis
- JF430B HP 12518 Switch Chassis
- JF430C HP 12518 AC Switch Chassis
- JF431A HP A12508 Switch Chassis
- JF431B HP 12508 Switch Chassis
- JF431C HP 12508 AC Switch Chassis
- JG497A HP 12500 MPU w/Comware V7 OS
- JG782A HP FF 12508E AC Switch Chassis
- JG783A HP FF 12508E DC Switch Chassis
- JG784A HP FF 12518E AC Switch Chassis
- JG785A HP FF 12518E DC Switch Chassis
- JG802A HP FF 12500E MPU
- 10500 (Comware 7) - Version: R7178
- HP Network Products
- JC611A HP 10508-V Switch Chassis
- JC612A HP 10508 Switch Chassis
- JC613A HP 10504 Switch Chassis
- JC748A HP 10512 Switch Chassis
- JG608A HP FlexFabric 11908-V Switch Chassis
- JG609A HP FlexFabric 11900 Main Processing Unit
- JG820A HP 10504 TAA Switch Chassis
- JG821A HP 10508 TAA Switch Chassis
- JG822A HP 10508-V TAA Switch Chassis
- JG823A HP 10512 TAA Switch Chassis
- JG496A HP 10500 Type A MPU w/Comware v7 OS
- JH198A HP 10500 Type D Main Processing Unit with Comware v7 Operating System
- JH206A HP 10500 Type D TAA-compliant with Comware v7 Operating System Main Processing Unit
- 12900 (Comware 7) - Version: R1138P03
- HP Network Products
- JG619A HP FlexFabric 12910 Switch AC Chassis
- JG621A HP FlexFabric 12910 Main Processing Unit
- JG632A HP FlexFabric 12916 Switch AC Chassis
- JG634A HP FlexFabric 12916 Main Processing Unit
- JH104A HP FlexFabric 12900E Main Processing Unit
- JH114A HP FlexFabric 12910 TAA-compliant Main Processing Unit
- JH263A HP FlexFabric 12904E Main Processing Unit
- JH255A HP FlexFabric 12908E Switch Chassis
- JH262A HP FlexFabric 12904E Switch Chassis
- JH113A HP FlexFabric 12910 TAA-compliant Switch AC Chassis
- JH103A HP FlexFabric 12916E Switch Chassis
- 5900 (Comware 7) - Version: R2422P02
- HP Network Products
- JC772A HP 5900AF-48XG-4QSFP+ Switch
- JG296A HP 5920AF-24XG Switch
- JG336A HP 5900AF-48XGT-4QSFP+ Switch
- JG510A HP 5900AF-48G-4XG-2QSFP+ Switch
- JG554A HP 5900AF-48XG-4QSFP+ TAA Switch
- JG555A HP 5920AF-24XG TAA Switch
- JG838A HP FF 5900CP-48XG-4QSFP+ Switch
- JH036A HP FlexFabric 5900CP 48XG 4QSFP+ TAA-Compliant
- JH037A HP 5900AF 48XGT 4QSFP+ TAA-Compliant Switch
- JH038A HP 5900AF 48G 4XG 2QSFP+ TAA-Compliant
- MSR1000 (Comware 7) - Version: R0305P08
- HP Network Products
- JG875A HP MSR1002-4 AC Router
- JH060A HP MSR1003-8S AC Router
- MSR2000 (Comware 7) - Version: R0305P08
- HP Network Products
- JG411A HP MSR2003 AC Router
- JG734A HP MSR2004-24 AC Router
- JG735A HP MSR2004-48 Router
- JG866A HP MSR2003 TAA-compliant AC Router
- MSR3000 (Comware 7) - Version: R0305P08
- HP Network Products
- JG404A HP MSR3064 Router
- JG405A HP MSR3044 Router
- JG406A HP MSR3024 AC Router
- JG407A HP MSR3024 DC Router
- JG408A HP MSR3024 PoE Router
- JG409A HP MSR3012 AC Router
- JG410A HP MSR3012 DC Router
- JG861A HP MSR3024 TAA-compliant AC Router
- MSR4000 (Comware 7) - Version: R0305P08
- HP Network Products
- JG402A HP MSR4080 Router Chassis
- JG403A HP MSR4060 Router Chassis
- JG412A HP MSR4000 MPU-100 Main Processing Unit
- JG869A HP MSR4000 TAA-compliant MPU-100 Main Processing Unit
- VSR (Comware 7) - Version: E0322
- HP Network Products
- JG810AAE HP VSR1001 Virtual Services Router 60 Day Evaluation Software
- JG811AAE HP VSR1001 Comware 7 Virtual Services Router
- JG812AAE HP VSR1004 Comware 7 Virtual Services Router
- JG813AAE HP VSR1008 Comware 7 Virtual Services Router
- 7900 (Comware 7) - Version: R2138P03
- HP Network Products
- JG682A HP FlexFabric 7904 Switch Chassis
- JG841A HP FlexFabric 7910 Switch Chassis
- JG842A HP FlexFabric 7910 7.2Tbps Fabric / Main Processing Unit
- JH001A HP FlexFabric 7910 2.4Tbps Fabric / Main Processing Unit
- JH122A HP FlexFabric 7904 TAA-compliant Switch Chassis
- JH123A HP FlexFabric 7910 TAA-compliant Switch Chassis
- JH124A HP FlexFabric 7910 7.2Tbps TAA-compliant Fabric/Main Processing Unit
- JH125A HP FlexFabric 7910 2.4Tbps TAA-compliant Fabric/Main Processing Unit
- 5130 (Comware 7) - Version: R3111P03
- HP Network Products
- JG932A HP 5130-24G-4SFP+ EI Switch
- JG933A HP 5130-24G-SFP-4SFP+ EI Switch
- JG934A HP 5130-48G-4SFP+ EI Switch
- JG936A HP 5130-24G-PoE+-4SFP+ (370W) EI Switch
- JG937A HP 5130-48G-PoE+-4SFP+ (370W) EI Switch
- JG938A HP 5130-24G-2SFP+-2XGT EI Switch
- JG939A HP 5130-48G-2SFP+-2XGT EI Switch
- JG940A HP 5130-24G-PoE+-2SFP+-2XGT (370W) EI Switch
- JG941A HP 5130-48G-PoE+-2SFP+-2XGT (370W) EI Switch
- JG975A HP 5130-24G-4SFP+ EI Brazil Switch
- JG976A HP 5130-48G-4SFP+ EI Brazil Switch
- JG977A HP 5130-24G-PoE+-4SFP+ (370W) EI Brazil Switch
- JG978A HP 5130-48G-PoE+-4SFP+ (370W) EI Brazil Switch
- 5700 (Comware 7) - Version: R2422P02
- HP Network Products
- JG894A HP FlexFabric 5700-48G-4XG-2QSFP+ Switch
- JG895A HP FlexFabric 5700-48G-4XG-2QSFP+ TAA-compliant Switch
- JG896A HP FlexFabric 5700-40XG-2QSFP+ Switch
- JG897A HP FlexFabric 5700-40XG-2QSFP+ TAA-compliant Switch
- JG898A HP FlexFabric 5700-32XGT-8XG-2QSFP+ Switch
- JG899A HP FlexFabric 5700-32XGT-8XG-2QSFP+ TAA-compliant Switch
- 5930 (Comware 7) - Version: R2422P02
- HP Network Products
- JG726A HP FlexFabric 5930 32QSFP+ Switch
- JG727A HP FlexFabric 5930 32QSFP+ TAA-compliant Switch
- JH178A HP FlexFabric 5930 2QSFP+ 2-slot Switch
- JH179A HP FlexFabric 5930 4-slot Switch
- JH187A HP FlexFabric 5930 2QSFP+ 2-slot TAA-compliant Switch
- JH188A HP FlexFabric 5930 4-slot TAA-compliant Switch
- HSR6600 (Comware 7) - Version: R7103P07
- HP Network Products
- JG353A HP HSR6602-G Router
- JG354A HP HSR6602-XG Router
- JG776A HP HSR6602-G TAA-compliant Router
- JG777A HP HSR6602-XG TAA-compliant Router
- HSR6800 (Comware 7) - Version: R7103P07
- HP Network Products
- JG361A HP HSR6802 Router Chassis
- JG361B HP HSR6802 Router Chassis
- JG362A HP HSR6804 Router Chassis
- JG362B HP HSR6804 Router Chassis
- JG363A HP HSR6808 Router Chassis
- JG363B HP HSR6808 Router Chassis
- JG364A HP HSR6800 RSE-X2 Router Main Processing Unit
- JG779A HP HSR6800 RSE-X2 Router TAA-compliant Main Processing
- JH075A HP HSR6800 RSE-X3 Router Main Processing Unit
- 1950 (Comware 7) - Version: R3111P03
- HP Network Products
- JG960A HP 1950-24G-4XG Switch
- JG961A HP 1950-48G-2SFP+-2XGT Switch
- JG962A HP 1950-24G-2SFP+-2XGT-PoE+(370W) Switch
- JG963A HP 1950-48G-2SFP+-2XGT-PoE+(370W) Switch
- 7500 (Comware 7) - Version: R7178
- HP Network Products
- JD238C HP 7510 Switch Chassis
- JD239C HP 7506 Switch Chassis
- JD240C HP 7503 Switch Chassis
- JD242C HP 7502 Switch Chassis
- JH207A HP 7500 1.2Tbps Fabric with 2-port 40GbE QSFP+ for IRF-Only Main Processing Unit
- JH208A HP 7502 Main Processing Unit
- JH209A HP 7500 2.4Tbps Fabric with 8-port 1/10GbE SFP+ and 2-port 40GbE QSFP+ Main Processing Unit
- 5130HI - Version: R1118P02
- HP Network Products
- JH323A HPE 5130 24G 4SFP+ 1-slot HI Switch
- JH324A HPE 5130 48G 4SFP+ 1-slot HI Switch
- JH325A HPE 5130 24G PoE+ 4SFP+ 1-slot HI Switch
- JH326A HPE 5130 48G PoE+ 4SFP+ 1-slot HI Switch
- 5510HI - Version: R1118P02
- HP Network Products
- JH145A HPE 5510 24G 4SFP+ HI 1-slot Switch
- JH146A HPE 5510 48G 4SFP+ HI 1-slot Switch
- JH147A HPE 5510 24G PoE+ 4SFP+ HI 1-slot Switch
- JH148A HPE 5510 48G PoE+ 4SFP+ HI 1-slot Switch
- JH149A HPE 5510 24G SFP 4SFP+ HI 1-slot Switch
Note: Please contact HPE Technical Support if any assistance is needed acquiring the software updates.
HISTORY Version:1 (rev.1) - 21 September 2016 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running Hewlett Packard Enterprise (HPE) software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HPE Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hpe.com.
Report: To report a potential security vulnerability for any HPE supported product: Web form: https://www.hpe.com/info/report-security-vulnerability Email: security-alert@hpe.com
Subscribe: To initiate a subscription to receive future HPE Security Bulletin alerts via Email: http://www.hpe.com/support/Subscriber_Choice
Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://www.hpe.com/support/Security_Bulletin_Archive
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HPE General Software HF = HPE Hardware and Firmware MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PV = ProCurve ST = Storage Software UX = HP-UX
Copyright 2016 Hewlett Packard Enterprise
Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett Packard Enterprise and the names of Hewlett Packard Enterprise products referenced herein are trademarks of Hewlett Packard Enterprise in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
============================================================================= FreeBSD-SA-15:25.ntp Security Advisory The FreeBSD Project
Topic: Multiple vulnerabilities of ntp
Category: contrib Module: ntp Announced: 2015-10-26 Credits: Network Time Foundation Affects: All supported versions of FreeBSD. Corrected: 2015-10-26 11:35:40 UTC (stable/10, 10.2-STABLE) 2015-10-26 11:36:55 UTC (releng/10.2, 10.2-RELEASE-p6) 2015-10-26 11:37:31 UTC (releng/10.1, 10.1-RELEASE-p23) 2015-10-26 11:36:40 UTC (stable/9, 9.3-STABLE) 2015-10-26 11:42:25 UTC (releng/9.3, 9.3-RELEASE-p29) CVE Name: CVE-2015-7701, CVE-2015-7702, CVE-2015-7703, CVE-2015-7704, CVE-2015-7848, CVE-2015-7849, CVE-2015-7850, CVE-2015-7851, CVE-2015-7852, CVE-2015-7853, CVE-2015-7854, CVE-2015-7855, CVE-2015-7871
For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit https://security.FreeBSD.org/.
I.
II. Problem Description
Crypto-NAK packets can be used to cause ntpd(8) to accept time from an unauthenticated ephemeral symmetric peer by bypassing the authentication required to mobilize peer associations. [CVE-2015-7871] FreeBSD 9.3 and 10.1 are not affected.
If ntpd(8) is fed a crafted mode 6 or mode 7 packet containing an unusual long data value where a network address is expected, the decodenetnum() function will abort with an assertion failure instead of simply returning a failure condition. [CVE-2015-7855]
If ntpd(8) is configured to allow remote configuration, and if the (possibly spoofed) source IP address is allowed to send remote configuration requests, and if the attacker knows the remote configuration password or if ntpd(8) was configured to disable authentication, then an attacker can send a set of packets to ntpd(8) that may cause it to crash, with the hypothetical possibility of a small code injection. [CVE-2015-7854]
A negative value for the datalen parameter will overflow a data buffer. NTF's ntpd(8) driver implementations always set this value to 0 and are therefore not vulnerable to this weakness. If you are running a custom refclock driver in ntpd(8) and that driver supplies a negative value for datalen (no custom driver of even minimal competence would do this) then ntpd would overflow a data buffer. It is even hypothetically possible in this case that instead of simply crashing ntpd the attacker could effect a code injection attack. [CVE-2015-7853]
If an attacker can figure out the precise moment that ntpq(8) is listening for data and the port number it is listening on or if the attacker can provide a malicious instance ntpd(8) that victims will connect to then an attacker can send a set of crafted mode 6 response packets that, if received by ntpq(8), can cause ntpq(8) to crash. [CVE-2015-7852]
If ntpd(8) is configured to allow remote configuration, and if the (possibly spoofed) IP address is allowed to send remote configuration requests, and if the attacker knows the remote configuration password or if ntpd(8) was configured to disable authentication, then an attacker can send a set of packets to ntpd that may cause ntpd(8) to overwrite files. [CVE-2015-7851]. The default configuration of ntpd(8) within FreeBSD does not allow remote configuration.
If ntpd(8) is configured to allow remote configuration, and if the (possibly spoofed) source IP address is allowed to send remote configuration requests, and if the attacker knows the remote configuration password or if ntpd(8) was configured to disable authentication, then an attacker can send a set of packets to ntpd that will cause it to crash and/or create a potentially huge log file. Specifically, the attacker could enable extended logging, point the key file at the log file, and cause what amounts to an infinite loop. [CVE-2015-7850]. The default configuration of ntpd(8) within FreeBSD does not allow remote configuration.
If ntpd(8) is configured to allow remote configuration, and if the (possibly spoofed) source IP address is allowed to send remote configuration requests, and if the attacker knows the remote configuration password or if ntpd was configured to disable authentication, then an attacker can send a set of packets to ntpd that may cause a crash or theoretically perform a code injection attack. [CVE-2015-7849]. The default configuration of ntpd(8) within FreeBSD does not allow remote configuration.
If ntpd(8) is configured to enable mode 7 packets, and if the use of mode 7 packets is not properly protected thru the use of the available mode 7 authentication and restriction mechanisms, and if the (possibly spoofed) source IP address is allowed to send mode 7 queries, then an attacker can send a crafted packet to ntpd that will cause it to crash. [CVE-2015-7848]. The default configuration of ntpd(8) within FreeBSD does not allow mode 7 packets.
If ntpd(8) is configured to use autokey, then an attacker can send packets to ntpd that will, after several days of ongoing attack, cause it to run out of memory. [CVE-2015-7701]. The default configuration of ntpd(8) within FreeBSD does not use autokey.
If ntpd(8) is configured to allow for remote configuration, and if the (possibly spoofed) source IP address is allowed to send remote configuration requests, and if the attacker knows the remote configuration password, it's possible for an attacker to use the "pidfile" or "driftfile" directives to potentially overwrite other files. [CVE-2015-5196]. The default configuration of ntpd(8) within FreeBSD does not allow remote configuration
An ntpd(8) client that honors Kiss-of-Death responses will honor KoD messages that have been forged by an attacker, causing it to delay or stop querying its servers for time updates. Also, an attacker can forge packets that claim to be from the target and send them to servers often enough that a server that implements KoD rate limiting will send the target machine a KoD response to attempt to reduce the rate of incoming packets, or it may also trigger a firewall block at the server for packets from the target machine. For either of these attacks to succeed, the attacker must know what servers the target is communicating with. An attacker can be anywhere on the Internet and can frequently learn the identity of the target's time source by sending the target a time query. [CVE-2015-7704]
The fix for CVE-2014-9750 was incomplete in that there were certain code paths where a packet with particular autokey operations that contained malicious data was not always being completely validated. Receipt of these packets can cause ntpd to crash. [CVE-2015-7702]. The default configuration of ntpd(8) within FreeBSD does not use autokey.
III. Impact
An attacker which can send NTP packets to ntpd(8), which uses cryptographic authentication of NTP data, may be able to inject malicious time data causing the system clock to be set incorrectly. [CVE-2015-7871]
An attacker which can send NTP packets to ntpd(8), can block the communication of the daemon with time servers, causing the system clock not being synchronized. [CVE-2015-7704]
An attacker which can send NTP packets to ntpd(8), can remotely crash the daemon, sending malicious data packet. [CVE-2015-7855] [CVE-2015-7854] [CVE-2015-7853] [CVE-2015-7852] [CVE-2015-7849] [CVE-2015-7848]
An attacker which can send NTP packets to ntpd(8), can remotely trigger the daemon to overwrite its configuration files. [CVE-2015-7851] [CVE-2015-5196]
IV. Workaround
No workaround is available, but systems not running ntpd(8) are not affected. Network administrators are advised to implement BCP-38, which helps to reduce risk associated with the attacks.
V. Solution
Perform one of the following:
1) Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date.
The ntpd service has to be restarted after the update. A reboot is recommended but not required.
2) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility:
freebsd-update fetch
freebsd-update install
The ntpd service has to be restarted after the update. A reboot is recommended but not required.
3) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to the applicable FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.
[FreeBSD 10.2]
fetch https://security.FreeBSD.org/patches/SA-15:25/ntp-102.patch.bz2
bunzip2 ntp-102.patch.bz2
fetch https://security.FreeBSD.org/patches/SA-15:25/ntp-102.patch.asc
gpg --verify ntp-102.patch.asc
[FreeBSD 10.1]
fetch https://security.FreeBSD.org/patches/SA-15:25/ntp-101.patch.bz2
bunzip2 ntp-101.patch.bz2
fetch https://security.FreeBSD.org/patches/SA-15:25/ntp-101.patch.asc
gpg --verify ntp-101.patch.asc
[FreeBSD 9.3]
fetch https://security.FreeBSD.org/patches/SA-15:25/ntp-93.patch.bz2
bunzip2 ntp-93.patch.bz2
fetch https://security.FreeBSD.org/patches/SA-15:25/ntp-93.patch.asc
gpg --verify ntp-93.patch.asc
b) Apply the patch. Execute the following commands as root:
cd /usr/src
patch < /path/to/patch
find contrib/ntp -type f -empty -delete
c) Recompile the operating system using buildworld and installworld as described in https://www.FreeBSD.org/handbook/makeworld.html.
d) For 9.3-RELEASE and 10.1-RELEASE an update to /etc/ntp.conf is recommended, which can be done with help of the mergemaster(8) tool on 9.3-RELEASE and with help of the etcupdate(8) tool on 10.1-RELEASE.
Restart the ntpd(8) daemon, or reboot the system.
VI. Correction details
The following list contains the correction revision numbers for each affected branch.
Branch/path Revision
stable/9/ r289998 releng/9.3/ r290001 stable/10/ r289997 releng/10.1/ r290000 releng/10.2/ r289999
To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed:
svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN
VII. References
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7701 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7702 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7703 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7704 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7848 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7849 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7850 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7851 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7852 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7853 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7854 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7855 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7871
The latest revision of this advisory is available at https://security.FreeBSD.org/advisories/FreeBSD-SA-15:25.ntp.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIcBAEBAgAGBQJWLhOJAAoJEO1n7NZdz2rn91wP/2GwEt1boNQq2a7nYzv/mS5D sYKkIi7o+2yr2BLXvtc3O7c9QC3/YeGsza9DTRqndcY572SWvRgtkFstMTTm8IV/ RVlIE40gVR3tex0zo7BiD7uKUrxWxWcpwMbE5dzlE+vSybyyj0dSSkwUHJjrbJoA RmyNuEEUhQn5sRCg6qJv/PLp2G7BcYAasKScukjm7QnLP2kq/tvM9mcqwfh2tadM 7kbf8uq+ykvsRzctaDnxQaB5+zJxBQYJjBelxQfIkNek0XGfdj3sRwISeFznbllq mOLTIBaFiuEtHtusO7MKKavMgS5CQJOvuuvd/l3NY1MnxC6X/1SWig9KIKDIn/hv q8dsnq7LLx+tO6Cv4Dub7EbC2ZP3xXGOC4Ie02z8bTZnbX7iwyPUidQQqtU9ra15 rxzFcZnBxu+yyMNJVsV2qVV/r9OycgKxWlEELC1wYrK9fKfvLdA5aEGjDeU1Z+s6 JS2zKr0t4F2bMrCsjYP1lQD8sHkCVjwJk+IJU/slcwSajDjBNlMH0yBxGYE1ETIZ qMF7/PAkLe8V78pdYmXw9pcaPyhI+ihPLnNrdhX8AI2RX5jDK7IuUNJeUM04UrVB 8N+mMwgamcuCPWNNyXaL0bz21fexZOuhHmU+B8Yn3SFX5O5b/r9gGvrjo8ei8jOk EUlBT3ViDhHNrI7PTaiI =djPm -----END PGP SIGNATURE----- . ============================================================================ Ubuntu Security Notice USN-2783-1 October 27, 2015
ntp vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 15.10
- Ubuntu 15.04
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary:
Several security issues were fixed in NTP. (CVE-2015-5146)
Miroslav Lichvar discovered that NTP incorrectly handled logconfig directives. (CVE-2015-5194)
Miroslav Lichvar discovered that NTP incorrectly handled certain statistics types. (CVE-2015-5195)
Miroslav Lichvar discovered that NTP incorrectly handled certain file paths. Cohen, and Sharon Goldberg discovered that NTP incorrectly handled restarting after hitting a panic threshold. (CVE-2015-7691, CVE-2015-7692, CVE-2015-7702)
It was discovered that NTP incorrectly handled memory when processing certain autokey messages. Cohen, and Sharon Goldberg discovered that NTP incorrectly handled rate limiting. A remote attacker could possibly use this issue to cause clients to stop updating their clock. (CVE-2015-7704, CVE-2015-7705)
Yves Younan discovered that NTP incorrectly handled logfile and keyfile directives. (CVE-2015-7850)
Yves Younan and Aleksander Nikolich discovered that NTP incorrectly handled ascii conversion. (CVE-2015-7852)
Yves Younan discovered that NTP incorrectly handled reference clock memory. A malicious refclock could possibly use this issue to cause NTP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2015-7853)
John D "Doug" Birdwell discovered that NTP incorrectly handled decoding certain bogus values. (CVE-2015-7855)
Stephen Gray discovered that NTP incorrectly handled symmetric association authentication. (CVE-2015-7871)
In the default installation, attackers would be isolated by the NTP AppArmor profile.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 15.10: ntp 1:4.2.6.p5+dfsg-3ubuntu8.1
Ubuntu 15.04: ntp 1:4.2.6.p5+dfsg-3ubuntu6.2
Ubuntu 14.04 LTS: ntp 1:4.2.6.p5+dfsg-3ubuntu2.14.04.5
Ubuntu 12.04 LTS: ntp 1:4.2.6.p3+dfsg-1ubuntu3.6
In general, a standard system update will make all the necessary changes.
On October 21st, 2015, NTP.org released a security advisory detailing 13 issues regarding multiple DoS vulnerabilities, information disclosure vulnerabilities, and logic issues that may result in an attacker gaining the ability to modify an NTP server's advertised time.
Workarounds that mitigate one or more of the vulnerabilities may be available for certain products, please see the individual Cisco Bug IDs for details.
CVE-2015-5194
It was found that ntpd could crash due to an uninitialized
variable when processing malformed logconfig configuration
commands.
CVE-2015-5195
It was found that ntpd exits with a segmentation fault when a
statistics type that was not enabled during compilation (e.g.
timingstats) is referenced by the statistics or filegen
configuration command
CVE-2015-5219
It was discovered that sntp program would hang in an infinite loop
when a crafted NTP packet was received, related to the conversion
of the precision value in the packet to double. If the threshold is exceeded
after that, ntpd will exit with a message to the system log. This
option can be used with the -q and -x options.
ntpd could actually step the clock multiple times by more than the
panic threshold if its clock discipline doesn't have enough time to
reach the sync state and stay there for at least one update.
This is contrary to what the documentation says. Normally, the
assumption is that an MITM attacker can step the clock more than the
panic threshold only once when ntpd starts and to make a larger
adjustment the attacker has to divide it into multiple smaller
steps, each taking 15 minutes, which is slow.
CVE-2015-7701
A memory leak flaw was found in ntpd's CRYPTO_ASSOC.
CVE-2015-7703
Miroslav Lichvar of Red Hat found that the :config command can be
used to set the pidfile and driftfile paths without any
restrictions. A remote attacker could use this flaw to overwrite a
file on the file system with a file containing the pid of the ntpd
process (immediately) or the current estimated drift of the system
clock (in hourly intervals). For example:
ntpq -c ':config pidfile /tmp/ntp.pid'
ntpq -c ':config driftfile /tmp/ntp.drift'
In Debian ntpd is configured to drop root privileges, which limits
the impact of this issue.
CVE-2015-7704
If ntpd as an NTP client receives a Kiss-of-Death (KoD) packet
from the server to reduce its polling rate, it doesn't check if the
originate timestamp in the reply matches the transmit timestamp from
its request. A
specially crafted configuration file could cause an endless loop
resulting in a denial of service.
CVE-2015-7852
A potential off by one vulnerability exists in the cookedprint
functionality of ntpq. A specially crafted buffer could cause a
buffer overflow potentially resulting in null byte being written out
of bounds.
CVE-2015-7871
An error handling logic error exists within ntpd that manifests due
to improper error condition handling associated with certain
crypto-NAK packets. An unauthenticated, off-path attacker can force
ntpd processes on targeted servers to peer with time sources of the
attacker's choosing by transmitting symmetric active crypto-NAK
packets to ntpd.
For the oldstable distribution (wheezy), these problems have been fixed in version 1:4.2.6.p5+dfsg-2+deb7u6.
For the stable distribution (jessie), these problems have been fixed in version 1:4.2.6.p5+dfsg-7+deb8u1.
For the testing distribution (stretch), these problems have been fixed in version 1:4.2.8p4+dfsg-3.
For the unstable distribution (sid), these problems have been fixed in version 1:4.2.8p4+dfsg-3.
We recommend that you upgrade your ntp packages.
Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patches/packages/ntp-4.2.8p4-i486-1_slack14.1.txz: Upgraded. In addition to bug fixes and enhancements, this release fixes several low and medium severity vulnerabilities. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9750 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5196 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7691 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7692 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7701 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7702 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7704 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7705 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7848 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7849 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7850 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7851 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7852 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7853 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7854 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7855 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7871 ( Security fix ) +--------------------------+
Where to find the new packages: +-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.
Updated package for Slackware 13.0: ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/ntp-4.2.8p4-i486-1_slack13.0.txz
Updated package for Slackware x86_64 13.0: ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/ntp-4.2.8p4-x86_64-1_slack13.0.txz
Updated package for Slackware 13.1: ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/ntp-4.2.8p4-i486-1_slack13.1.txz
Updated package for Slackware x86_64 13.1: ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/ntp-4.2.8p4-x86_64-1_slack13.1.txz
Updated package for Slackware 13.37: ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/ntp-4.2.8p4-i486-1_slack13.37.txz
Updated package for Slackware x86_64 13.37: ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/ntp-4.2.8p4-x86_64-1_slack13.37.txz
Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/ntp-4.2.8p4-i486-1_slack14.0.txz
Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/ntp-4.2.8p4-x86_64-1_slack14.0.txz
Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/ntp-4.2.8p4-i486-1_slack14.1.txz
Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/ntp-4.2.8p4-x86_64-1_slack14.1.txz
Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/ntp-4.2.8p4-i586-1.txz
Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/ntp-4.2.8p4-x86_64-1.txz
MD5 signatures: +-------------+
Slackware 13.0 package: 21dd14178fea17a88c9326c8672ecefd ntp-4.2.8p4-i486-1_slack13.0.txz
Slackware x86_64 13.0 package: 8647479b2007b92ff8598184f2275263 ntp-4.2.8p4-x86_64-1_slack13.0.txz
Slackware 13.1 package: e0f122e8e271dc84db06202c03cc0288 ntp-4.2.8p4-i486-1_slack13.1.txz
Slackware x86_64 13.1 package: db0aff04b72b3d8c96ca8c8e1ed36c05 ntp-4.2.8p4-x86_64-1_slack13.1.txz
Slackware 13.37 package: 5914e43e886e5ff88fefd30083493e30 ntp-4.2.8p4-i486-1_slack13.37.txz
Slackware x86_64 13.37 package: 4335c3bf2ae24afc5ad734e8d80b3e94 ntp-4.2.8p4-x86_64-1_slack13.37.txz
Slackware 14.0 package: 39b05698797b638b67130e0b170e0a4b ntp-4.2.8p4-i486-1_slack14.0.txz
Slackware x86_64 14.0 package: dcf4a56ba1d013ee1c9d0e624e158709 ntp-4.2.8p4-x86_64-1_slack14.0.txz
Slackware 14.1 package: 1fd3a7beaf23303e2c211af377662614 ntp-4.2.8p4-i486-1_slack14.1.txz
Slackware x86_64 14.1 package: 438c3185aa8ec20d1c2b5e51786e4d41 ntp-4.2.8p4-x86_64-1_slack14.1.txz
Slackware -current package: 81bfb2fed450cb26a51b5e1cee0d33ed n/ntp-4.2.8p4-i586-1.txz
Slackware x86_64 -current package: 8bae4ad633af40d4d54b7686e4b225f9 n/ntp-4.2.8p4-x86_64-1.txz
Installation instructions: +------------------------+
Upgrade the package as root:
upgradepkg ntp-4.2.8p4-i486-1_slack14.1.txz
Then, restart the NTP daemon:
sh /etc/rc.d/rc.ntpd restart
+-----+
Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com
+------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201708-1547",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ntp",
"scope": "eq",
"trust": 1.3,
"vendor": "ntp",
"version": "4.2.8"
},
{
"model": "xenserver",
"scope": "eq",
"trust": 1.3,
"vendor": "citrix",
"version": "6.0.2"
},
{
"model": "xenserver",
"scope": "eq",
"trust": 1.3,
"vendor": "citrix",
"version": "7.0"
},
{
"model": "xenserver",
"scope": "eq",
"trust": 1.3,
"vendor": "citrix",
"version": "6.5"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.1,
"vendor": "ntp",
"version": "4.3.77"
},
{
"model": "ntp",
"scope": "gte",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.0"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.6"
},
{
"model": "ntp",
"scope": "lt",
"trust": 1.0,
"vendor": "ntp",
"version": "4.2.8"
},
{
"model": "enterprise linux server eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.5"
},
{
"model": "oncommand performance manager",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "oncommand unified manager",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.6"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "data ontap",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.4"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "8.0"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.5"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "enterprise linux server eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.7"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.7"
},
{
"model": "clustered data ontap",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "enterprise linux server eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.6"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "ntp",
"scope": "lt",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.77"
},
{
"model": "enterprise security manager",
"scope": "lt",
"trust": 1.0,
"vendor": "mcafee",
"version": "11.2.0"
},
{
"model": "ntp",
"scope": "gte",
"trust": 1.0,
"vendor": "ntp",
"version": "4.2.0"
},
{
"model": "enterprise linux server eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.6"
},
{
"model": "enterprise linux server eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "7.0"
},
{
"model": "enterprise security manager",
"scope": "gte",
"trust": 1.0,
"vendor": "mcafee",
"version": "11.0.0"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.6"
},
{
"model": "enterprise linux server eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.4"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"model": "enterprise linux server eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.7"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.5"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.6"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "enterprise linux server eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "xenserver",
"scope": "eq",
"trust": 1.0,
"vendor": "citrix",
"version": "6.2.0"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "enterprise linux server eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.5"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.7"
},
{
"model": "enterprise security manager",
"scope": "lt",
"trust": 1.0,
"vendor": "mcafee",
"version": "10.4.0"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "ntp",
"scope": "eq",
"trust": 0.9,
"vendor": "ntp",
"version": "4.3.70"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ntp",
"version": null
},
{
"model": "ntp",
"scope": "lt",
"trust": 0.8,
"vendor": "ntp",
"version": "4.3.x"
},
{
"model": "ntp",
"scope": "eq",
"trust": 0.8,
"vendor": "ntp",
"version": "4.2.8p4"
},
{
"model": "ntp",
"scope": "lt",
"trust": 0.8,
"vendor": "ntp",
"version": "4.x"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "mcafee",
"version": "7.6.2.0"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "mcafee",
"version": "7.3.28"
},
{
"model": "web gateway",
"scope": "ne",
"trust": 0.6,
"vendor": "mcafee",
"version": "7.5.2.9"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "mcafee",
"version": "7.3.2.9."
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "mcafee",
"version": "7.3.2.4"
},
{
"model": "web gateway",
"scope": "ne",
"trust": 0.6,
"vendor": "mcafee",
"version": "7.6.2.1"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "mcafee",
"version": "7.3.2.9"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "mcafee",
"version": "7.5.2.8"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "mcafee",
"version": "7.4.2.1"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "mcafee",
"version": "7.3.2"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "mcafee",
"version": "7.4.0"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "mcafee",
"version": "7.1.5.1"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "mcafee",
"version": "7.3.2.10"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "mcafee",
"version": "7.4.2"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "mcafee",
"version": "7.2.0.9"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "mcafee",
"version": "7.3.2.6"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "mcafee",
"version": "7.1.5.2"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "mcafee",
"version": "7.4.1"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "mcafee",
"version": "7.4.13"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "mcafee",
"version": "7.0.0"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "mcafee",
"version": "7.3.2.2"
},
{
"model": "ntp",
"scope": "eq",
"trust": 0.6,
"vendor": "ntp",
"version": "4.3.67"
},
{
"model": "ntp",
"scope": "eq",
"trust": 0.6,
"vendor": "ntp",
"version": "4.3.74"
},
{
"model": "ntp",
"scope": "eq",
"trust": 0.6,
"vendor": "ntp",
"version": "4.3.68"
},
{
"model": "ntp",
"scope": "eq",
"trust": 0.6,
"vendor": "ntp",
"version": "4.3.69"
},
{
"model": "ntp",
"scope": "eq",
"trust": 0.6,
"vendor": "ntp",
"version": "4.3.72"
},
{
"model": "ntp",
"scope": "eq",
"trust": 0.6,
"vendor": "ntp",
"version": "4.3.73"
},
{
"model": "ntp",
"scope": "eq",
"trust": 0.6,
"vendor": "ntp",
"version": "4.3.75"
},
{
"model": "ntp",
"scope": "eq",
"trust": 0.6,
"vendor": "ntp",
"version": "4.3.76"
},
{
"model": "ntp",
"scope": "eq",
"trust": 0.6,
"vendor": "ntp",
"version": "4.3.71"
},
{
"model": "taa switch chassis",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10508-v0"
},
{
"model": "switch chassis",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "105080"
},
{
"model": "10.2-rc1-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.3.0.0"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "taa switch chassis",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "105080"
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.211"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"model": "qlogic virtual fabric extension module for ibm bladecenter",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.3.14.0"
},
{
"model": "extremexos",
"scope": "ne",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "21.1"
},
{
"model": "flexfabric 7.2tbps taa-compliant fabric/main processing uni",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "79100"
},
{
"model": "flexfabric 2qsfp+ 2-slot switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "59300"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.5"
},
{
"model": "1950-24g-2sfp+-2xgt-poe+ switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.1"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"model": "hsr6800 rse-x3 router main processing unit",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "24g 4sfp+ hi 1-slot switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "55100"
},
{
"model": "powerkvm",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"model": "smartcloud entry appliance fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.24"
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4.0.0"
},
{
"model": "edge digital media player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3400"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "small business series wireless access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3210"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.3"
},
{
"model": "48g 4sfp+ 1-slot hi switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "51300"
},
{
"model": "extremexos",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "15.7.4"
},
{
"model": "jabber guest",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0(2)"
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.219"
},
{
"model": "10.1-release-p5",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "smartcloud entry appliance fi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.4"
},
{
"model": "5130-24g-4sfp+ ei brazil switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.2"
},
{
"model": "real-time compression appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.2"
},
{
"model": "prime license manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "visual quality experience server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "9.3-release-p22",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "ff 12508e dc switch chassis",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "10.1-rc1-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.22"
},
{
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.4.0"
},
{
"model": "5130-48g-poe+-4sfp+ ei brazil switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "prime collaboration assurance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "hsr6602-xg taa-compliant router",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "flexfabric 12904e switch chassis",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "9.3-release-p10",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.3-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "extremexos patch",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "15.7.38"
},
{
"model": "1950-48g-2sfp+-2xgt switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "mpu w/comware os",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "12500v70"
},
{
"model": "prime infrastructure standalone plug and play gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ff 12518e dc switch chassis",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "5130-24g-poe+-4sfp+ ei brazil switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "qlogic 8gb intelligent pass-thru module and san switch module",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.10.1.37.00"
},
{
"model": "dc switch chassis",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "125040"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.4"
},
{
"model": "ruggedcom rox",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "1.0"
},
{
"model": "flexfabric 2.4tbps fabric main processing unit",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7910/0"
},
{
"model": "4.2.8p3",
"scope": null,
"trust": 0.3,
"vendor": "ntp",
"version": null
},
{
"model": "prime access registrar appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "scos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "flexfabric taa-compliant switch chassis",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "79100"
},
{
"model": "10.1-release-p17",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "msr2003 taa-compliant ac router",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "10.1-releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "smartcloud entry appliance fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.44"
},
{
"model": "ntp",
"scope": "eq",
"trust": 0.3,
"vendor": "ntp",
"version": "4.2.6"
},
{
"model": "main processing unit",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "125000"
},
{
"model": "msr2004-48 router",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "flexfabric 5700-32xgt-8xg-2qsfp+ taa-compliant switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "5900af-48xg-4qsfp+ taa switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "clean access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "xenserver common criteria",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "6.0.2"
},
{
"model": "common services platform collector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ac switch chassis",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "125080"
},
{
"model": "9.3-beta3-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "media experience engines",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "wap371 wireless access point",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.2"
},
{
"model": "flexfabric 12916e switch chassis",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "p1",
"scope": "eq",
"trust": 0.3,
"vendor": "ntp",
"version": "4.2.2"
},
{
"model": "flexfabric 5700-48g-4xg-2qsfp+ switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "10.1-rc2-p3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "enterprise linux server eus 6.7.z",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"model": "10.1-release-p23",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "xenserver sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "6.2.0"
},
{
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "flexfabric 7.2tbps fabric main processing unit",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7910/0"
},
{
"model": "hsr6808 router chassis",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.42"
},
{
"model": "hsr6800 rse-x2 router taa-compliant main processing",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "msr1003-8s ac router",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "5130-24g-sfp-4sfp+ ei switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "flexfabric 12900e main processing unit",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "show and share",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "sentinel",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ucs director",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "msr4060 router chassis",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "ff 12500e mpu",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "ruggedcom rox",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "1.14.5"
},
{
"model": "telepresence isdn link",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "1950-24g-4xg switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "48g poe+ 4sfp+ 1-slot hi switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "51300"
},
{
"model": "physical access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "flexfabric 32qsfp+ switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "59300"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "powerkvm",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "ac switch chassis",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "125180"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.08"
},
{
"model": "5130-48g-poe+-2sfp+-2xgt ei switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "msr4000 mpu-100 main processing unit",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "communications session border controller",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "7.2.0"
},
{
"model": "smartcloud entry appliance fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.0.4"
},
{
"model": "nac guest server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "enterprise content delivery system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1"
},
{
"model": "vsr1001 comware virtual services router",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "70"
},
{
"model": "9.3-rc",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "flexfabric 12904e main processing unit",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "9.3-beta1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.08"
},
{
"model": "5130-24g-4sfp+ ei switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "10.2-rc2-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "ff 12508e ac switch chassis",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "smartcloud entry appliance fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.0.3"
},
{
"model": "10.1-rc2-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "video delivery system recorder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "msr4080 router chassis",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.213"
},
{
"model": "10.1-release",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "communications session border controller",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "7.3.0"
},
{
"model": "websphere datapower xc10 appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.5"
},
{
"model": "msr3044 router",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "5130-48g-4sfp+ ei brazil switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "4.2.5p186",
"scope": null,
"trust": 0.3,
"vendor": "ntp",
"version": null
},
{
"model": "9.3-release-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "smartcloud entry appliance fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.22"
},
{
"model": "9.3-stable",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "10.1-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.1"
},
{
"model": "msr3064 router",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "48g poe+ 4sfp+ hi 1-slot switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "55100"
},
{
"model": "10.1-release-p9",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "netsight appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "6.0"
},
{
"model": "4.2.5p3",
"scope": null,
"trust": 0.3,
"vendor": "ntp",
"version": null
},
{
"model": "msr2004-24 ac router",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "flexfabric 32qsfp+ taa-compliant switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "59300"
},
{
"model": "smartcloud entry appliance fixpac",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.1"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.2"
},
{
"model": "automation stratix",
"scope": "ne",
"trust": 0.3,
"vendor": "rockwell",
"version": "590015.6.3"
},
{
"model": "9.3-rc2-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "flex system fc3171 8gb san switch and san pass-thru",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.0.00"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.1"
},
{
"model": "smartcloud entry appliance fix pack",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.46"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.5"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.3"
},
{
"model": "unity express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smartcloud entry appliance fix pack",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.26"
},
{
"model": "10.2-rc1-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "flexfabric 2qsfp+ 2-slot taa-compliant switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "59300"
},
{
"model": "switch chassis",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "75030"
},
{
"model": "switch chassis",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "75060"
},
{
"model": "4.2.8p5",
"scope": null,
"trust": 0.3,
"vendor": "ntp",
"version": null
},
{
"model": "hsr6602-g taa-compliant router",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "netsight appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "6.3"
},
{
"model": "telepresence exchange system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "5130-24g-poe+-2sfp+-2xgt ei switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "7"
},
{
"model": "flexfabric main processing unit",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "119000"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"model": "10.1-beta1-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "automation stratix",
"scope": "eq",
"trust": 0.3,
"vendor": "rockwell",
"version": "59000"
},
{
"model": "9.3-release-p3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.32"
},
{
"model": "5130-24g-poe+-4sfp+ ei switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.3"
},
{
"model": "switch chassis",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "75020"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.2"
},
{
"model": "msr3024 taa-compliant ac router",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "hosted collaboration mediation fulfillment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.0"
},
{
"model": "smartcloud entry appliance fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.34"
},
{
"model": "5900af 48g 4xg 2qsfp+ taa-compliant",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "flexfabric switch ac chassis",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "129160"
},
{
"model": "10.1-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "type a mpu w/comware os",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10500v70"
},
{
"model": "dc switch chassis",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "125080"
},
{
"model": "5900af-48xgt-4qsfp+ switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "intrusion prevention system solutions",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime access registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "onepk all-in-one vm",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "xenserver sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "6.5"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.0"
},
{
"model": "msr3024 dc router",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "flexfabric switch ac chassis",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "129100"
},
{
"model": "9.3-beta1-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.3-release-p25",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "summit wm3000 series",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "0"
},
{
"model": "hsr6800 rse-x2 router main processing unit",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.1"
},
{
"model": "series ip phones vpn feature",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8800-0"
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.21"
},
{
"model": "small business series wireless access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1210"
},
{
"model": "msr3012 dc router",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "5130-48g-poe+-4sfp+ ei switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "industrial router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9100"
},
{
"model": "10.2-beta2-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "vsr1008 comware virtual services router",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "70"
},
{
"model": "smartcloud entry fixpack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.0.33"
},
{
"model": "type d taa-compliant with comware os main processing un",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10500v70"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2"
},
{
"model": "video distribution suite for internet streaming",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.31"
},
{
"model": "4.2.8p7",
"scope": "ne",
"trust": 0.3,
"vendor": "ntp",
"version": null
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.218"
},
{
"model": "flexfabric taa-compliant switch chassis",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "79040"
},
{
"model": "websphere datapower xc10 appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "vsr1004 comware virtual services router",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "70"
},
{
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.20"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"model": "24g poe+ 4sfp+ 1-slot hi switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "51300"
},
{
"model": "p4",
"scope": "eq",
"trust": 0.3,
"vendor": "ntp",
"version": "4.2.4"
},
{
"model": "ruggedcom rox",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "2.9.0"
},
{
"model": "linux x86 64 -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "10.1-beta3-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "10.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"model": "netsight appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "6.4"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.3"
},
{
"model": "dcm series 9900-digital content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.3"
},
{
"model": "flexfabric switch chassis",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "79100"
},
{
"model": "10.1-rc3-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.0"
},
{
"model": "dc switch chassis",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "125180"
},
{
"model": "hsr6802 router chassis",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "hsr6602-xg router",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "extremexos",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "15.7"
},
{
"model": "switch chassis",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "75100"
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.214"
},
{
"model": "flexfabric 5700-32xgt-8xg-2qsfp+ switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "9.3-prerelease",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.3-release-p21",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "flexfabric 4-slot taa-compliant switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "59300"
},
{
"model": "smartcloud entry fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.19"
},
{
"model": "9.3-release-p24",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "extremexos",
"scope": "ne",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "16.2"
},
{
"model": "smartcloud entry appliance fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.4"
},
{
"model": "10.1-release-p19",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "hsr6804 router chassis",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "extremexos",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "15.4.1.0"
},
{
"model": "ac switch chassis",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "125040"
},
{
"model": "ruggedcom rox",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "2.6.2"
},
{
"model": "smartcloud entry appliance fixpac",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"model": "5900af-48g-4xg-2qsfp+ switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "9.3-release-p13",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "10.1-prerelease",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "msr3024 ac router",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "purview appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "6.0"
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.113"
},
{
"model": "ff 5900cp-48xg-4qsfp+ switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "network device security assessment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smartcloud entry appliance fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.0.4"
},
{
"model": "24g 4sfp+ 1-slot hi switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "51300"
},
{
"model": "smartcloud entry appliance fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.11"
},
{
"model": "asa cx and cisco prime security manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "5920af-24xg switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "flexfabric 4-slot switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "59300"
},
{
"model": "nac appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "6.0"
},
{
"model": "flexfabric 5700-40xg-2qsfp+ taa-compliant switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "msr2003 ac router",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "msr4000 taa-compliant mpu-100 main processing unit",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "ruggedcom rox",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "1.16"
},
{
"model": "9.3-release-p29",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.110"
},
{
"model": "standalone rack server cimc",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.0.0"
},
{
"model": "flexfabric main processing unit",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "129160"
},
{
"model": "9.3-rc2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "purview appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "6.3"
},
{
"model": "9.3-rc3-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.37"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "10.2"
},
{
"model": "flexfabric main processing unit",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "129100"
},
{
"model": "smartcloud entry appliance fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.21"
},
{
"model": "smartcloud entry appliance fix pack",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.36"
},
{
"model": "telepresence video communication server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nac appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "6.3"
},
{
"model": "switch chassis",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "125080"
},
{
"model": "telepresence sx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "9.3-rc1-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "10.1-rc4-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "meetingplace",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "48g 4sfp+ hi 1-slot switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "55100"
},
{
"model": "security guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"model": "smartcloud entry appliance fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.0.3"
},
{
"model": "unified computing system e-series blade server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.0"
},
{
"model": "ntp",
"scope": "ne",
"trust": 0.3,
"vendor": "ntp",
"version": "4.3.92"
},
{
"model": "flexfabric taa-compliant main processing unit",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "129100"
},
{
"model": "p74",
"scope": "eq",
"trust": 0.3,
"vendor": "ntp",
"version": "4.2.5"
},
{
"model": "expressway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smartcloud entry appliance fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.4"
},
{
"model": "flexfabric 5700-48g-4xg-2qsfp+ taa-compliant switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "5900af 48xgt 4qsfp+ taa-compliant switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "4.2.8p2",
"scope": null,
"trust": 0.3,
"vendor": "ntp",
"version": null
},
{
"model": "10.1-release-p6",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "edge digital media player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3000"
},
{
"model": "extremexos patch",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "15.7.31"
},
{
"model": "10.2-beta2-p3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"model": "msr3012 ac router",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "smartcloud entry appliance fi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.0.4"
},
{
"model": "management heartbeat server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "flex system fc3171 8gb san switch and san pass-thru",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.7.03.00"
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.09"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"model": "smartcloud entry appliance fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.4"
},
{
"model": "real-time compression appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.17"
},
{
"model": "p6",
"scope": "eq",
"trust": 0.3,
"vendor": "ntp",
"version": "4.2.4"
},
{
"model": "switch chassis",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "105040"
},
{
"model": "connected grid routers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "switch chassis",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "125180"
},
{
"model": "telepresence integrator c series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "taa switch chassis",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "105040"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.2"
},
{
"model": "p7",
"scope": "eq",
"trust": 0.3,
"vendor": "ntp",
"version": "4.2.4"
},
{
"model": "nac server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smartcloud entry appliance fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.3"
},
{
"model": "ntp",
"scope": "eq",
"trust": 0.3,
"vendor": "ntp",
"version": "4.3"
},
{
"model": "smartcloud entry appliance fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.12"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.1"
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.01"
},
{
"model": "ntp",
"scope": "eq",
"trust": 0.3,
"vendor": "ntp",
"version": "4.1.2"
},
{
"model": "p5",
"scope": "eq",
"trust": 0.3,
"vendor": "ntp",
"version": "4.2.4"
},
{
"model": "flexfabric 2.4tbps taa-compliant fabric/main processing uni",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "79100"
},
{
"model": "nac appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "5130-48g-4sfp+ ei switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "smartcloud entry appliance fixpac",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.3"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.09"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.02"
},
{
"model": "a12508 switch chassis",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "application policy infrastructure controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "5130-24g-2sfp+-2xgt ei switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "ntp",
"scope": "eq",
"trust": 0.3,
"vendor": "ntp",
"version": "4.3.25"
},
{
"model": "network analysis module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "4.2.8p4",
"scope": null,
"trust": 0.3,
"vendor": "ntp",
"version": null
},
{
"model": "extremexos",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "15.6.4"
},
{
"model": "purview appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "6.4"
},
{
"model": "prime infrastructure",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1.0.0"
},
{
"model": "identity services engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "extremexos",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "15.3"
},
{
"model": "5130-48g-2sfp+-2xgt ei switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "4.2.8p6",
"scope": null,
"trust": 0.3,
"vendor": "ntp",
"version": null
},
{
"model": "nac appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "6.4"
},
{
"model": "telepresence ex series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "msr1002-4 ac router",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "switch chassis",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "105120"
},
{
"model": "qlogic virtual fabric extension module for ibm bladecenter",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "4.2.7p11",
"scope": null,
"trust": 0.3,
"vendor": "ntp",
"version": null
},
{
"model": "5900af-48xg-4qsfp+ switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "type d main processing unit with comware os",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10500v70"
},
{
"model": "taa switch chassis",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "105120"
},
{
"model": "smartcloud entry jre update",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.0.34"
},
{
"model": "vsr1001 virtual services router day evaluation software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "600"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.37"
},
{
"model": "24g sfp 4sfp+ hi 1-slot switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "55100"
},
{
"model": "10.2-release-p6",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "10.2-stable",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.3-release-p5",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "5920af-24xg taa switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.010"
},
{
"model": "junos os",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "flexfabric switch chassis",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "79040"
},
{
"model": "flexfabric 12908e switch chassis",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "xenserver",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "6.2"
},
{
"model": "9.3-beta1-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.1"
},
{
"model": "telepresence conductor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smartcloud entry appliance fixpac",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"model": "security access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"model": "content security appliance updater servers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "6"
},
{
"model": "flexfabric taa-compliant switch ac chassis",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "129100"
},
{
"model": "10.1-release-p16",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "unified communications manager session management edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "flexfabric 5700-40xg-2qsfp+ switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "9.3-release-p6",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "main processing unit",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "75020"
},
{
"model": "support central",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "9.3-release-p9",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "ff 12518e ac switch chassis",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "small business series wireless access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"model": "virtual security gateway for microsoft hyper-v",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "p4",
"scope": "eq",
"trust": 0.3,
"vendor": "ntp",
"version": "4.2.2"
},
{
"model": "flexfabric 5900cp 48xg 4qsfp+ taa-compliant",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "prime service catalog virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "access registrar appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "24g poe+ 4sfp+ hi 1-slot switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "55100"
},
{
"model": "ntp",
"scope": "eq",
"trust": 0.3,
"vendor": "ntp",
"version": "4.3.90"
},
{
"model": "hsr6602-g router",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "videoscape control suite",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "1950-48g-2sfp+-2xgt-poe+ switch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "0"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"model": "telepresence mx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ucs central",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence profile series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "msr3024 poe router",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "a12518 switch chassis",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "visual quality experience tools server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.4"
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "extremexos",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "15.7.2"
},
{
"model": "im and presence service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ruggedcom rox",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "2.0"
},
{
"model": "ruggedcom rox",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "2.6.3"
},
{
"model": "flexfabric switch chassis",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11908-v0"
},
{
"model": "smartcloud entry appliance fi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.0.4"
},
{
"model": "cloud object store",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "10.2-prerelease",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "switch chassis",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10508-v0"
},
{
"model": "qlogic 8gb intelligent pass-thru module and san switch module",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.10"
},
{
"model": "vm server for",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "x863.4"
},
{
"model": "vm server for",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "x863.3"
},
{
"model": "vm server for",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "x863.2"
},
{
"model": "integrated lights out manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2"
},
{
"model": "integrated lights out manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.1"
},
{
"model": "integrated lights out manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.0"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#718152"
},
{
"db": "BID",
"id": "77280"
},
{
"db": "BID",
"id": "92012"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007700"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-585"
},
{
"db": "NVD",
"id": "CVE-2015-7704"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.2.8",
"versionStartIncluding": "4.2.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.2.8:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.2.8:p1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.2.8:p1-beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.2.8:p1-beta2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.2.8:p1-beta3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.2.8:p1-beta4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.2.8:p1-beta5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.2.8:p1-rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.2.8:p1-rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.2.8:p2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.2.8:p2-rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.2.8:p2-rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.2.8:p2-rc3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.2.8:p3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.2.8:p3-rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.2.8:p3-rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.2.8:p3-rc3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.3.77",
"versionStartIncluding": "4.3.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:netapp:oncommand_performance_manager:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:clustered_data_ontap:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netapp:data_ontap:-:*:*:*:*:7-mode:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:mcafee:enterprise_security_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.4.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mcafee:enterprise_security_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.2.0",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:citrix:xenserver:6.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:citrix:xenserver:6.2.0:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:citrix:xenserver:6.5:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:citrix:xenserver:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-7704"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Aanchal Malhotra, Isaac E. Cohen, Erik Brakke, and Sharon Goldberg from Boston University",
"sources": [
{
"db": "BID",
"id": "77280"
}
],
"trust": 0.3
},
"cve": "CVE-2015-7704",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": true,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2015-7704",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2015-7704",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2015-7704",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201510-585",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2015-7704",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-7704"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007700"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-585"
},
{
"db": "NVD",
"id": "CVE-2015-7704"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of crafted \"KOD\" messages. The NTP.org reference implementation of ntpd contains multiple vulnerabilities. NTP Contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Network Time Protocol is prone to a denial-of-service vulnerability. \nAn attacker can leverage this issue to cause a denial-of-service condition. Oracle Integrated Lights Out Manager is prone to a remote security vulnerability in ILOM. \nThe vulnerability can be exploited over the \u0027SSH\u0027 protocol. The \u0027SSH\u0027 sub component is affected. \nThis vulnerability affects the following supported versions:\n3.0, 3.1, 3.2\nNOTE: This BID is being retired as it is a duplicate of BID 75990 (OpenSSH Login Handling Security Bypass Weakness). Summary:\n\nUpdated ntp packages that fix two security issues are now available for\nRed Hat Enterprise Linux 6 and 7. \n\nRed Hat Product Security has rated this update as having Important security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux Desktop (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Desktop Optional (v. 6) - i386, noarch, x86_64\nRed Hat Enterprise Linux HPC Node (v. 6) - x86_64\nRed Hat Enterprise Linux HPC Node Optional (v. 6) - noarch, x86_64\nRed Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 6) - i386, noarch, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 6) - i386, noarch, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - noarch, x86_64\n\n3. \n\nIt was discovered that ntpd as a client did not correctly check timestamps\nin Kiss-of-Death packets. (CVE-2015-7704)\n\nIt was found that ntpd did not correctly implement the threshold limitation\nfor the \u0027-g\u0027 option, which is used to set the time without any\nrestrictions. A man-in-the-middle attacker able to intercept NTP traffic\nbetween a connecting client and an NTP server could use this flaw to force\nthat client to make multiple steps larger than the panic threshold,\neffectively changing the time to an arbitrary value. (CVE-2015-5300)\n\nRed Hat would like to thank Aanchal Malhotra, Isaac E. Cohen, and Sharon\nGoldberg of Boston University for reporting these issues. \n\nAll ntp users are advised to upgrade to these updated packages, which\ncontain backported patches to resolve these issues. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1271070 - CVE-2015-7704 ntp: disabling synchronization via crafted KoD packet\n1271076 - CVE-2015-5300 ntp: MITM attacker can force ntpd to make a step larger than the panic threshold\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 6):\n\nSource:\nntp-4.2.6p5-5.el6_7.2.src.rpm\n\ni386:\nntp-4.2.6p5-5.el6_7.2.i686.rpm\nntp-debuginfo-4.2.6p5-5.el6_7.2.i686.rpm\nntpdate-4.2.6p5-5.el6_7.2.i686.rpm\n\nx86_64:\nntp-4.2.6p5-5.el6_7.2.x86_64.rpm\nntp-debuginfo-4.2.6p5-5.el6_7.2.x86_64.rpm\nntpdate-4.2.6p5-5.el6_7.2.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Optional (v. 6):\n\ni386:\nntp-debuginfo-4.2.6p5-5.el6_7.2.i686.rpm\nntp-perl-4.2.6p5-5.el6_7.2.i686.rpm\n\nnoarch:\nntp-doc-4.2.6p5-5.el6_7.2.noarch.rpm\n\nx86_64:\nntp-debuginfo-4.2.6p5-5.el6_7.2.x86_64.rpm\nntp-perl-4.2.6p5-5.el6_7.2.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node (v. 6):\n\nSource:\nntp-4.2.6p5-5.el6_7.2.src.rpm\n\nx86_64:\nntp-4.2.6p5-5.el6_7.2.x86_64.rpm\nntp-debuginfo-4.2.6p5-5.el6_7.2.x86_64.rpm\nntpdate-4.2.6p5-5.el6_7.2.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Optional (v. 6):\n\nnoarch:\nntp-doc-4.2.6p5-5.el6_7.2.noarch.rpm\n\nx86_64:\nntp-debuginfo-4.2.6p5-5.el6_7.2.x86_64.rpm\nntp-perl-4.2.6p5-5.el6_7.2.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 6):\n\nSource:\nntp-4.2.6p5-5.el6_7.2.src.rpm\n\ni386:\nntp-4.2.6p5-5.el6_7.2.i686.rpm\nntp-debuginfo-4.2.6p5-5.el6_7.2.i686.rpm\nntpdate-4.2.6p5-5.el6_7.2.i686.rpm\n\nppc64:\nntp-4.2.6p5-5.el6_7.2.ppc64.rpm\nntp-debuginfo-4.2.6p5-5.el6_7.2.ppc64.rpm\nntpdate-4.2.6p5-5.el6_7.2.ppc64.rpm\n\ns390x:\nntp-4.2.6p5-5.el6_7.2.s390x.rpm\nntp-debuginfo-4.2.6p5-5.el6_7.2.s390x.rpm\nntpdate-4.2.6p5-5.el6_7.2.s390x.rpm\n\nx86_64:\nntp-4.2.6p5-5.el6_7.2.x86_64.rpm\nntp-debuginfo-4.2.6p5-5.el6_7.2.x86_64.rpm\nntpdate-4.2.6p5-5.el6_7.2.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 6):\n\ni386:\nntp-debuginfo-4.2.6p5-5.el6_7.2.i686.rpm\nntp-perl-4.2.6p5-5.el6_7.2.i686.rpm\n\nnoarch:\nntp-doc-4.2.6p5-5.el6_7.2.noarch.rpm\n\nppc64:\nntp-debuginfo-4.2.6p5-5.el6_7.2.ppc64.rpm\nntp-perl-4.2.6p5-5.el6_7.2.ppc64.rpm\n\ns390x:\nntp-debuginfo-4.2.6p5-5.el6_7.2.s390x.rpm\nntp-perl-4.2.6p5-5.el6_7.2.s390x.rpm\n\nx86_64:\nntp-debuginfo-4.2.6p5-5.el6_7.2.x86_64.rpm\nntp-perl-4.2.6p5-5.el6_7.2.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 6):\n\nSource:\nntp-4.2.6p5-5.el6_7.2.src.rpm\n\ni386:\nntp-4.2.6p5-5.el6_7.2.i686.rpm\nntp-debuginfo-4.2.6p5-5.el6_7.2.i686.rpm\nntpdate-4.2.6p5-5.el6_7.2.i686.rpm\n\nx86_64:\nntp-4.2.6p5-5.el6_7.2.x86_64.rpm\nntp-debuginfo-4.2.6p5-5.el6_7.2.x86_64.rpm\nntpdate-4.2.6p5-5.el6_7.2.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 6):\n\ni386:\nntp-debuginfo-4.2.6p5-5.el6_7.2.i686.rpm\nntp-perl-4.2.6p5-5.el6_7.2.i686.rpm\n\nnoarch:\nntp-doc-4.2.6p5-5.el6_7.2.noarch.rpm\n\nx86_64:\nntp-debuginfo-4.2.6p5-5.el6_7.2.x86_64.rpm\nntp-perl-4.2.6p5-5.el6_7.2.x86_64.rpm\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nntp-4.2.6p5-19.el7_1.3.src.rpm\n\nx86_64:\nntp-4.2.6p5-19.el7_1.3.x86_64.rpm\nntp-debuginfo-4.2.6p5-19.el7_1.3.x86_64.rpm\nntpdate-4.2.6p5-19.el7_1.3.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nnoarch:\nntp-doc-4.2.6p5-19.el7_1.3.noarch.rpm\nntp-perl-4.2.6p5-19.el7_1.3.noarch.rpm\n\nx86_64:\nntp-debuginfo-4.2.6p5-19.el7_1.3.x86_64.rpm\nsntp-4.2.6p5-19.el7_1.3.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nntp-4.2.6p5-19.el7_1.3.src.rpm\n\nx86_64:\nntp-4.2.6p5-19.el7_1.3.x86_64.rpm\nntp-debuginfo-4.2.6p5-19.el7_1.3.x86_64.rpm\nntpdate-4.2.6p5-19.el7_1.3.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nnoarch:\nntp-doc-4.2.6p5-19.el7_1.3.noarch.rpm\nntp-perl-4.2.6p5-19.el7_1.3.noarch.rpm\n\nx86_64:\nntp-debuginfo-4.2.6p5-19.el7_1.3.x86_64.rpm\nsntp-4.2.6p5-19.el7_1.3.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nntp-4.2.6p5-19.el7_1.3.src.rpm\n\nppc64:\nntp-4.2.6p5-19.el7_1.3.ppc64.rpm\nntp-debuginfo-4.2.6p5-19.el7_1.3.ppc64.rpm\nntpdate-4.2.6p5-19.el7_1.3.ppc64.rpm\n\ns390x:\nntp-4.2.6p5-19.el7_1.3.s390x.rpm\nntp-debuginfo-4.2.6p5-19.el7_1.3.s390x.rpm\nntpdate-4.2.6p5-19.el7_1.3.s390x.rpm\n\nx86_64:\nntp-4.2.6p5-19.el7_1.3.x86_64.rpm\nntp-debuginfo-4.2.6p5-19.el7_1.3.x86_64.rpm\nntpdate-4.2.6p5-19.el7_1.3.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nntp-4.2.6p5-19.ael7b_1.3.src.rpm\n\nppc64le:\nntp-4.2.6p5-19.ael7b_1.3.ppc64le.rpm\nntp-debuginfo-4.2.6p5-19.ael7b_1.3.ppc64le.rpm\nntpdate-4.2.6p5-19.ael7b_1.3.ppc64le.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nnoarch:\nntp-doc-4.2.6p5-19.el7_1.3.noarch.rpm\nntp-perl-4.2.6p5-19.el7_1.3.noarch.rpm\n\nppc64:\nntp-debuginfo-4.2.6p5-19.el7_1.3.ppc64.rpm\nsntp-4.2.6p5-19.el7_1.3.ppc64.rpm\n\ns390x:\nntp-debuginfo-4.2.6p5-19.el7_1.3.s390x.rpm\nsntp-4.2.6p5-19.el7_1.3.s390x.rpm\n\nx86_64:\nntp-debuginfo-4.2.6p5-19.el7_1.3.x86_64.rpm\nsntp-4.2.6p5-19.el7_1.3.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nnoarch:\nntp-doc-4.2.6p5-19.ael7b_1.3.noarch.rpm\nntp-perl-4.2.6p5-19.ael7b_1.3.noarch.rpm\n\nppc64le:\nntp-debuginfo-4.2.6p5-19.ael7b_1.3.ppc64le.rpm\nsntp-4.2.6p5-19.ael7b_1.3.ppc64le.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nntp-4.2.6p5-19.el7_1.3.src.rpm\n\nx86_64:\nntp-4.2.6p5-19.el7_1.3.x86_64.rpm\nntp-debuginfo-4.2.6p5-19.el7_1.3.x86_64.rpm\nntpdate-4.2.6p5-19.el7_1.3.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nnoarch:\nntp-doc-4.2.6p5-19.el7_1.3.noarch.rpm\nntp-perl-4.2.6p5-19.el7_1.3.noarch.rpm\n\nx86_64:\nntp-debuginfo-4.2.6p5-19.el7_1.3.x86_64.rpm\nsntp-4.2.6p5-19.el7_1.3.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2015-5300\nhttps://access.redhat.com/security/cve/CVE-2015-7704\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2015 Red Hat, Inc. \n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201607-15\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: NTP: Multiple vulnerabilities\n Date: July 20, 2016\n Bugs: #563774, #572452, #581528, #584954\n ID: 201607-15\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in NTP, the worst of which\ncould lead to Denial of Service. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 net-misc/ntp \u003c 4.2.8_p8 \u003e= 4.2.8_p8\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in NTP. Please review the\nCVE identifiers referenced below for details. \n\nResolution\n==========\n\nAll NTP users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-misc/ntp-4.2.8_p8\"\n\nReferences\n==========\n\n[ 1 ] CVE-2015-7691\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7691\n[ 2 ] CVE-2015-7692\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7692\n[ 3 ] CVE-2015-7701\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7701\n[ 4 ] CVE-2015-7702\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7702\n[ 5 ] CVE-2015-7703\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7703\n[ 6 ] CVE-2015-7704\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7704\n[ 7 ] CVE-2015-7705\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7705\n[ 8 ] CVE-2015-7848\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7848\n[ 9 ] CVE-2015-7849\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7849\n[ 10 ] CVE-2015-7850\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7850\n[ 11 ] CVE-2015-7851\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7851\n[ 12 ] CVE-2015-7852\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7852\n[ 13 ] CVE-2015-7853\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7853\n[ 14 ] CVE-2015-7854\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7854\n[ 15 ] CVE-2015-7855\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7855\n[ 16 ] CVE-2015-7871\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7871\n[ 17 ] CVE-2015-7973\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7973\n[ 18 ] CVE-2015-7974\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7974\n[ 19 ] CVE-2015-7975\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7975\n[ 20 ] CVE-2015-7976\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7976\n[ 21 ] CVE-2015-7977\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7977\n[ 22 ] CVE-2015-7978\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7978\n[ 23 ] CVE-2015-7979\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7979\n[ 24 ] CVE-2015-8138\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8138\n[ 25 ] CVE-2015-8139\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8139\n[ 26 ] CVE-2015-8140\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8140\n[ 27 ] CVE-2015-8158\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8158\n[ 28 ] CVE-2016-1547\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1547\n[ 29 ] CVE-2016-1548\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1548\n[ 30 ] CVE-2016-1549\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1549\n[ 31 ] CVE-2016-1550\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1550\n[ 32 ] CVE-2016-1551\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1551\n[ 33 ] CVE-2016-2516\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2516\n[ 34 ] CVE-2016-2517\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2517\n[ 35 ] CVE-2016-2518\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2518\n[ 36 ] CVE-2016-2519\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2519\n[ 37 ] CVE-2016-4953\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4953\n[ 38 ] CVE-2016-4954\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4954\n[ 39 ] CVE-2016-4955\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4955\n[ 40 ] CVE-2016-4956\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4956\n[ 41 ] CVE-2016-4957\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4957\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201607-15\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2016 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n\n. \n\nRelease Date: 2016-09-21\nLast Updated: 2016-09-21\n\nPotential Security Impact: Multiple Remote Vulnerabilities\n\nSource: Hewlett Packard Enterprise, Product Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities in NTP have been addressed with HPE\nComware 7 (CW7) network products. \n\nReferences:\n\n - CVE-2015-7704\n - CVE-2015-7705\n - CVE-2015-7855\n - CVE-2015-7871\n - PSRT110228\n - SSRT102943\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \n - Comware 7 (CW7) Products - Please refer to the RESOLUTION\n below for a list of impacted products. All product versions are impacted\nprior to the fixed versions listed. \n\nBACKGROUND\n\n CVSS Base Metrics\n =================\n Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector\n\n CVE-2015-7704\n 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L\n 6.4 (AV:N/AC:L/Au:N/C:N/I:P/A:P)\n\n CVE-2015-7705\n 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L\n 6.4 (AV:N/AC:L/Au:N/C:N/I:P/A:P)\n\n CVE-2015-7855\n 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L\n 6.4 (AV:N/AC:L/Au:N/C:N/I:P/A:P)\n\n CVE-2015-7871\n 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\n 5.0 (AV:N/AC:L/Au:N/C:N/I:P/A:N)\n\n Information on CVSS is documented in\n HPE Customer Notice HPSN-2008-002 here:\n\nhttps://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499\n\nRESOLUTION\nHPE has released the following software updates to resolve the\nvulnerabilities in HPE Comware 7 network products. \n\n**COMWARE 7 Products**\n\n + **12500 (Comware 7) - Version: R7377**\n * HP Network Products\n - JC072B HP 12500 Main Processing Unit\n - JC085A HP A12518 Switch Chassis\n - JC086A HP A12508 Switch Chassis\n - JC652A HP 12508 DC Switch Chassis\n - JC653A HP 12518 DC Switch Chassis\n - JC654A HP 12504 AC Switch Chassis\n - JC655A HP 12504 DC Switch Chassis\n - JF430A HP A12518 Switch Chassis\n - JF430B HP 12518 Switch Chassis\n - JF430C HP 12518 AC Switch Chassis\n - JF431A HP A12508 Switch Chassis\n - JF431B HP 12508 Switch Chassis\n - JF431C HP 12508 AC Switch Chassis\n - JG497A HP 12500 MPU w/Comware V7 OS\n - JG782A HP FF 12508E AC Switch Chassis\n - JG783A HP FF 12508E DC Switch Chassis\n - JG784A HP FF 12518E AC Switch Chassis\n - JG785A HP FF 12518E DC Switch Chassis\n - JG802A HP FF 12500E MPU\n + **10500 (Comware 7) - Version: R7178**\n * HP Network Products\n - JC611A HP 10508-V Switch Chassis\n - JC612A HP 10508 Switch Chassis\n - JC613A HP 10504 Switch Chassis\n - JC748A HP 10512 Switch Chassis\n - JG608A HP FlexFabric 11908-V Switch Chassis\n - JG609A HP FlexFabric 11900 Main Processing Unit\n - JG820A HP 10504 TAA Switch Chassis\n - JG821A HP 10508 TAA Switch Chassis\n - JG822A HP 10508-V TAA Switch Chassis\n - JG823A HP 10512 TAA Switch Chassis\n - JG496A HP 10500 Type A MPU w/Comware v7 OS\n - JH198A HP 10500 Type D Main Processing Unit with Comware v7 Operating\nSystem\n - JH206A HP 10500 Type D TAA-compliant with Comware v7 Operating System\nMain Processing Unit\n + **12900 (Comware 7) - Version: R1138P03**\n * HP Network Products\n - JG619A HP FlexFabric 12910 Switch AC Chassis\n - JG621A HP FlexFabric 12910 Main Processing Unit\n - JG632A HP FlexFabric 12916 Switch AC Chassis\n - JG634A HP FlexFabric 12916 Main Processing Unit\n - JH104A HP FlexFabric 12900E Main Processing Unit\n - JH114A HP FlexFabric 12910 TAA-compliant Main Processing Unit\n - JH263A HP FlexFabric 12904E Main Processing Unit\n - JH255A HP FlexFabric 12908E Switch Chassis\n - JH262A HP FlexFabric 12904E Switch Chassis\n - JH113A HP FlexFabric 12910 TAA-compliant Switch AC Chassis\n - JH103A HP FlexFabric 12916E Switch Chassis\n + **5900 (Comware 7) - Version: R2422P02**\n * HP Network Products\n - JC772A HP 5900AF-48XG-4QSFP+ Switch\n - JG296A HP 5920AF-24XG Switch\n - JG336A HP 5900AF-48XGT-4QSFP+ Switch\n - JG510A HP 5900AF-48G-4XG-2QSFP+ Switch\n - JG554A HP 5900AF-48XG-4QSFP+ TAA Switch\n - JG555A HP 5920AF-24XG TAA Switch\n - JG838A HP FF 5900CP-48XG-4QSFP+ Switch\n - JH036A HP FlexFabric 5900CP 48XG 4QSFP+ TAA-Compliant\n - JH037A HP 5900AF 48XGT 4QSFP+ TAA-Compliant Switch\n - JH038A HP 5900AF 48G 4XG 2QSFP+ TAA-Compliant\n + **MSR1000 (Comware 7) - Version: R0305P08**\n * HP Network Products\n - JG875A HP MSR1002-4 AC Router\n - JH060A HP MSR1003-8S AC Router\n + **MSR2000 (Comware 7) - Version: R0305P08**\n * HP Network Products\n - JG411A HP MSR2003 AC Router\n - JG734A HP MSR2004-24 AC Router\n - JG735A HP MSR2004-48 Router\n - JG866A HP MSR2003 TAA-compliant AC Router\n + **MSR3000 (Comware 7) - Version: R0305P08**\n * HP Network Products\n - JG404A HP MSR3064 Router\n - JG405A HP MSR3044 Router\n - JG406A HP MSR3024 AC Router\n - JG407A HP MSR3024 DC Router\n - JG408A HP MSR3024 PoE Router\n - JG409A HP MSR3012 AC Router\n - JG410A HP MSR3012 DC Router\n - JG861A HP MSR3024 TAA-compliant AC Router\n + **MSR4000 (Comware 7) - Version: R0305P08**\n * HP Network Products\n - JG402A HP MSR4080 Router Chassis\n - JG403A HP MSR4060 Router Chassis\n - JG412A HP MSR4000 MPU-100 Main Processing Unit\n - JG869A HP MSR4000 TAA-compliant MPU-100 Main Processing Unit\n + **VSR (Comware 7) - Version: E0322**\n * HP Network Products\n - JG810AAE HP VSR1001 Virtual Services Router 60 Day Evaluation\nSoftware\n - JG811AAE HP VSR1001 Comware 7 Virtual Services Router\n - JG812AAE HP VSR1004 Comware 7 Virtual Services Router\n - JG813AAE HP VSR1008 Comware 7 Virtual Services Router\n + **7900 (Comware 7) - Version: R2138P03**\n * HP Network Products\n - JG682A HP FlexFabric 7904 Switch Chassis\n - JG841A HP FlexFabric 7910 Switch Chassis\n - JG842A HP FlexFabric 7910 7.2Tbps Fabric / Main Processing Unit\n - JH001A HP FlexFabric 7910 2.4Tbps Fabric / Main Processing Unit\n - JH122A HP FlexFabric 7904 TAA-compliant Switch Chassis\n - JH123A HP FlexFabric 7910 TAA-compliant Switch Chassis\n - JH124A HP FlexFabric 7910 7.2Tbps TAA-compliant Fabric/Main\nProcessing Unit\n - JH125A HP FlexFabric 7910 2.4Tbps TAA-compliant Fabric/Main\nProcessing Unit\n + **5130 (Comware 7) - Version: R3111P03**\n * HP Network Products\n - JG932A HP 5130-24G-4SFP+ EI Switch\n - JG933A HP 5130-24G-SFP-4SFP+ EI Switch\n - JG934A HP 5130-48G-4SFP+ EI Switch\n - JG936A HP 5130-24G-PoE+-4SFP+ (370W) EI Switch\n - JG937A HP 5130-48G-PoE+-4SFP+ (370W) EI Switch\n - JG938A HP 5130-24G-2SFP+-2XGT EI Switch\n - JG939A HP 5130-48G-2SFP+-2XGT EI Switch\n - JG940A HP 5130-24G-PoE+-2SFP+-2XGT (370W) EI Switch\n - JG941A HP 5130-48G-PoE+-2SFP+-2XGT (370W) EI Switch\n - JG975A HP 5130-24G-4SFP+ EI Brazil Switch\n - JG976A HP 5130-48G-4SFP+ EI Brazil Switch\n - JG977A HP 5130-24G-PoE+-4SFP+ (370W) EI Brazil Switch\n - JG978A HP 5130-48G-PoE+-4SFP+ (370W) EI Brazil Switch\n + **5700 (Comware 7) - Version: R2422P02**\n * HP Network Products\n - JG894A HP FlexFabric 5700-48G-4XG-2QSFP+ Switch\n - JG895A HP FlexFabric 5700-48G-4XG-2QSFP+ TAA-compliant Switch\n - JG896A HP FlexFabric 5700-40XG-2QSFP+ Switch\n - JG897A HP FlexFabric 5700-40XG-2QSFP+ TAA-compliant Switch\n - JG898A HP FlexFabric 5700-32XGT-8XG-2QSFP+ Switch\n - JG899A HP FlexFabric 5700-32XGT-8XG-2QSFP+ TAA-compliant Switch\n + **5930 (Comware 7) - Version: R2422P02**\n * HP Network Products\n - JG726A HP FlexFabric 5930 32QSFP+ Switch\n - JG727A HP FlexFabric 5930 32QSFP+ TAA-compliant Switch\n - JH178A HP FlexFabric 5930 2QSFP+ 2-slot Switch\n - JH179A HP FlexFabric 5930 4-slot Switch\n - JH187A HP FlexFabric 5930 2QSFP+ 2-slot TAA-compliant Switch\n - JH188A HP FlexFabric 5930 4-slot TAA-compliant Switch\n + **HSR6600 (Comware 7) - Version: R7103P07**\n * HP Network Products\n - JG353A HP HSR6602-G Router\n - JG354A HP HSR6602-XG Router\n - JG776A HP HSR6602-G TAA-compliant Router\n - JG777A HP HSR6602-XG TAA-compliant Router\n + **HSR6800 (Comware 7) - Version: R7103P07**\n * HP Network Products\n - JG361A HP HSR6802 Router Chassis\n - JG361B HP HSR6802 Router Chassis\n - JG362A HP HSR6804 Router Chassis\n - JG362B HP HSR6804 Router Chassis\n - JG363A HP HSR6808 Router Chassis\n - JG363B HP HSR6808 Router Chassis\n - JG364A HP HSR6800 RSE-X2 Router Main Processing Unit\n - JG779A HP HSR6800 RSE-X2 Router TAA-compliant Main Processing\n - JH075A HP HSR6800 RSE-X3 Router Main Processing Unit\n + **1950 (Comware 7) - Version: R3111P03**\n * HP Network Products\n - JG960A HP 1950-24G-4XG Switch\n - JG961A HP 1950-48G-2SFP+-2XGT Switch\n - JG962A HP 1950-24G-2SFP+-2XGT-PoE+(370W) Switch\n - JG963A HP 1950-48G-2SFP+-2XGT-PoE+(370W) Switch\n + **7500 (Comware 7) - Version: R7178**\n * HP Network Products\n - JD238C HP 7510 Switch Chassis\n - JD239C HP 7506 Switch Chassis\n - JD240C HP 7503 Switch Chassis\n - JD242C HP 7502 Switch Chassis\n - JH207A HP 7500 1.2Tbps Fabric with 2-port 40GbE QSFP+ for IRF-Only\nMain Processing Unit\n - JH208A HP 7502 Main Processing Unit\n - JH209A HP 7500 2.4Tbps Fabric with 8-port 1/10GbE SFP+ and 2-port\n40GbE QSFP+ Main Processing Unit\n + **5130HI - Version: R1118P02**\n * HP Network Products\n - JH323A HPE 5130 24G 4SFP+ 1-slot HI Switch\n - JH324A HPE 5130 48G 4SFP+ 1-slot HI Switch\n - JH325A HPE 5130 24G PoE+ 4SFP+ 1-slot HI Switch\n - JH326A HPE 5130 48G PoE+ 4SFP+ 1-slot HI Switch\n + **5510HI - Version: R1118P02**\n * HP Network Products\n - JH145A HPE 5510 24G 4SFP+ HI 1-slot Switch\n - JH146A HPE 5510 48G 4SFP+ HI 1-slot Switch\n - JH147A HPE 5510 24G PoE+ 4SFP+ HI 1-slot Switch\n - JH148A HPE 5510 48G PoE+ 4SFP+ HI 1-slot Switch\n - JH149A HPE 5510 24G SFP 4SFP+ HI 1-slot Switch\n\n**Note:** Please contact HPE Technical Support if any assistance is needed\nacquiring the software updates. \n\nHISTORY\nVersion:1 (rev.1) - 21 September 2016 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running Hewlett Packard Enterprise (HPE) software\nproducts should be applied in accordance with the customer\u0027s patch management\npolicy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HPE Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hpe.com. \n\nReport: To report a potential security vulnerability for any HPE supported\nproduct:\n Web form: https://www.hpe.com/info/report-security-vulnerability\n Email: security-alert@hpe.com\n\nSubscribe: To initiate a subscription to receive future HPE Security Bulletin\nalerts via Email: http://www.hpe.com/support/Subscriber_Choice\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here: http://www.hpe.com/support/Security_Bulletin_Archive\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HPE General Software\nHF = HPE Hardware and Firmware\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPV = ProCurve\nST = Storage Software\nUX = HP-UX\n\nCopyright 2016 Hewlett Packard Enterprise\n\nHewlett Packard Enterprise shall not be liable for technical or editorial\nerrors or omissions contained herein. The information provided is provided\n\"as is\" without warranty of any kind. To the extent permitted by law, neither\nHP or its affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. Hewlett\nPackard Enterprise and the names of Hewlett Packard Enterprise products\nreferenced herein are trademarks of Hewlett Packard Enterprise in the United\nStates and other countries. Other product and company names mentioned herein\nmay be trademarks of their respective owners. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=============================================================================\nFreeBSD-SA-15:25.ntp Security Advisory\n The FreeBSD Project\n\nTopic: Multiple vulnerabilities of ntp\n\nCategory: contrib\nModule: ntp\nAnnounced: 2015-10-26\nCredits: Network Time Foundation\nAffects: All supported versions of FreeBSD. \nCorrected: 2015-10-26 11:35:40 UTC (stable/10, 10.2-STABLE)\n 2015-10-26 11:36:55 UTC (releng/10.2, 10.2-RELEASE-p6)\n 2015-10-26 11:37:31 UTC (releng/10.1, 10.1-RELEASE-p23)\n 2015-10-26 11:36:40 UTC (stable/9, 9.3-STABLE)\n 2015-10-26 11:42:25 UTC (releng/9.3, 9.3-RELEASE-p29)\nCVE Name: CVE-2015-7701, CVE-2015-7702, CVE-2015-7703, CVE-2015-7704,\n CVE-2015-7848, CVE-2015-7849, CVE-2015-7850, CVE-2015-7851,\n CVE-2015-7852, CVE-2015-7853, CVE-2015-7854, CVE-2015-7855,\n CVE-2015-7871\n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit https://security.FreeBSD.org/. \n\nI. \n\nII. Problem Description\n\nCrypto-NAK packets can be used to cause ntpd(8) to accept time from an\nunauthenticated ephemeral symmetric peer by bypassing the authentication\nrequired to mobilize peer associations. [CVE-2015-7871] FreeBSD 9.3 and\n10.1 are not affected. \n\nIf ntpd(8) is fed a crafted mode 6 or mode 7 packet containing an unusual\nlong data value where a network address is expected, the decodenetnum()\nfunction will abort with an assertion failure instead of simply returning\na failure condition. [CVE-2015-7855]\n\nIf ntpd(8) is configured to allow remote configuration, and if the\n(possibly spoofed) source IP address is allowed to send remote\nconfiguration requests, and if the attacker knows the remote\nconfiguration password or if ntpd(8) was configured to disable\nauthentication, then an attacker can send a set of packets to ntpd(8) that\nmay cause it to crash, with the hypothetical possibility of a small code\ninjection. [CVE-2015-7854]\n\nA negative value for the datalen parameter will overflow a data buffer. \nNTF\u0027s ntpd(8) driver implementations always set this value to 0 and are\ntherefore not vulnerable to this weakness. If you are running a custom\nrefclock driver in ntpd(8) and that driver supplies a negative value for\ndatalen (no custom driver of even minimal competence would do this)\nthen ntpd would overflow a data buffer. It is even hypothetically\npossible in this case that instead of simply crashing ntpd the\nattacker could effect a code injection attack. [CVE-2015-7853]\n\nIf an attacker can figure out the precise moment that ntpq(8) is listening\nfor data and the port number it is listening on or if the attacker can\nprovide a malicious instance ntpd(8) that victims will connect to then an\nattacker can send a set of crafted mode 6 response packets that, if\nreceived by ntpq(8), can cause ntpq(8) to crash. [CVE-2015-7852]\n\nIf ntpd(8) is configured to allow remote configuration, and if the\n(possibly spoofed) IP address is allowed to send remote configuration\nrequests, and if the attacker knows the remote configuration password\nor if ntpd(8) was configured to disable authentication, then an attacker\ncan send a set of packets to ntpd that may cause ntpd(8) to overwrite\nfiles. [CVE-2015-7851]. The default configuration of ntpd(8) within\nFreeBSD does not allow remote configuration. \n\nIf ntpd(8) is configured to allow remote configuration, and if the\n(possibly spoofed) source IP address is allowed to send remote\nconfiguration requests, and if the attacker knows the remote\nconfiguration password or if ntpd(8) was configured to disable\nauthentication, then an attacker can send a set of packets to ntpd\nthat will cause it to crash and/or create a potentially huge log\nfile. Specifically, the attacker could enable extended logging,\npoint the key file at the log file, and cause what amounts to an\ninfinite loop. [CVE-2015-7850]. The default configuration of ntpd(8)\nwithin FreeBSD does not allow remote configuration. \n\nIf ntpd(8) is configured to allow remote configuration, and if the\n(possibly spoofed) source IP address is allowed to send remote\nconfiguration requests, and if the attacker knows the remote\nconfiguration password or if ntpd was configured to disable\nauthentication, then an attacker can send a set of packets to\nntpd that may cause a crash or theoretically perform a code\ninjection attack. [CVE-2015-7849]. The default configuration of ntpd(8)\nwithin FreeBSD does not allow remote configuration. \n\nIf ntpd(8) is configured to enable mode 7 packets, and if the use\nof mode 7 packets is not properly protected thru the use of the\navailable mode 7 authentication and restriction mechanisms, and\nif the (possibly spoofed) source IP address is allowed to send\nmode 7 queries, then an attacker can send a crafted packet to\nntpd that will cause it to crash. [CVE-2015-7848]. The default\nconfiguration of ntpd(8) within FreeBSD does not allow mode 7\npackets. \n\nIf ntpd(8) is configured to use autokey, then an attacker can send\npackets to ntpd that will, after several days of ongoing attack,\ncause it to run out of memory. [CVE-2015-7701]. The default\nconfiguration of ntpd(8) within FreeBSD does not use autokey. \n\nIf ntpd(8) is configured to allow for remote configuration, and if\nthe (possibly spoofed) source IP address is allowed to send\nremote configuration requests, and if the attacker knows the\nremote configuration password, it\u0027s possible for an attacker\nto use the \"pidfile\" or \"driftfile\" directives to potentially\noverwrite other files. [CVE-2015-5196]. The default configuration\nof ntpd(8) within FreeBSD does not allow remote configuration\n\nAn ntpd(8) client that honors Kiss-of-Death responses will honor\nKoD messages that have been forged by an attacker, causing it\nto delay or stop querying its servers for time updates. Also,\nan attacker can forge packets that claim to be from the target\nand send them to servers often enough that a server that\nimplements KoD rate limiting will send the target machine a\nKoD response to attempt to reduce the rate of incoming packets,\nor it may also trigger a firewall block at the server for\npackets from the target machine. For either of these attacks\nto succeed, the attacker must know what servers the target\nis communicating with. An attacker can be anywhere on the\nInternet and can frequently learn the identity of the target\u0027s\ntime source by sending the target a time query. [CVE-2015-7704]\n\nThe fix for CVE-2014-9750 was incomplete in that there were\ncertain code paths where a packet with particular autokey\noperations that contained malicious data was not always being\ncompletely validated. Receipt of these packets can cause ntpd\nto crash. [CVE-2015-7702]. The default configuration of ntpd(8)\nwithin FreeBSD does not use autokey. \n\nIII. Impact\n\nAn attacker which can send NTP packets to ntpd(8), which uses cryptographic\nauthentication of NTP data, may be able to inject malicious time data\ncausing the system clock to be set incorrectly. [CVE-2015-7871]\n\nAn attacker which can send NTP packets to ntpd(8), can block the\ncommunication of the daemon with time servers, causing the system\nclock not being synchronized. [CVE-2015-7704]\n\nAn attacker which can send NTP packets to ntpd(8), can remotely crash\nthe daemon, sending malicious data packet. [CVE-2015-7855] [CVE-2015-7854]\n[CVE-2015-7853] [CVE-2015-7852] [CVE-2015-7849] [CVE-2015-7848]\n\nAn attacker which can send NTP packets to ntpd(8), can remotely\ntrigger the daemon to overwrite its configuration files. [CVE-2015-7851]\n[CVE-2015-5196]\n\nIV. Workaround\n\nNo workaround is available, but systems not running ntpd(8) are not\naffected. Network administrators are advised to implement BCP-38,\nwhich helps to reduce risk associated with the attacks. \n\nV. Solution\n\nPerform one of the following:\n\n1) Upgrade your vulnerable system to a supported FreeBSD stable or\nrelease / security branch (releng) dated after the correction date. \n\nThe ntpd service has to be restarted after the update. A reboot is\nrecommended but not required. \n\n2) To update your vulnerable system via a binary patch:\n\nSystems running a RELEASE version of FreeBSD on the i386 or amd64\nplatforms can be updated via the freebsd-update(8) utility:\n\n# freebsd-update fetch\n# freebsd-update install\n\nThe ntpd service has to be restarted after the update. A reboot is\nrecommended but not required. \n\n3) To update your vulnerable system via a source code patch:\n\nThe following patches have been verified to apply to the applicable\nFreeBSD release branches. \n\na) Download the relevant patch from the location below, and verify the\ndetached PGP signature using your PGP utility. \n\n[FreeBSD 10.2]\n# fetch https://security.FreeBSD.org/patches/SA-15:25/ntp-102.patch.bz2\n# bunzip2 ntp-102.patch.bz2\n# fetch https://security.FreeBSD.org/patches/SA-15:25/ntp-102.patch.asc\n# gpg --verify ntp-102.patch.asc\n\n[FreeBSD 10.1]\n# fetch https://security.FreeBSD.org/patches/SA-15:25/ntp-101.patch.bz2\n# bunzip2 ntp-101.patch.bz2\n# fetch https://security.FreeBSD.org/patches/SA-15:25/ntp-101.patch.asc\n# gpg --verify ntp-101.patch.asc\n\n[FreeBSD 9.3]\n# fetch https://security.FreeBSD.org/patches/SA-15:25/ntp-93.patch.bz2\n# bunzip2 ntp-93.patch.bz2\n# fetch https://security.FreeBSD.org/patches/SA-15:25/ntp-93.patch.asc\n# gpg --verify ntp-93.patch.asc\n\nb) Apply the patch. Execute the following commands as root:\n\n# cd /usr/src\n# patch \u003c /path/to/patch\n# find contrib/ntp -type f -empty -delete\n\nc) Recompile the operating system using buildworld and installworld as\ndescribed in https://www.FreeBSD.org/handbook/makeworld.html. \n\nd) For 9.3-RELEASE and 10.1-RELEASE an update to /etc/ntp.conf is recommended,\nwhich can be done with help of the mergemaster(8) tool on 9.3-RELEASE and\nwith help of the etcupdate(8) tool on 10.1-RELEASE. \n\nRestart the ntpd(8) daemon, or reboot the system. \n\nVI. Correction details\n\nThe following list contains the correction revision numbers for each\naffected branch. \n\nBranch/path Revision\n- -------------------------------------------------------------------------\nstable/9/ r289998\nreleng/9.3/ r290001\nstable/10/ r289997\nreleng/10.1/ r290000\nreleng/10.2/ r289999\n- -------------------------------------------------------------------------\n\nTo see which files were modified by a particular revision, run the\nfollowing command, replacing NNNNNN with the revision number, on a\nmachine with Subversion installed:\n\n# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base\n\nOr visit the following URL, replacing NNNNNN with the revision number:\n\nhttps://svnweb.freebsd.org/base?view=revision\u0026revision=NNNNNN\n\nVII. References\n\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7701\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7702\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7703\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7704\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7848\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7849\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7850\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7851\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7852\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7853\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7854\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7855\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7871\n\nThe latest revision of this advisory is available at\nhttps://security.FreeBSD.org/advisories/FreeBSD-SA-15:25.ntp.asc\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIcBAEBAgAGBQJWLhOJAAoJEO1n7NZdz2rn91wP/2GwEt1boNQq2a7nYzv/mS5D\nsYKkIi7o+2yr2BLXvtc3O7c9QC3/YeGsza9DTRqndcY572SWvRgtkFstMTTm8IV/\nRVlIE40gVR3tex0zo7BiD7uKUrxWxWcpwMbE5dzlE+vSybyyj0dSSkwUHJjrbJoA\nRmyNuEEUhQn5sRCg6qJv/PLp2G7BcYAasKScukjm7QnLP2kq/tvM9mcqwfh2tadM\n7kbf8uq+ykvsRzctaDnxQaB5+zJxBQYJjBelxQfIkNek0XGfdj3sRwISeFznbllq\nmOLTIBaFiuEtHtusO7MKKavMgS5CQJOvuuvd/l3NY1MnxC6X/1SWig9KIKDIn/hv\nq8dsnq7LLx+tO6Cv4Dub7EbC2ZP3xXGOC4Ie02z8bTZnbX7iwyPUidQQqtU9ra15\nrxzFcZnBxu+yyMNJVsV2qVV/r9OycgKxWlEELC1wYrK9fKfvLdA5aEGjDeU1Z+s6\nJS2zKr0t4F2bMrCsjYP1lQD8sHkCVjwJk+IJU/slcwSajDjBNlMH0yBxGYE1ETIZ\nqMF7/PAkLe8V78pdYmXw9pcaPyhI+ihPLnNrdhX8AI2RX5jDK7IuUNJeUM04UrVB\n8N+mMwgamcuCPWNNyXaL0bz21fexZOuhHmU+B8Yn3SFX5O5b/r9gGvrjo8ei8jOk\nEUlBT3ViDhHNrI7PTaiI\n=djPm\n-----END PGP SIGNATURE-----\n. ============================================================================\nUbuntu Security Notice USN-2783-1\nOctober 27, 2015\n\nntp vulnerabilities\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 15.10\n- Ubuntu 15.04\n- Ubuntu 14.04 LTS\n- Ubuntu 12.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in NTP. (CVE-2015-5146)\n\nMiroslav Lichvar discovered that NTP incorrectly handled logconfig\ndirectives. (CVE-2015-5194)\n\nMiroslav Lichvar discovered that NTP incorrectly handled certain statistics\ntypes. (CVE-2015-5195)\n\nMiroslav Lichvar discovered that NTP incorrectly handled certain file\npaths. Cohen, and Sharon Goldberg discovered that NTP\nincorrectly handled restarting after hitting a panic threshold. \n(CVE-2015-7691, CVE-2015-7692, CVE-2015-7702)\n\nIt was discovered that NTP incorrectly handled memory when processing\ncertain autokey messages. Cohen, and Sharon Goldberg discovered that NTP\nincorrectly handled rate limiting. A remote attacker could possibly use\nthis issue to cause clients to stop updating their clock. (CVE-2015-7704,\nCVE-2015-7705)\n\nYves Younan discovered that NTP incorrectly handled logfile and keyfile\ndirectives. (CVE-2015-7850)\n\nYves Younan and Aleksander Nikolich discovered that NTP incorrectly handled\nascii conversion. (CVE-2015-7852)\n\nYves Younan discovered that NTP incorrectly handled reference clock memory. \nA malicious refclock could possibly use this issue to cause NTP to crash,\nresulting in a denial of service, or possibly execute arbitrary code. \n(CVE-2015-7853)\n\nJohn D \"Doug\" Birdwell discovered that NTP incorrectly handled decoding\ncertain bogus values. (CVE-2015-7855)\n\nStephen Gray discovered that NTP incorrectly handled symmetric association\nauthentication. (CVE-2015-7871)\n\nIn the default installation, attackers would be isolated by the NTP\nAppArmor profile. \n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 15.10:\n ntp 1:4.2.6.p5+dfsg-3ubuntu8.1\n\nUbuntu 15.04:\n ntp 1:4.2.6.p5+dfsg-3ubuntu6.2\n\nUbuntu 14.04 LTS:\n ntp 1:4.2.6.p5+dfsg-3ubuntu2.14.04.5\n\nUbuntu 12.04 LTS:\n ntp 1:4.2.6.p3+dfsg-1ubuntu3.6\n\nIn general, a standard system update will make all the necessary changes. \n\nOn October 21st, 2015, NTP.org released a security advisory detailing 13 issues regarding multiple DoS vulnerabilities, information disclosure vulnerabilities, and logic issues that may result in an attacker gaining the ability to modify an NTP server\u0027s advertised time. \n\nWorkarounds that mitigate one or more of the vulnerabilities may be available for certain products, please see the individual Cisco Bug IDs for details. \n\nCVE-2015-5194\n\n It was found that ntpd could crash due to an uninitialized\n variable when processing malformed logconfig configuration\n commands. \n\nCVE-2015-5195\n\n It was found that ntpd exits with a segmentation fault when a\n statistics type that was not enabled during compilation (e.g. \n timingstats) is referenced by the statistics or filegen\n configuration command\n\nCVE-2015-5219\n\n It was discovered that sntp program would hang in an infinite loop\n when a crafted NTP packet was received, related to the conversion\n of the precision value in the packet to double. If the threshold is exceeded\n after that, ntpd will exit with a message to the system log. This\n option can be used with the -q and -x options. \n\n ntpd could actually step the clock multiple times by more than the\n panic threshold if its clock discipline doesn\u0027t have enough time to\n reach the sync state and stay there for at least one update. \n\n This is contrary to what the documentation says. Normally, the\n assumption is that an MITM attacker can step the clock more than the\n panic threshold only once when ntpd starts and to make a larger\n adjustment the attacker has to divide it into multiple smaller\n steps, each taking 15 minutes, which is slow. \n\nCVE-2015-7701\n\n A memory leak flaw was found in ntpd\u0027s CRYPTO_ASSOC. \n\nCVE-2015-7703\n\n Miroslav Lichvar of Red Hat found that the :config command can be\n used to set the pidfile and driftfile paths without any\n restrictions. A remote attacker could use this flaw to overwrite a\n file on the file system with a file containing the pid of the ntpd\n process (immediately) or the current estimated drift of the system\n clock (in hourly intervals). For example:\n\n ntpq -c \u0027:config pidfile /tmp/ntp.pid\u0027\n ntpq -c \u0027:config driftfile /tmp/ntp.drift\u0027\n\n In Debian ntpd is configured to drop root privileges, which limits\n the impact of this issue. \n\nCVE-2015-7704\n\n If ntpd as an NTP client receives a Kiss-of-Death (KoD) packet\n from the server to reduce its polling rate, it doesn\u0027t check if the\n originate timestamp in the reply matches the transmit timestamp from\n its request. A\n specially crafted configuration file could cause an endless loop\n resulting in a denial of service. \n\nCVE-2015-7852\n\n A potential off by one vulnerability exists in the cookedprint\n functionality of ntpq. A specially crafted buffer could cause a\n buffer overflow potentially resulting in null byte being written out\n of bounds. \n\nCVE-2015-7871\n\n An error handling logic error exists within ntpd that manifests due\n to improper error condition handling associated with certain\n crypto-NAK packets. An unauthenticated, off-path attacker can force\n ntpd processes on targeted servers to peer with time sources of the\n attacker\u0027s choosing by transmitting symmetric active crypto-NAK\n packets to ntpd. \n\nFor the oldstable distribution (wheezy), these problems have been fixed\nin version 1:4.2.6.p5+dfsg-2+deb7u6. \n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 1:4.2.6.p5+dfsg-7+deb8u1. \n\nFor the testing distribution (stretch), these problems have been fixed\nin version 1:4.2.8p4+dfsg-3. \n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1:4.2.8p4+dfsg-3. \n\nWe recommend that you upgrade your ntp packages. \n\n\nHere are the details from the Slackware 14.1 ChangeLog:\n+--------------------------+\npatches/packages/ntp-4.2.8p4-i486-1_slack14.1.txz: Upgraded. \n In addition to bug fixes and enhancements, this release fixes\n several low and medium severity vulnerabilities. \n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9750\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5196\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7691\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7692\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7701\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7702\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7704\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7705\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7848\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7849\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7850\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7851\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7852\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7853\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7854\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7855\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7871\n (* Security fix *)\n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated package for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/ntp-4.2.8p4-i486-1_slack13.0.txz\n\nUpdated package for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/ntp-4.2.8p4-x86_64-1_slack13.0.txz\n\nUpdated package for Slackware 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/ntp-4.2.8p4-i486-1_slack13.1.txz\n\nUpdated package for Slackware x86_64 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/ntp-4.2.8p4-x86_64-1_slack13.1.txz\n\nUpdated package for Slackware 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/ntp-4.2.8p4-i486-1_slack13.37.txz\n\nUpdated package for Slackware x86_64 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/ntp-4.2.8p4-x86_64-1_slack13.37.txz\n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/ntp-4.2.8p4-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/ntp-4.2.8p4-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/ntp-4.2.8p4-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/ntp-4.2.8p4-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/ntp-4.2.8p4-i586-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/ntp-4.2.8p4-x86_64-1.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 13.0 package:\n21dd14178fea17a88c9326c8672ecefd ntp-4.2.8p4-i486-1_slack13.0.txz\n\nSlackware x86_64 13.0 package:\n8647479b2007b92ff8598184f2275263 ntp-4.2.8p4-x86_64-1_slack13.0.txz\n\nSlackware 13.1 package:\ne0f122e8e271dc84db06202c03cc0288 ntp-4.2.8p4-i486-1_slack13.1.txz\n\nSlackware x86_64 13.1 package:\ndb0aff04b72b3d8c96ca8c8e1ed36c05 ntp-4.2.8p4-x86_64-1_slack13.1.txz\n\nSlackware 13.37 package:\n5914e43e886e5ff88fefd30083493e30 ntp-4.2.8p4-i486-1_slack13.37.txz\n\nSlackware x86_64 13.37 package:\n4335c3bf2ae24afc5ad734e8d80b3e94 ntp-4.2.8p4-x86_64-1_slack13.37.txz\n\nSlackware 14.0 package:\n39b05698797b638b67130e0b170e0a4b ntp-4.2.8p4-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\ndcf4a56ba1d013ee1c9d0e624e158709 ntp-4.2.8p4-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\n1fd3a7beaf23303e2c211af377662614 ntp-4.2.8p4-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\n438c3185aa8ec20d1c2b5e51786e4d41 ntp-4.2.8p4-x86_64-1_slack14.1.txz\n\nSlackware -current package:\n81bfb2fed450cb26a51b5e1cee0d33ed n/ntp-4.2.8p4-i586-1.txz\n\nSlackware x86_64 -current package:\n8bae4ad633af40d4d54b7686e4b225f9 n/ntp-4.2.8p4-x86_64-1.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the package as root:\n# upgradepkg ntp-4.2.8p4-i486-1_slack14.1.txz\n\nThen, restart the NTP daemon:\n\n# sh /etc/rc.d/rc.ntpd restart\n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list: |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message: |\n| |\n| unsubscribe slackware-security |\n| |\n| You will get a confirmation message back containing instructions to |\n| complete the process. Please do not reply to this email address",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-7704"
},
{
"db": "CERT/CC",
"id": "VU#718152"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007700"
},
{
"db": "BID",
"id": "77280"
},
{
"db": "BID",
"id": "92012"
},
{
"db": "VULMON",
"id": "CVE-2015-7704"
},
{
"db": "PACKETSTORM",
"id": "134093"
},
{
"db": "PACKETSTORM",
"id": "137992"
},
{
"db": "PACKETSTORM",
"id": "138803"
},
{
"db": "PACKETSTORM",
"id": "134082"
},
{
"db": "PACKETSTORM",
"id": "136864"
},
{
"db": "PACKETSTORM",
"id": "134102"
},
{
"db": "PACKETSTORM",
"id": "134034"
},
{
"db": "PACKETSTORM",
"id": "134162"
},
{
"db": "PACKETSTORM",
"id": "134137"
}
],
"trust": 3.78
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-7704",
"trust": 3.7
},
{
"db": "CERT/CC",
"id": "VU#718152",
"trust": 3.6
},
{
"db": "BID",
"id": "77280",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1033951",
"trust": 1.7
},
{
"db": "MCAFEE",
"id": "SB10284",
"trust": 1.7
},
{
"db": "JVN",
"id": "JVNVU91176422",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007700",
"trust": 0.8
},
{
"db": "MCAFEE",
"id": "SB10164",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201510-585",
"trust": 0.6
},
{
"db": "JUNIPER",
"id": "JSA10711",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-17-094-04",
"trust": 0.3
},
{
"db": "BID",
"id": "92012",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-15-356-01",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2015-7704",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "134093",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "137992",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "138803",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "134082",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136864",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "134102",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "134034",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "134162",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "134137",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#718152"
},
{
"db": "VULMON",
"id": "CVE-2015-7704"
},
{
"db": "BID",
"id": "77280"
},
{
"db": "BID",
"id": "92012"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007700"
},
{
"db": "PACKETSTORM",
"id": "134093"
},
{
"db": "PACKETSTORM",
"id": "137992"
},
{
"db": "PACKETSTORM",
"id": "138803"
},
{
"db": "PACKETSTORM",
"id": "134082"
},
{
"db": "PACKETSTORM",
"id": "136864"
},
{
"db": "PACKETSTORM",
"id": "134102"
},
{
"db": "PACKETSTORM",
"id": "134034"
},
{
"db": "PACKETSTORM",
"id": "134162"
},
{
"db": "PACKETSTORM",
"id": "134137"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-585"
},
{
"db": "NVD",
"id": "CVE-2015-7704"
}
]
},
"id": "VAR-201708-1547",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.33987721
},
"last_update_date": "2024-07-23T21:56:47.739000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HPSBHF03646",
"trust": 0.8,
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05270839"
},
{
"title": "Bug 2901",
"trust": 0.8,
"url": "http://bugs.ntp.org/show_bug.cgi?id=2901"
},
{
"title": "Bug 1271070",
"trust": 0.8,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1271070"
},
{
"title": "NTP Bug 2901",
"trust": 0.8,
"url": "http://support.ntp.org/bin/view/main/ntpbug2901"
},
{
"title": "October 2015 NTP-4.2.8p4 Security Vulnerability Announcement (Medium)",
"trust": 0.8,
"url": "http://support.ntp.org/bin/view/main/securitynotice#october_2015_ntp_4_2_8p4_securit"
},
{
"title": "NTP Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=119777"
},
{
"title": "Red Hat: Important: ntp security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20152520 - security advisory"
},
{
"title": "Red Hat: CVE-2015-7704",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2015-7704"
},
{
"title": "Amazon Linux AMI: ALAS-2015-607",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2015-607"
},
{
"title": "Ubuntu Security Notice: ntp vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-2783-1"
},
{
"title": "Citrix Security Bulletins: Citrix XenServer Multiple Security Updates",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins\u0026qid=089f3f781342f5003697826b78ce46a9"
},
{
"title": "Debian Security Advisories: DSA-3388-1 ntp -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=61fe4252a877d02aaea1c931efa0a305"
},
{
"title": "Symantec Security Advisories: SA103 : October 2015 NTP Security Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=f5e05389a60d3a56f2a0ad0ec21579d9"
},
{
"title": "Oracle Linux Bulletins: Oracle Linux Bulletin - October 2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=435ed9abc2fb1e74ce2a69605a01e326"
},
{
"title": "Cisco: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20151021-ntp"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - January 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=eb439566c9130adc92d21bc093204cf8"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - April 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=976a4da35d55283870dbb31b88a6c655"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - July 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=3a04485ebb79f7fbc2472bf9af5ce489"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-7704"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007700"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-585"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-007700"
},
{
"db": "NVD",
"id": "CVE-2015-7704"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.9,
"url": "https://www.kb.cert.org/vuls/id/718152"
},
{
"trust": 2.1,
"url": "https://www.cs.bu.edu/~goldbe/ntpattack.html"
},
{
"trust": 2.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1930.html"
},
{
"trust": 2.0,
"url": "https://support.citrix.com/article/ctx220112"
},
{
"trust": 1.8,
"url": "https://security.gentoo.org/glsa/201607-15"
},
{
"trust": 1.7,
"url": "https://eprint.iacr.org/2015/1020.pdf"
},
{
"trust": 1.7,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1271070"
},
{
"trust": 1.7,
"url": "http://support.ntp.org/bin/view/main/securitynotice#october_2015_ntp_4_2_8p4_securit"
},
{
"trust": 1.7,
"url": "http://support.ntp.org/bin/view/main/ntpbug2901"
},
{
"trust": 1.7,
"url": "http://bugs.ntp.org/show_bug.cgi?id=2901"
},
{
"trust": 1.7,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05270839"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/77280"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1033951"
},
{
"trust": 1.7,
"url": "http://www.debian.org/security/2015/dsa-3388"
},
{
"trust": 1.7,
"url": "https://security.netapp.com/advisory/ntap-20171004-0002/"
},
{
"trust": 1.7,
"url": "https://security.netapp.com/advisory/ntap-20171004-0001/"
},
{
"trust": 1.7,
"url": "http://rhn.redhat.com/errata/rhsa-2015-2520.html"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"trust": 1.7,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10284"
},
{
"trust": 1.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7704"
},
{
"trust": 1.6,
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1212-security-advisory-0016"
},
{
"trust": 1.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7704"
},
{
"trust": 0.8,
"url": "http://support.ntp.org/bin/view/main/securitynotice#april_2016_ntp_4_2_8p7_security"
},
{
"trust": 0.8,
"url": "http://support.ntp.org/bin/view/main/securitynotice#january_2016_ntp_4_2_8p6_securit"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu91176422/"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7871"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7855"
},
{
"trust": 0.6,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"trust": 0.6,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10164"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7702"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7852"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7701"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7850"
},
{
"trust": 0.5,
"url": "http://support.ntp.org/bin/view/main/securitynotice#recent_vulnerabilities"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7705"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7703"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7691"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7853"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7692"
},
{
"trust": 0.4,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20151021-ntp"
},
{
"trust": 0.4,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05270839"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7848"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7849"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7854"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7851"
},
{
"trust": 0.3,
"url": "https://github.com/ntp-project/ntp/blob/stable/news#l295"
},
{
"trust": 0.3,
"url": "http://www.ntp.org"
},
{
"trust": 0.3,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10711"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-094-04"
},
{
"trust": 0.3,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160428-ntpd"
},
{
"trust": 0.3,
"url": "http://learn.extremenetworks.com/rs/641-vmv-602/images/vn-2015-009_multiple_ntp_vulnerabilities.pdf"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2015/oct/113"
},
{
"trust": 0.3,
"url": "isg3t1023874"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1023885"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1024073"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1023874"
},
{
"trust": 0.3,
"url": "http://support.ntp.org/bin/view/main/ntpbug2952"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21981747"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5099260"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005821"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21979393"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21980676"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21983501"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21983506"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1021264"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/index.html"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5300"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-8138"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1547"
},
{
"trust": 0.2,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7702"
},
{
"trust": 0.2,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7851"
},
{
"trust": 0.2,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7701"
},
{
"trust": 0.2,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7855"
},
{
"trust": 0.2,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7852"
},
{
"trust": 0.2,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7850"
},
{
"trust": 0.2,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7854"
},
{
"trust": 0.2,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7849"
},
{
"trust": 0.2,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7853"
},
{
"trust": 0.2,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7871"
},
{
"trust": 0.2,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7848"
},
{
"trust": 0.2,
"url": "http://slackware.com"
},
{
"trust": 0.2,
"url": "http://slackware.com/gpg-key"
},
{
"trust": 0.2,
"url": "http://osuosl.org)"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5219"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5194"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5146"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5195"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5196"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-9750"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/20.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2015:2520"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-15-356-01"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/2783-1/"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-5300"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-7704"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7702"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1549"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7849"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7852"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7978"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-8140"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7978"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1551"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2516"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7975"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7973"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7979"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-8139"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8158"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4954"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4956"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7973"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7853"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7704"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8140"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7974"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7691"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8139"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4957"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7703"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7855"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4955"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7705"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2517"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1548"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1547"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-8158"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7854"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2519"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2518"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7851"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7871"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7977"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7848"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7977"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1550"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7850"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7701"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7692"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8138"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7979"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7974"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4953"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7975"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7976"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7976"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/support/security_bulletin_archive"
},
{
"trust": 0.1,
"url": "https://www.hpe.com/info/report-security-vulnerability"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c01345499"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/support/subscriber_choice"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-15:25/ntp-93.patch.asc"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/advisories/freebsd-sa-15:25.ntp.asc"
},
{
"trust": 0.1,
"url": "https://www.freebsd.org/handbook/makeworld.html."
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-15:25/ntp-102.patch.asc"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/."
},
{
"trust": 0.1,
"url": "https://svnweb.freebsd.org/base?view=revision\u0026revision=nnnnnn"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-15:25/ntp-93.patch.bz2"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7703"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-15:25/ntp-101.patch.bz2"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-15:25/ntp-101.patch.asc"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-15:25/ntp-102.patch.bz2"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2516"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1551"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1548"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2519"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2516"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2517"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2519"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1550"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1547"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-8138"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2518"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1549"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1551"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1550"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2518"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2517"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1548"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1549"
},
{
"trust": 0.1,
"url": "http://www.ubuntu.com/usn/usn-2783-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/ntp/1:4.2.6.p5+dfsg-3ubuntu8.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/ntp/1:4.2.6.p5+dfsg-3ubuntu2.14.04.5"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/ntp/1:4.2.6.p3+dfsg-1ubuntu3.6"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/ntp/1:4.2.6.p5+dfsg-3ubuntu6.2"
},
{
"trust": 0.1,
"url": "http://gpgtools.org"
},
{
"trust": 0.1,
"url": "http://talosintel.com/vulnerability-reports/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-9751"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3405"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7705"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7691"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-5196"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-9750"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7692"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#718152"
},
{
"db": "VULMON",
"id": "CVE-2015-7704"
},
{
"db": "BID",
"id": "77280"
},
{
"db": "BID",
"id": "92012"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007700"
},
{
"db": "PACKETSTORM",
"id": "134093"
},
{
"db": "PACKETSTORM",
"id": "137992"
},
{
"db": "PACKETSTORM",
"id": "138803"
},
{
"db": "PACKETSTORM",
"id": "134082"
},
{
"db": "PACKETSTORM",
"id": "136864"
},
{
"db": "PACKETSTORM",
"id": "134102"
},
{
"db": "PACKETSTORM",
"id": "134034"
},
{
"db": "PACKETSTORM",
"id": "134162"
},
{
"db": "PACKETSTORM",
"id": "134137"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-585"
},
{
"db": "NVD",
"id": "CVE-2015-7704"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#718152"
},
{
"db": "VULMON",
"id": "CVE-2015-7704"
},
{
"db": "BID",
"id": "77280"
},
{
"db": "BID",
"id": "92012"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007700"
},
{
"db": "PACKETSTORM",
"id": "134093"
},
{
"db": "PACKETSTORM",
"id": "137992"
},
{
"db": "PACKETSTORM",
"id": "138803"
},
{
"db": "PACKETSTORM",
"id": "134082"
},
{
"db": "PACKETSTORM",
"id": "136864"
},
{
"db": "PACKETSTORM",
"id": "134102"
},
{
"db": "PACKETSTORM",
"id": "134034"
},
{
"db": "PACKETSTORM",
"id": "134162"
},
{
"db": "PACKETSTORM",
"id": "134137"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-585"
},
{
"db": "NVD",
"id": "CVE-2015-7704"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-04-27T00:00:00",
"db": "CERT/CC",
"id": "VU#718152"
},
{
"date": "2017-08-07T00:00:00",
"db": "VULMON",
"id": "CVE-2015-7704"
},
{
"date": "2015-10-21T00:00:00",
"db": "BID",
"id": "77280"
},
{
"date": "2016-07-19T00:00:00",
"db": "BID",
"id": "92012"
},
{
"date": "2017-09-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-007700"
},
{
"date": "2015-10-27T03:38:46",
"db": "PACKETSTORM",
"id": "134093"
},
{
"date": "2016-07-21T15:56:23",
"db": "PACKETSTORM",
"id": "137992"
},
{
"date": "2016-09-21T17:24:00",
"db": "PACKETSTORM",
"id": "138803"
},
{
"date": "2015-10-26T19:32:22",
"db": "PACKETSTORM",
"id": "134082"
},
{
"date": "2016-05-02T21:38:58",
"db": "PACKETSTORM",
"id": "136864"
},
{
"date": "2015-10-27T23:30:50",
"db": "PACKETSTORM",
"id": "134102"
},
{
"date": "2015-10-21T19:22:22",
"db": "PACKETSTORM",
"id": "134034"
},
{
"date": "2015-11-02T16:48:39",
"db": "PACKETSTORM",
"id": "134162"
},
{
"date": "2015-10-30T23:22:57",
"db": "PACKETSTORM",
"id": "134137"
},
{
"date": "2015-10-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-585"
},
{
"date": "2017-08-07T20:29:00.683000",
"db": "NVD",
"id": "CVE-2015-7704"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-04-28T00:00:00",
"db": "CERT/CC",
"id": "VU#718152"
},
{
"date": "2020-06-18T00:00:00",
"db": "VULMON",
"id": "CVE-2015-7704"
},
{
"date": "2017-05-23T16:23:00",
"db": "BID",
"id": "77280"
},
{
"date": "2016-11-24T01:13:00",
"db": "BID",
"id": "92012"
},
{
"date": "2017-09-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-007700"
},
{
"date": "2021-11-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-585"
},
{
"date": "2021-11-17T22:15:44.397000",
"db": "NVD",
"id": "CVE-2015-7704"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "134093"
},
{
"db": "PACKETSTORM",
"id": "134102"
},
{
"db": "PACKETSTORM",
"id": "134034"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-585"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NTP.org ntpd contains multiple vulnerabilities",
"sources": [
{
"db": "CERT/CC",
"id": "VU#718152"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-585"
}
],
"trust": 0.6
}
}
VAR-201406-0445
Vulnerability from variot - Updated: 2024-07-23 21:30OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL communications, and consequently hijack sessions or obtain sensitive information, via a crafted TLS handshake, aka the "CCS Injection" vulnerability. OpenSSL is prone to security-bypass vulnerability. Successfully exploiting this issue may allow attackers to obtain sensitive information by conducting a man-in-the-middle attack. This may lead to other attacks. Versions prior to OpenSSL 1.0.1 and 1.0.2-beta1 are vulnerable.
HP Connect IT / HP SPM CIT - 9.5x Please install: HP Connect IT 9.53.P2
For Windows http://support.openview.hp.com/selfsolve/document/LID/HPCIT_00070
For Linux http://support.openview.hp.com/selfsolve/document/LID/HPCIT_00071
For AIX http://support.openview.hp.com/selfsolve/document/LID/HPCIT_00072
For HPUX http://support.openview.hp.com/selfsolve/document/LID/HPCIT_00073
For Solaris http://support.openview.hp.com/selfsolve/document/LID/HPCIT_00074
HP Connect IT / HP SPM CIT - 9.4x Please install: HP Connect IT 9.40.P1
For windows(en) http://support.openview.hp.com/selfsolve/document/LID/HPCIT_00075
For Linux(en) http://support.openview.hp.com/selfsolve/document/LID/HPCIT_00076
For AIX(en) http://support.openview.hp.com/selfsolve/document/LID/HPCIT_00077
For HPUX(en) http://support.openview.hp.com/selfsolve/document/LID/HPCIT_00078
For Solaris(en) http://support.openview.hp.com/selfsolve/document/LID/HPCIT_00079
HP Connect IT / HP SPM AM 5.2x Please install: HP Connect IT 9.41.P1
HISTORY Version:1 (rev.1) - 19 August 2014 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. ============================================================================ Ubuntu Security Notice USN-2232-3 June 23, 2014
openssl regression
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 LTS
- Ubuntu 13.10
- Ubuntu 12.04 LTS
- Ubuntu 10.04 LTS
Summary:
USN-2232-1 introduced a regression in OpenSSL. The upstream fix for CVE-2014-0224 caused a regression for certain applications that use renegotiation, such as PostgreSQL. This update fixes the problem.
Original advisory details:
J=C3=BCri Aedla discovered that OpenSSL incorrectly handled invalid DTLS fragments. This issue only affected Ubuntu 12.04 LTS, Ubuntu 13.10, and Ubuntu 14.04 LTS. (CVE-2014-0195) Imre Rad discovered that OpenSSL incorrectly handled DTLS recursions. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service. (CVE-2014-0221) KIKUCHI Masashi discovered that OpenSSL incorrectly handled certain handshakes. (CVE-2014-0224) Felix Gr=C3=B6bert and Ivan Fratri=C4=87 discovered that OpenSSL incorrectly handled anonymous ECDH ciphersuites. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS, Ubuntu 13.10, and Ubuntu 14.04 LTS. (CVE-2014-3470)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 14.04 LTS: libssl1.0.0 1.0.1f-1ubuntu2.4
Ubuntu 13.10: libssl1.0.0 1.0.1e-3ubuntu1.6
Ubuntu 12.04 LTS: libssl1.0.0 1.0.1-4ubuntu5.16
Ubuntu 10.04 LTS: libssl0.9.8 0.9.8k-7ubuntu8.19
After a standard system update you need to reboot your computer to make all the necessary changes.
References: http://www.ubuntu.com/usn/usn-2232-3 http://www.ubuntu.com/usn/usn-2232-1 https://launchpad.net/bugs/1332643
Package Information: https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu2.4 https://launchpad.net/ubuntu/+source/openssl/1.0.1e-3ubuntu1.6 https://launchpad.net/ubuntu/+source/openssl/1.0.1-4ubuntu5.16 https://launchpad.net/ubuntu/+source/openssl/0.9.8k-7ubuntu8.19 . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201407-05
http://security.gentoo.org/
Severity: High Title: OpenSSL: Multiple vulnerabilities Date: July 27, 2014 Bugs: #512506 ID: 201407-05
Synopsis
Multiple vulnerabilities have been found in OpenSSL, possibly allowing remote attackers to execute arbitrary code.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-libs/openssl < 1.0.1h-r1 >= 0.9.8z_p5 >= 0.9.8z_p4 >= 0.9.8z_p1 >= 0.9.8z_p3 >= 0.9.8z_p2 >= 1.0.0m >= 1.0.1h-r1
Description
Multiple vulnerabilities have been discovered in OpenSSL.
Workaround
There is no known workaround at this time.
Resolution
All OpenSSL users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/openssl-1.0.1h-r1"
References
[ 1 ] CVE-2010-5298 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-5298 [ 2 ] CVE-2014-0195 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0195 [ 3 ] CVE-2014-0198 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0198 [ 4 ] CVE-2014-0221 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0221 [ 5 ] CVE-2014-0224 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0224 [ 6 ] CVE-2014-3470 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3470 [ 7 ] OpenSSL Security Advisory [05 Jun 2014] http://www.openssl.org/news/secadv_20140605.txt
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201407-05.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . The bulletin does not apply to any other 3rd party application (e.g. operating system, web server, or application server) that may be required to be installed by the customer according instructions in the product install guide. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04347622
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c04347622 Version: 1
HPSBHF03052 rev.1 - HP Intelligent Management Center (iMC), HP Network Products including H3C and 3COM Routers and Switches running OpenSSL, Remote Denial of Service (DoS), Code Execution, Unauthorized Access, Modification or Disclosure of Information
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2014-06-20 Last Updated: 2014-06-20
Potential Security Impact: Remote Denial of Service (DoS), code execution, unauthorized access, modification of information, disclosure of information
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP Intelligent Management Center (iMC), HP Network Products including 3COM and H3C routers and switches running OpenSSL. The vulnerabilities could be exploited remotely to create a Denial of Service (DoS), execute code, allow unauthorized access, modify or disclose information.
References:
CVE-2010-5298 Remote Denial of Service (DoS) or Modification of Information CVE-2014-0198 Remote Unauthorized Access (only iMC impacted) CVE-2014-0224 Remote Unauthorized Access or Disclosure of Information SSRT101561 Note: All products listed are impacted by CVE-2014-0224 . iMC is also impacted by CVE-2014-0198 and CVE-2010-5298
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. Please refer to the RESOLUTION section below for a list of impacted products.
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2010-5298 (AV:N/AC:H/Au:N/C:N/I:P/A:P) 4.0 CVE-2014-0198 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2014-0224 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION On June 5th 2014, OpenSSL.org issued an advisory with several CVE vulnerabilities. HP Networking is working to release fixes for these vulnerabilities that impact the products in the table below. As fixed software is made available, this security bulletin will be updated to show the fixed versions. Until the software fixes are available, HP Networking is providing the following information including possible workarounds to mitigate the risks of these vulnerabilities.
Description
The most serious issue reported is CVE-2014-0224 and it is the one discussed here. To take advantage CVE-2014-0224, an attacker must:
be in between the OpenSSL client and OpenSSL server. be capable of intercepting and modifying packets between the OpenSSL client and OpenSSL server in real time.
Workarounds
HP Networking equipment is typically deployed inside firewalls and access to management interfaces and other protocols is more tightly controlled than in public environments. This deployment and security restrictions help to reduce the possibility of an attacker being able to intercept both OpenSSL client and OpenSSL server traffic.
Following the guidelines in the Hardening Comware-based devices can help to further reduce man-in-the-middle opportunities:
http://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=c03536 920
For an HP Networking device acting as an OpenSSL Server, using a patched OpenSSL client or non-OpenSSL client eliminates the risk. As an example, most modern web browsers do not use the OpenSSL client and the sessions between the HP Networking OpenSSL server and the non-OpenSSL client are not at risk for this attack. For HP Networking Equipment that is using an OpenSSL client, patching the OpenSSL server will eliminate the risk of this attack.
Protocol Notes
The following details the protocols that use OpenSSL in Comware v5 and Comware v7:
Comware V7:
Server:
FIPS/HTTPS/Load Balancing/Session Initiation Protocol
Client:
Load Balancing/OpenFlow/Session Initiation Protocol/State Machine Based Anti-Spoofing/Dynamic DNS
Comware V5:
Server:
CAPWAP/EAP/SSLVPN
Client:
Dynamic DNS
Family Fixed Version HP Branded Products Impacted H3C Branded Products Impacted 3Com Branded Products Impacted
12900 Switch Series Fix in progress use mitigations JG619A HP FF 12910 Switch AC Chassis JG621A HP FF 12910 Main Processing Unit JG632A HP FF 12916 Switch AC Chassis JG634A HP FF 12916 Main Processing Unit
12500 Fix in progress use mitigations JC085A HP A12518 Switch Chassis JC086A HP A12508 Switch Chassis JC652A HP 12508 DC Switch Chassis JC653A HP 12518 DC Switch Chassis JC654A HP 12504 AC Switch Chassis JC655A HP 12504 DC Switch Chassis JF430A HP A12518 Switch Chassis JF430B HP 12518 Switch Chassis JF430C HP 12518 AC Switch Chassis JF431A HP A12508 Switch Chassis JF431B HP 12508 Switch Chassis JF431C HP 12508 AC Switch Chassis JC072B HP 12500 Main Processing Unit JC808A HP 12500 TAA Main Processing Unit H3C S12508 Routing Switch(AC-1) (0235A0GE) H3C S12518 Routing Switch(AC-1) (0235A0GF) H3C S12508 Chassis (0235A0E6) H3C S12508 Chassis (0235A38N) H3C S12518 Chassis (0235A0E7) H3C S12518 Chassis (0235A38M)
12500 (Comware v7) Fix in progress use mitigations JC085A HP A12518 Switch Chassis JC086A HP A12508 Switch Chassis JC652A HP 12508 DC Switch Chassis JC653A HP 12518 DC Switch Chassis JC654A HP 12504 AC Switch Chassis JC655A HP 12504 DC Switch Chassis JF430A HP A12518 Switch Chassis JF430B HP 12518 Switch Chassis JF430C HP 12518 AC Switch Chassis JF431A HP A12508 Switch Chassis JF431B HP 12508 Switch Chassis JF431C HP 12508 AC Switch Chassis JC072B HP 12500 Main Processing Unit JG497A HP 12500 MPU w/Comware V7 OS JG782A HP FF 12508E AC Switch Chassis JG783A HP FF 12508E DC Switch Chassis JG784A HP FF 12518E AC Switch Chassis JG785A HP FF 12518E DC Switch Chassis JG802A HP FF 12500E MPU H3C S12508 Routing Switch(AC-1) (0235A0GE) H3C S12518 Routing Switch(AC-1) (0235A0GF) H3C S12508 Chassis (0235A0E6) H3C S12508 Chassis (0235A38N) H3C S12518 Chassis (0235A0E7) H3C S12518 Chassis (0235A38M)
11900 Switch Series Fix in progress use mitigations JG608A HP FF 11908-V Switch Chassis JG609A HP FF 11900 Main Processing Unit
10500 Switch Series (Comware v5) Fix in progress use mitigations JC611A HP 10508-V Switch Chassis JC612A HP 10508 Switch Chassis JC613A HP 10504 Switch Chassis JC614A HP 10500 Main Processing Unit JC748A HP 10512 Switch Chassis JG375A HP 10500 TAA Main Processing Unit JG820A HP 10504 TAA Switch Chassis JG821A HP 10508 TAA Switch Chassis JG822A HP 10508-V TAA Switch Chassis JG823A HP 10512 TAA Switch Chassis
10500 Switch Series (Comware v7) Fix in progress use mitigations JC611A HP 10508-V Switch Chassis JC612A HP 10508 Switch Chassis JC613A HP 10504 Switch Chassis JC748A HP 10512 Switch Chassis JG820A HP 10504 TAA Switch Chassis JG821A HP 10508 TAA Switch Chassis JG822A HP 10508-V TAA Switch Chassis JG823A HP 10512 TAA Switch Chassis JG496A HP 10500 Type A MPU w/Comware v7 OS
9500E Fix in progress use mitigations JC124A HP A9508 Switch Chassis JC124B HP 9505 Switch Chassis JC125A HP A9512 Switch Chassis JC125B HP 9512 Switch Chassis JC474A HP A9508-V Switch Chassis JC474B HP 9508-V Switch Chassis H3C S9505E Routing-Switch Chassis (0235A0G6) H3C S9508E-V Routing-Switch Chassis (0235A38Q) H3C S9512E Routing-Switch Chassis (0235A0G7) H3C S9508E-V Routing-Switch Chassis (0235A38Q) H3C S9505E Chassis w/ Fans (0235A38P) H3C S9512E Chassis w/ Fans (0235A38R)
Router 8800 Fix in progress use mitigations JC147A HP A8802 Router Chassis JC147B HP 8802 Router Chassis JC148A HP A8805 Router Chassis JC148B HP 8805 Router Chassis JC149A HP A8808 Router Chassis JC149B HP 8808 Router Chassis JC150A HP A8812 Router Chassis JC150B HP 8812 Router Chassis JC141A HP 8802 Main Control Unit Module JC138A HP 8805/08/12 (1E) Main Cntrl Unit Mod JC137A HP 8805/08/12 (2E) Main Cntrl Unit Mod H3C SR8805 10G Core Router Chassis (0235A0G8) H3C SR8808 10G Core Router Chassis (0235A0G9) H3C SR8812 10G Core Router Chassis (0235A0GA) H3C SR8802 10G Core Router Chassis (0235A0GC) H3C SR8802 10G Core Router Chassis (0235A31B) H3C SR8805 10G Core Router Chassis (0235A31C) H3C SR8808 10G Core Router Chassis (0235A31D) H3C SR8812 10G Core Router Chassis (0235A31E)
7500 Switch Series Fix in progress use mitigations JC666A HP A7503-S 144 Gbps Fab/MPU w 24p Gig-T JC697A HP A7502 TAA Main Processing Unit JC698A HP A7503S 144 Gbps TAA Fab/MPU w 24p GbE JC699A HP A7500 384Gbps TAA Fab/MPU w 2p 10-GbE JC700A HP A7500 384 Gbps TAA Fabric / MPU JC701A HP A7510 768 Gbps TAA Fabric / MPU JD193A HP 384 Gbps A7500 Fab Mod w/2 XFP Ports JD193B HP 7500 384Gbps Fab Mod w/2 XFP Ports JD194A HP 384 Gbps Fabric A7500 Module JD194B HP 7500 384Gbps Fabric Module JD195A HP 7500 384Gbps Advanced Fabric Module JD196A HP 7502 Fabric Module JD220A HP 7500 768Gbps Fabric Module JD238A HP A7510 Switch Chassis JD238B HP 7510 Switch Chassis JD239A HP A7506 Switch Chassis JD239B HP 7506 Switch Chassis JD240A HP A7503 Switch Chassis JD240B HP 7503 Switch Chassis JD241A HP A7506 Vertical Switch Chassis JD241B HP 7506-V Switch Chassis JD242A HP A7502 Switch Chassis JD242B HP 7502 Switch Chassis JD243A HP A7503 Switch Chassis w/1 Fabric Slot JD243B HP 7503-S Switch Chassis w/1 Fabric Slot H3C S7502E Ethernet Switch Chassis with Fan (0235A0G4) H3C S7503E Ethernet Switch Chassis with Fan (0235A0G2) H3C S7503E-S Ethernet Switch Chassis with Fan (0235A0G5) H3C S7506E Ethernet Switch Chassis with Fan (0235A0G1) H3C S7506E-V Ethernet Switch Chassis with Fan (0235A0G3) H3C S7510E Ethernet Switch Chassis with Fan (0235A0G0) H3C S7502E Chassis w/ fans (0235A29A) H3C S7503E Chassis w/ fans (0235A27R) H3C S7503E-S Chassis w/ fans (0235A33R) H3C S7506E Chassis w/ fans (0235A27Q) H3C S7506E-V Chassis w/ fans (0235A27S)
HSR6800 Fix in progress use mitigations JG361A HP HSR6802 Router Chassis JG362A HP HSR6804 Router Chassis JG363A HP HSR6808 Router Chassis JG364A HP HSR6800 RSE-X2 Router MPU JG779A HP HSR6800 RSE-X2 Router TAA MPU
HSR6800 Russian Version Fix in progress use mitigations JG361A HP HSR6802 Router Chassis JG362A HP HSR6804 Router Chassis JG363A HP HSR6808 Router Chassis JG364A HP HSR6800 RSE-X2 Router MPU JG779A HP HSR6800 RSE-X2 Router TAA MPU
HSR6602 Fix in progress use mitigations JG353A HP HSR6602-G Router JG354A HP HSR6602-XG Router JG776A HP HSR6602-G TAA Router JG777A HP HSR6602-XG TAA Router
HSR6602 Russian Version Fix in progress use mitigations JG353A HP HSR6602-G Router JG354A HP HSR6602-XG Router JG776A HP HSR6602-G TAA Router JG777A HP HSR6602-XG TAA Router
A6600 Fix in progress use mitigations JC177A HP 6608 Router JC177B HP A6608 Router Chassis JC178A HP 6604 Router Chassis JC178B HP A6604 Router Chassis JC496A HP 6616 Router Chassis JC566A HP A6600 RSE-X1 Main Processing Unit JG780A HP 6600 RSE-X1 Router TAA MPU H3C RT-SR6608-OVS-H3 (0235A32X) H3C RT-SR6604-OVS-H3 (0235A37X) H3C SR6616 Router Chassis (0235A41D)
A6600 Russian Version Fix in progress use mitigations JC177A HP 6608 Router JC177B HP A6608 Router Chassis JC178A HP 6604 Router Chassis JC178B HP A6604 Router Chassis JC496A HP 6616 Router Chassis JC566A HP A6600 RSE-X1 Main Processing Unit JG780A HP 6600 RSE-X1 Router TAA MPU H3C RT-SR6608-OVS-H3 (0235A32X) H3C RT-SR6604-OVS-H3 (0235A37X) H3C SR6616 Router Chassis (0235A41D)
6600 MCP Fix in progress use mitigations JC177A HP 6608 Router JC177B HP A6608 Router Chassis JC178A HP 6604 Router Chassis JC178B HP A6604 Router Chassis JC496A HP 6616 Router Chassis JG778A HP 6600 MCP-X2 Router TAA MPU. JG355A HP 6600 MCP-X1 Router MPU JG356A HP 6600 MCP-X2 Router MPU H3C RT-SR6608-OVS-H3 (0235A32X) H3C RT-SR6604-OVS-H3 (0235A37X) H3C SR6616 Router Chassis (0235A41D)
6600 MCP Russian Version Fix in progress use mitigations JC177A HP 6608 Router JC177B HP A6608 Router Chassis JC178A HP 6604 Router Chassis JC178B HP A6604 Router Chassis JC496A HP 6616 Router Chassis JG778A HP 6600 MCP-X2 Router TAA MPU JG355A HP 6600 MCP-X1 Router MPU JG356A HP 6600 MCP-X2 Router MPU H3C RT-SR6608-OVS-H3 (0235A32X) H3C RT-SR6604-OVS-H3 (0235A37X) H3C SR6616 Router Chassis (0235A41D)
5920 Switch Series Fix in progress use mitigations JG296A HP 5920AF-24XG Switch JG555A HP 5920AF-24XG TAA Switch
5900 Switch Series Fix in progress use mitigations JC772A HP 5900AF-48XG-4QSFP+ Switch JG336A HP 5900AF-48XGT-4QSFP+ Switch JG510A HP 5900AF-48G-4XG-2QSFP+ Switch JG554A HP 5900AF-48XG-4QSFP+ TAA Switch JG838A HP FF 5900CP-48XG-4QSFP+ Switch
5900 Virtual Switch Fix in progress use mitigations JG814AAE HP Virtual Switch 5900v VMware E-LTU JG815AAE HP VSO SW for 5900v VMware E-LTU
5830 Switch Series Fix in progress use mitigations JC691A HP A5830AF-48G Switch w/1 Interface Slot JC694A HP A5830AF-96G Switch JG316A HP 5830AF-48G TAA Switch w/1 Intf Slot JG374A HP 5830AF-96G TAA Switch
5820 Switch Series Fix in progress use mitigations JC102A HP 5820-24XG-SFP+ Switch JC106A HP 5820-14XG-SFP+ Switch with 2 Slots JG219A HP 5820AF-24XG Switch JG243A HP 5820-24XG-SFP+ TAA-compliant Switch JG259A HP 5820X-14XG-SFP+ TAA Switch w 2 Slots H3C S5820X-28C 14 port (SFP Plus ) Plus 4-port BT (RJ45) Plus 2 media modules Plus OSM (0235A37L) H3C S5820X-28S 24-port 10GBASE-X (SFP Plus ) Plus 4-port 10/100/1000BASE-T (RJ45) (0235A370)
5800 Switch Series Fix in progress use mitigations JC099A HP 5800-24G-PoE Switch JC100A HP 5800-24G Switch JC101A HP 5800-48G Switch with 2 Slots JC103A HP 5800-24G-SFP Switch JC104A HP 5800-48G-PoE Switch JC105A HP 5800-48G Switch JG225A HP 5800AF-48G Switch JG242A HP 5800-48G-PoE+ TAA Switch w 2 Slots JG254A HP 5800-24G-PoE+ TAA-compliant Switch JG255A HP 5800-24G TAA-compliant Switch JG256A HP 5800-24G-SFP TAA Switch w 1 Intf Slt JG257A HP 5800-48G-PoE+ TAA Switch with 1 Slot JG258A HP 5800-48G TAA Switch w 1 Intf Slot H3C S5800-32C - 24-port 1BT Plus 4-port (SFP Plus ) Plus 1 media slot (0235A36U) H3C S5800-32C-PWR - 24-port 10/100/1000BASE-T (RJ45) Plus 4-port 10GBASE-X (SFP Plus ) Plus 1 media module PoE (0235A36S) H3C S5800-32F 24-port 1000BASE-X (SFP) Plus 4-port 10GBASE-X (SFP Plus ) Plus media module (no power) (0235A374) H3C S5800-56C 48-port 10/100/1000BASE-T (RJ45) Plus 4port 10GBASE-X (SFP Plus ) Plus media module (0235A379) H3C S5800-56C-PWR 48-port BT Plus 4 port (SFP Plus ) Plus media module (0235A378) H3C S5800-60C-PWR 48-port BT Plus 4-port SFP Plus 2 media modules Plus OSM (0235A36W)
5500 HI Switch Series Fix in progress use mitigations JG311A HP HI 5500-24G-4SFP w/2 Intf Slts Switch JG312A HP HI 5500-48G-4SFP w/2 Intf Slts Switch JG541A HP 5500-24G-PoE+-4SFP HI Switch w/2 Slt JG542A HP 5500-48G-PoE+-4SFP HI Switch w/2 Slt JG543A HP 5500-24G-SFP HI Switch w/2 Intf Slt JG679A HP 5500-24G-PoE+-4SFP HI TAA Swch w/2Slt JG680A HP 5500-48G-PoE+-4SFP HI TAA Swch w/2Slt JG681A HP 5500-24G-SFP HI TAA Swch w/2Slt
5500 EI Switch Series Fix in progress use mitigations JD373A HP 5500-24G DC EI Switch JD374A HP 5500-24G-SFP EI Switch JD375A HP 5500-48G EI Switch JD376A HP 5500-48G-PoE EI Switch JD377A HP 5500-24G EI Switch JD378A HP 5500-24G-PoE EI Switch JD379A HP 5500-24G-SFP DC EI Switch JG240A HP 5500-48G-PoE+ EI Switch w/2 Intf Slts JG241A HP 5500-24G-PoE+ EI Switch w/2 Intf Slts JG249A HP 5500-24G-SFP EI TAA Switch w 2 Slts JG250A HP 5500-24G EI TAA Switch w 2 Intf Slts JG251A HP 5500-48G EI TAA Switch w 2 Intf Slts JG252A HP 5500-24G-PoE+ EI TAA Switch w/2 Slts JG253A HP 5500-48G-PoE+ EI TAA Switch w/2 Slts H3C S5500-28C-EI Ethernet Switch (0235A253) H3C S5500-28F-EI Eth Switch AC Single (0235A24U) H3C S5500-52C-EI Ethernet Switch (0235A24X) H3C S5500-28C-EI-DC Ethernet Switch (0235A24S) H3C S5500-28C-PWR-EI Ethernet Switch (0235A255) H3C S5500-28F-EI Eth Swtch DC Single Pwr (0235A259) H3C S5500-52C-PWR-EI Ethernet Switch (0235A251)
5500 SI Switch Series Fix in progress use mitigations JD369A HP 5500-24G SI Switch JD370A HP 5500-48G SI Switch JD371A HP 5500-24G-PoE SI Switch JD372A HP 5500-48G-PoE SI Switch JG238A HP 5500-24G-PoE+ SI Switch w/2 Intf Slts JG239A HP 5500-48G-PoE+ SI Switch w/2 Intf Slts H3C S5500-28C-SI Ethernet Switch (0235A04U) H3C S5500-52C-SI Ethernet Switch (0235A04V) H3C S5500-28C-PWR-SI Ethernet Switch (0235A05H) H3C S5500-52C-PWR-SI Ethernet Switch (0235A05J)
5120 EI Switch Series Fix in progress use mitigations JE066A HP 5120-24G EI Switch JE067A HP 5120-48G EI Switch JE068A HP 5120-24G EI Switch with 2 Slots JE069A HP 5120-48G EI Switch with 2 Slots JE070A HP 5120-24G-PoE EI Switch with 2 Slots JE071A HP 5120-48G-PoE EI Switch with 2 Slots JG236A HP 5120-24G-PoE+ EI Switch w/2 Intf Slts JG237A HP 5120-48G-PoE+ EI Switch w/2 Intf Slts JG245A HP 5120-24G EI TAA Switch w 2 Intf Slts JG246A HP 5120-48G EI TAA Switch w 2 Intf Slts JG247A HP 5120-24G-PoE+ EI TAA Switch w 2 Slts JG248A HP 5120-48G-PoE+ EI TAA Switch w 2 Slts H3C S5120-24P-EI 24GE Plus 4ComboSFP (0235A0BQ) H3C S5120-28C-EI 24GE Plus 4Combo Plus 2Slt (0235A0BS) H3C S5120-48P-EI 48GE Plus 4ComboSFP (0235A0BR) H3C S5120-52C-EI 48GE Plus 4Combo Plus 2Slt (0235A0BT) H3C S5120-28C-PWR-EI 24G Plus 4C Plus 2S Plus POE (0235A0BU) H3C S5120-52C-PWR-EI 48G Plus 4C Plus 2S Plus POE (0235A0BV)
5120 SI switch Series Fix in progress use mitigations JE072A HP 5120-48G SI Switch JE073A HP 5120-16G SI Switch JE074A HP 5120-24G SI Switch JG091A HP 5120-24G-PoE+ (370W) SI Switch JG092A HP 5120-24G-PoE+ (170W) SI Switch H3C S5120-52P-SI 48GE Plus 4 SFP (0235A41W) H3C S5120-20P-SI L2 16GE Plus 4SFP (0235A42B) H3C S5120-28P-SI 24GE Plus 4 SFP (0235A42D) H3C S5120-28P-HPWR-SI (0235A0E5) H3C S5120-28P-PWR-SI (0235A0E3)
4800 G Switch Series Fix in progress use mitigations JD007A HP 4800-24G Switch JD008A HP 4800-24G-PoE Switch JD009A HP 4800-24G-SFP Switch JD010A HP 4800-48G Switch JD011A HP 4800-48G-PoE Switch
3Com Switch 4800G 24-Port (3CRS48G-24-91) 3Com Switch 4800G 24-Port SFP (3CRS48G-24S-91) 3Com Switch 4800G 48-Port (3CRS48G-48-91) 3Com Switch 4800G PWR 24-Port (3CRS48G-24P-91) 3Com Switch 4800G PWR 48-Port (3CRS48G-48P-91)
4510G Switch Series Fix in progress use mitigations JF428A HP 4510-48G Switch JF847A HP 4510-24G Switch
3Com Switch 4510G 48 Port (3CRS45G-48-91) 3Com Switch 4510G PWR 24-Port (3CRS45G-24P-91) 3Com Switch E4510-24G (3CRS45G-24-91)
4210G Switch Series Fix in progress use mitigations JF844A HP 4210-24G Switch JF845A HP 4210-48G Switch JF846A HP 4210-24G-PoE Switch
3Com Switch 4210-24G (3CRS42G-24-91) 3Com Switch 4210-48G (3CRS42G-48-91) 3Com Switch E4210-24G-PoE (3CRS42G-24P-91)
3610 Switch Series Fix in progress use mitigations JD335A HP 3610-48 Switch JD336A HP 3610-24-4G-SFP Switch JD337A HP 3610-24-2G-2G-SFP Switch JD338A HP 3610-24-SFP Switch H3C S3610-52P - model LS-3610-52P-OVS (0235A22C) H3C S3610-28P - model LS-3610-28P-OVS (0235A22D) H3C S3610-28TP - model LS-3610-28TP-OVS (0235A22E) H3C S3610-28F - model LS-3610-28F-OVS (0235A22F)
3600 V2 Switch Series Fix in progress use mitigations JG299A HP 3600-24 v2 EI Switch JG300A HP 3600-48 v2 EI Switch JG301A HP 3600-24-PoE+ v2 EI Switch JG301B HP 3600-24-PoE+ v2 EI Switch JG302A HP 3600-48-PoE+ v2 EI Switch JG302B HP 3600-48-PoE+ v2 EI Switch JG303A HP 3600-24-SFP v2 EI Switch JG304A HP 3600-24 v2 SI Switch JG305A HP 3600-48 v2 SI Switch JG306A HP 3600-24-PoE+ v2 SI Switch JG306B HP 3600-24-PoE+ v2 SI Switch JG307A HP 3600-48-PoE+ v2 SI Switch JG307B HP 3600-48-PoE+ v2 SI Switch
3100V2 Fix in progress use mitigations JD313B HP 3100-24-PoE v2 EI Switch JD318B HP 3100-8 v2 EI Switch JD319B HP 3100-16 v2 EI Switch JD320B HP 3100-24 v2 EI Switch JG221A HP 3100-8 v2 SI Switch JG222A HP 3100-16 v2 SI Switch JG223A HP 3100-24 v2 SI Switch
3100V2-48 Fix in progress use mitigations JG315A HP 3100-48 v2 Switch
1910 Fix in progress use mitigations JE005A HP 1910-16G Switch JE006A HP 1910-24G Switch JE007A HP 1910-24G-PoE (365W) Switch JE008A HP 1910-24G-PoE(170W) Switch JE009A HP 1910-48G Switch JG348A HP 1910-8G Switch JG349A HP 1910-8G-PoE+ (65W) Switch JG350A HP 1910-8G-PoE+ (180W) Switch 3Com Baseline Plus Switch 2900 Gigabit Family - 52 port (3CRBSG5293) 3Com Baseline Plus Switch 2900G - 20 port (3CRBSG2093) 3Com Baseline Plus Switch 2900G - 28 port (3CRBSG2893) 3Com Baseline Plus Switch 2900G - 28HPWR (3CRBSG28HPWR93) 3Com Baseline Plus Switch 2900G - 28PWR (3CRBSG28PWR93)
1810v1 P2 Fix in progress use mitigations J9449A HP 1810-8G Switch J9450A HP 1810-24G Switch
1810v1 PK Fix in progress use mitigations J9660A HP 1810-48G Switch
MSR20 Fix in progress use mitigations JD432A HP A-MSR20-21 Multi-Service Router JD662A HP MSR20-20 Multi-Service Router JD663A HP MSR20-21 Multi-Service Router JD663B HP MSR20-21 Router JD664A HP MSR20-40 Multi-Service Router JF228A HP MSR20-40 Router JF283A HP MSR20-20 Router H3C RT-MSR2020-AC-OVS-H3C (0235A324) H3C RT-MSR2040-AC-OVS-H3 (0235A326) H3C MSR 20-20 (0235A19H) H3C MSR 20-21 (0235A325) H3C MSR 20-40 (0235A19K) H3C MSR-20-21 Router (0235A19J)
MSR20-1X Fix in progress use mitigations JD431A HP MSR20-10 Router JD667A HP MSR20-15 IW Multi-Service Router JD668A HP MSR20-13 Multi-Service Router JD669A HP MSR20-13 W Multi-Service Router JD670A HP MSR20-15 A Multi-Service Router JD671A HP MSR20-15 AW Multi-Service Router JD672A HP MSR20-15 I Multi-Service Router JD673A HP MSR20-11 Multi-Service Router JD674A HP MSR20-12 Multi-Service Router JD675A HP MSR20-12 W Multi-Service Router JD676A HP MSR20-12 T1 Multi-Service Router JF236A HP MSR20-15-I Router JF237A HP MSR20-15-A Router JF238A HP MSR20-15-I-W Router JF239A HP MSR20-11 Router JF240A HP MSR20-13 Router JF241A HP MSR20-12 Router JF806A HP MSR20-12-T Router JF807A HP MSR20-12-W Router JF808A HP MSR20-13-W Router JF809A HP MSR20-15-A-W Router JF817A HP MSR20-15 Router JG209A HP MSR20-12-T-W Router (NA) JG210A HP MSR20-13-W Router (NA) H3C MSR 20-15 Router Host(AC) 1 FE 4 LSW 1 ADSLoPOTS 1 DSIC (0235A0A8) H3C MSR 20-10 (0235A0A7) H3C RT-MSR2011-AC-OVS-H3 (0235A395) H3C RT-MSR2012-AC-OVS-H3 (0235A396) H3C RT-MSR2012-AC-OVS-W-H3 (0235A397) H3C RT-MSR2012-T-AC-OVS-H3 (0235A398) H3C RT-MSR2013-AC-OVS-H3 (0235A390) H3C RT-MSR2013-AC-OVS-W-H3 (0235A391) H3C RT-MSR2015-AC-OVS-A-H3 (0235A392) H3C RT-MSR2015-AC-OVS-AW-H3 (0235A393) H3C RT-MSR2015-AC-OVS-I-H3 (0235A394) H3C RT-MSR2015-AC-OVS-IW-H3 (0235A38V) H3C MSR 20-11 (0235A31V) H3C MSR 20-12 (0235A32E) H3C MSR 20-12 T1 (0235A32B) H3C MSR 20-13 (0235A31W) H3C MSR 20-13 W (0235A31X) H3C MSR 20-15 A (0235A31Q) H3C MSR 20-15 A W (0235A31R) H3C MSR 20-15 I (0235A31N) H3C MSR 20-15 IW (0235A31P) H3C MSR20-12 W (0235A32G)
MSR30 Fix in progress use mitigations JD654A HP MSR30-60 POE Multi-Service Router JD657A HP MSR30-40 Multi-Service Router JD658A HP MSR30-60 Multi-Service Router JD660A HP MSR30-20 POE Multi-Service Router JD661A HP MSR30-40 POE Multi-Service Router JD666A HP MSR30-20 Multi-Service Router JF229A HP MSR30-40 Router JF230A HP MSR30-60 Router JF232A HP RT-MSR3040-AC-OVS-AS-H3 JF235A HP MSR30-20 DC Router JF284A HP MSR30-20 Router JF287A HP MSR30-40 DC Router JF801A HP MSR30-60 DC Router JF802A HP MSR30-20 PoE Router JF803A HP MSR30-40 PoE Router JF804A HP MSR30-60 PoE Router H3C MSR 30-20 Router (0235A328) H3C MSR 30-40 Router Host(DC) (0235A268) H3C RT-MSR3020-AC-POE-OVS-H3 (0235A322) H3C RT-MSR3020-DC-OVS-H3 (0235A267) H3C RT-MSR3040-AC-OVS-H (0235A299) H3C RT-MSR3040-AC-POE-OVS-H3 (0235A323) H3C RT-MSR3060-AC-OVS-H3 (0235A320) H3C RT-MSR3060-AC-POE-OVS-H3 (0235A296) H3C RT-MSR3060-DC-OVS-H3 (0235A269) H3C MSR 30-20 RTVZ33020AS Router Host(AC) (0235A20S) H3C MSR 30-20 (0235A19L) H3C MSR 30-20 POE (0235A239) H3C MSR 30-40 (0235A20J) H3C MSR 30-40 POE (0235A25R) H3C MSR 30-60 (0235A20K) H3C MSR 30-60 POE (0235A25S) H3C RT-MSR3040-AC-OVS-AS-H3 (0235A20V)
MSR30-16 Fix in progress use mitigations JD659A HP MSR30-16 POE Multi-Service Router JD665A HP MSR30-16 Multi-Service Router JF233A HP MSR30-16 Router JF234A HP MSR30-16 PoE Router H3C RT-MSR3016-AC-OVS-H3 (0235A327) H3C RT-MSR3016-AC-POE-OVS-H3 (0235A321) H3C MSR 30-16 (0235A237) H3C MSR 30-16 POE (0235A238)
MSR30-1X Fix in progress use mitigations JF800A HP MSR30-11 Router JF816A HP MSR30-10 2 FE /2 SIC /1 MIM MS Rtr JG182A HP MSR30-11E Router JG183A HP MSR30-11F Router JG184A HP MSR30-10 DC Router H3C MSR 30-10 Router Host(AC) 2FE 2SIC 1XMIM 256DDR (0235A39H) H3C RT-MSR3011-AC-OVS-H3 (0235A29L)
MSR50 Fix in progress use mitigations JD433A HP MSR50-40 Router JD653A HP MSR50 Processor Module JD655A HP MSR50-40 Multi-Service Router JD656A HP MSR50-60 Multi-Service Router JF231A HP MSR50-60 Router JF285A HP MSR50-40 DC Router JF640A HP MSR50-60 Rtr Chassis w DC PwrSupply H3C MSR 50-40 Router (0235A297) H3C MSR5040-DC-OVS-H3C (0235A20P) H3C RT-MSR5060-AC-OVS-H3 (0235A298) H3C MSR 50-40 Chassis (0235A20N) H3C MSR 50-60 Chassis (0235A20L)
MSR50-G2 Fix in progress use mitigations JD429A HP MSR50 G2 Processor Module JD429B HP MSR50 G2 Processor Module H3C H3C MSR 50 Processor Module-G2 (0231A84Q) H3C MSR 50 High Performance Main Processing Unit 3GE (Combo) 256F/1GD(0231A0KL)
MSR20 Russian version Fix in progress use mitigations JD663B HP MSR20-21 Router JF228A HP MSR20-40 Router JF283A HP MSR20-20 Router H3C RT-MSR2020-AC-OVS-H3C (0235A324) H3C RT-MSR2040-AC-OVS-H3 (0235A326)
MSR20-1X Russian version Fix in progress use mitigations JD431A HP MSR20-10 Router JF236A HP MSR20-15-I Router JF237A HP MSR20-15-A Router JF238A HP MSR20-15-I-W Router JF239A HP MSR20-11 Router JF240A HP MSR20-13 Router JF241A HP MSR20-12 Router JF806A HP MSR20-12-T Router JF807A HP MSR20-12-W Router JF808A HP MSR20-13-W Router JF809A HP MSR20-15-A-W Router JF817A HP MSR20-15 Router H3C MSR 20-10 (0235A0A7) H3C RT-MSR2015-AC-OVS-I-H3 (0235A394) H3C RT-MSR2015-AC-OVS-A-H3 (0235A392) H3C RT-MSR2015-AC-OVS-AW-H3 (0235A393) H3C RT-MSR2011-AC-OVS-H3 (0235A395) H3C RT-MSR2013-AC-OVS-H3 (0235A390) H3C RT-MSR2012-AC-OVS-H3 (0235A396) H3C RT-MSR2012-T-AC-OVS-H3 (0235A398) H3C RT-MSR2012-AC-OVS-W-H3 (0235A397) H3C RT-MSR2013-AC-OVS-W-H3 (0235A391) H3C RT-MSR2015-AC-OVS-IW-H3 (0235A38V) H3C MSR 20-15 Router Host(AC) 1 FE 4 LSW 1 ADSLoPOTS 1 DSIC (0235A0A8)
MSR30 Russian version Fix in progress use mitigations JF229A HP MSR30-40 Router JF230A HP MSR30-60 Router JF235A HP MSR30-20 DC Router JF284A HP MSR30-20 Router JF287A HP MSR30-40 DC Router JF801A HP MSR30-60 DC Router JF802A HP MSR30-20 PoE Router JF803A HP MSR30-40 PoE Router JF804A HP MSR30-60 PoE Router H3C RT-MSR3040-AC-OVS-H (0235A299) H3C RT-MSR3060-AC-OVS-H3 (0235A320) H3C RT-MSR3020-DC-OVS-H3 (0235A267) H3C MSR 30-20 Router (0235A328) H3C MSR 30-40 Router Host(DC) (0235A268) H3C RT-MSR3060-DC-OVS-H3 (0235A269) H3C RT-MSR3020-AC-POE-OVS-H3 (0235A322) H3C RT-MSR3040-AC-POE-OVS-H3 (0235A323) H3C RT-MSR3060-AC-POE-OVS-H3 (0235A296)
MSR30-1X Russian version Fix in progress use mitigations JF800A HP MSR30-11 Router JF816A HP MSR30-10 2 FE /2 SIC /1 MIM MS Rtr JG182A HP MSR30-11E Router JG183A HP MSR30-11F Router JG184A HP MSR30-10 DC Router H3C RT-MSR3011-AC-OVS-H3 (0235A29L) H3C MSR 30-10 Router Host(AC) 2FE 2SIC 1XMIM 256DDR (0235A39H)
MSR30-16 Russian version Fix in progress use mitigations JF233A HP MSR30-16 Router JF234A HP MSR30-16 PoE Router H3C RT-MSR3016-AC-OVS-H3 (0235A327) H3C RT-MSR3016-AC-POE-OVS-H3 (0235A321)
MSR50 Russian version Fix in progress use mitigations JD433A HP MSR50-40 Router JD653A HP MSR50 Processor Module JD655A HP MSR50-40 Multi-Service Router JD656A HP MSR50-60 Multi-Service Router JF231A HP MSR50-60 Router JF285A HP MSR50-40 DC Router JF640A HP MSR50-60 Rtr Chassis w DC PwrSupply H3C MSR 50-40 Router (0235A297) H3C MSR 50 Processor Module (0231A791) H3C MSR 50-40 Chassis (0235A20N) H3C MSR 50-60 Chassis (0235A20L) H3C RT-MSR5060-AC-OVS-H3 (0235A298) H3C MSR5040-DC-OVS-H3C (0235A20P)
MSR50 G2 Russian version Fix in progress use mitigations JD429B HP MSR50 G2 Processor Module H3C MSR 50 High Performance Main Processing Unit 3GE (Combo) 256F/1GD (0231A0KL)
MSR9XX Fix in progress use mitigations JF812A HP MSR900 Router JF813A HP MSR920 Router JF814A HP MSR900-W Router JF815A HP MSR920 2FEWAN/8FELAN/.11b/g Rtr JG207A HP MSR900-W Router (NA) JG208A HP MSR920-W Router (NA) H3C MSR 900 Router with 802.11b/g 2 FE WAN 4 FE LAN 256DDR 802.11b (0235A0C2) H3C MSR 900 Router 2 FE WAN 4 FE LAN 256DDR (0235A0BX) H3C MSR 920 Router with 802.11b/g 2 FE WAN 8 FE LAN 256DDR (0235A0C4) H3C MSR 920 Router 2 FE WAN 8 FE LAN 256DDR (0235A0C0)
MSR9XX Russian version Fix in progress use mitigations JF812A HP MSR900 Router JF813A HP MSR920 Router JF814A HP MSR900-W Router JF815A HP MSR920 2FEWAN/8FELAN/.11b/g Rtr H3C MSR 900 Router 2 FE WAN 4 FE LAN 256DDR (0235A0BX) H3C MSR 920 Router 2 FE WAN 8 FE LAN 256DDR (0235A0C0) H3C MSR 900 Router with 802.11b/g 2 FE WAN 4 FE LAN 256DDR 802.11b (0235A0C2) H3C MSR 920 Router with 802.11b/g 2 FE WAN 8 FE LAN 256DDR (0235A0C4)
MSR93X Fix in progress use mitigations JG511A HP MSR930 Router JG512A HP MSR930 Wireless Router JG513A HP MSR930 3G Router JG514A HP MSR931 Router JG515A HP MSR931 3G Router JG516A HP MSR933 Router JG517A HP MSR933 3G Router JG518A HP MSR935 Router JG519A HP MSR935 Wireless Router JG520A HP MSR935 3G Router JG531A HP MSR931 Dual 3G Router JG596A HP MSR930 4G LTE/3G CDMA Router JG597A HP MSR936 Wireless Router JG665A HP MSR930 4G LTE/3G WCDMA Global Router JG704A HP MSR930 4G LTE/3G WCDMA ATT Router
MSR93X Russian version Fix in progress use mitigations JG511A HP MSR930 Router JG512A HP MSR930 Wireless Router JG513A HP MSR930 3G Router JG514A HP MSR931 Router JG515A HP MSR931 3G Router JG516A HP MSR933 Router JG517A HP MSR933 3G Router JG518A HP MSR935 Router JG519A HP MSR935 Wireless Router JG520A HP MSR935 3G Router JG531A HP MSR931 Dual 3G Router JG596A HP MSR930 4G LTE/3G CDMA Router JG597A HP MSR936 Wireless Router JG665A HP MSR930 4G LTE/3G WCDMA Global Router JG704A HP MSR930 4G LTE/3G WCDMA ATT Router
MSR1000 Fix in progress use mitigations JG732A HP MSR1003-8 AC Router
MSR2000 Fix in progress use mitigations JG411A HP MSR2003 AC Router
MSR3000 Fix in progress use mitigations JG404A HP MSR3064 Router JG405A HP MSR3044 Router JG406A HP MSR3024 AC Router JG409A HP MSR3012 AC Router JG861A HP MSR3024 TAA-compliant AC Router
MSR4000 Fix in progress use mitigations JG402A HP MSR4080 Router Chassis JG403A HP MSR4060 Router Chassis JG412A HP MSR4000 MPU-100 Main Processing Unit
F5000 Fix in progress use mitigations JG216A HP F5000 Firewall Standalone Chassis JD259A HP A5000-A5 VPN Firewall Chassis H3C SecPath F5000-A5 Host System (0150A0AG)
U200S and CS Fix in progress use mitigations JD268A HP 200-CS UTM Appliance JD273A HP U200-S UTM Appliance H3C SecPath U200-S (0235A36N)
U200A and M Fix in progress use mitigations JD274A HP 200-M UTM Appliance JD275A HP U200-A UTM Appliance H3C SecPath U200-A (0235A36Q)
F1000A and S Fix in progress use mitigations JD270A HP S1000-S VPN Firewall Appliance JD271A HP S1000-A VPN Firewall Appliance JG213A HP F1000-S-EI VPN Firewall Appliance JG214A HP F1000-A-EI VPN Firewall Appliance
SecBlade FW Fix in progress use mitigations JC635A HP 12500 VPN Firewall Module JD245A HP 9500 VPN Firewall Module JD249A HP 10500/7500 Advanced VPN Firewall Mod JD250A HP 6600 Firewall Processing Rtr Module JD251A HP 8800 Firewall Processing Module JD255A HP 5820 VPN Firewall Module H3C S9500E SecBlade VPN Firewall Module (0231A0AV) H3C S7500E SecBlade VPN Firewall Module (0231A832) H3C SR66 Gigabit Firewall Module (0231A88A) H3C SR88 Firewall Processing Module (0231A88L) H3C S5820 SecBlade VPN Firewall Module (0231A94J)
F1000E Fix in progress use mitigations JD272A HP S1000-E VPN Firewall Appliance
VSR1000 Fix in progress use mitigations JG810AAE HP VSR1001 Virtual Services Router JG811AAE HP VSR1001 Virtual Services Router JG812AAE HP VSR1004 Virtual Services Router JG813AAE HP VSR1008 Virtual Services Router
WX5002/5004 Fix in progress use mitigations JD441A HP 5800 ACM for 64-256 APs JD447B HP WX5002 Access Controller JD448A HP A-WX5004 Access Controller JD448B HP WX5004 Access Controller JD469A HP A-WX5004 (3Com) Access Controller JG261A HP 5800 Access Controller OAA TAA Mod
HP 850/870 Fix in progress use mitigations JG723A HP 870 Unified Wired-WLAN Appliance JG725A HP 870 Unifd Wrd-WLAN TAA Applnc
HP 830 Fix in progress use mitigations JG640A HP 830 24P PoE+ Unifd Wired-WLAN Swch JG641A HP 830 8P PoE+ Unifd Wired-WLAN Swch JG646A HP 830 24-Port PoE+ Wrd-WLAN TAA Switch JG647A HP 830 8-Port PoE+ Wrd-WLAN TAA Switch
HP 6000 Fix in progress use mitigations JG639A HP 10500/7500 20G Unified Wired-WLAN Mod JG645A HP 10500/7500 20G Unifd Wrd-WLAN TAA Mod
M220 Fix in progress use mitigations J9798A HP M220 802.11n AM Access Point J9799A HP M220 802.11n WW Access Point
NGFW Fix in progress use mitigations JC882A HP S1050F NGFW Aplnc w/DVLabs 1-yr Lic JC883A HP S3010F NGFW Aplnc w/DVLabs 1-yr Lic JC884A HP S3020F NGFW Aplnc w/DVLabs 1-yr Lic JC885A HP S8005F NGFW Aplnc w/DVLabs 1-yr Lic JC886A HP S8010F NGFW Aplnc w/DVLabs 1-yr Lic
iMC UAM 7.0 Fix in progress use mitigations JD144A HP IMC UAM S/W Module w/200-User License JF388A HP IMC UAM S/W Module w/200-user License JD435A HP IMC EAD Client Software JF388AAE HP IMC UAM S/W Module w/200-user E-LTU JG752AAE HP IMC UAM SW Mod w/ 50-user E-LTU
iMC EAD 7.0 Fix in progress use mitigations JF391AAE HP IMC EAD S/W Module w/200-user E-LTU JG754AAE HP IMC EAD SW Module w/ 50-user E-LTU JD147A HP IMC Endpoint Admission Defense Software Module with 200-user License JF391A HP IMC EAD S/W Module w/200-user License
iMC PLAT 7.0 Fix in progress use mitigations JF377AAE HP IMC Standard Edition Software Platform with 100-node E-LTU JG549AAE HP PCM+ to IMC Std Upgr w/200-node E-LTU JG747AAE HP IMC Standard Software Platform with 50-node E-LTU JG768AAE HP PCM+ to IMC Std Upg w/ 200-node E-LTU JD125A HP IMC Standard Edition Software Platform with 100-node License JD815A HP IMC Standard Edition Software Platform with 100-node License JD816A HP A-IMC Standard Edition Software DVD Media JF377A HP IMC Standard Edition Software Platform with 100-node License JF288AAE HP Network Director to Intelligent Management Center Upgrade E-LTU JF289AAE HP Enterprise Management System to Intelligent Management Center Upgrade E-LTU TJ635AAE HP IMC for ANM 50 node pack SW E-LTU (On HP Softwares CPL not HPNs) JF378AAE HP IMC Enterprise Edition Software Platform with 200-Node E-LTU JG748AAE HP IMC Enterprise Software Platform with 50-node E-LTU JD126A HP A-IMC Enterprise Software Platform with 200-node License JD808A HP A-IMC Enterprise Software Platform with 200-node License JD814A HP A-IMC Enterprise Edition Software DVD Media JF378A HP IMC Enterprise Edition Software Platform with 200-node License JG546AAE HP IMC Basic SW Platform w/50-node E-LTU JG548AAE HP PCM+ to IMC Bsc Upgr w/50-node E-LTU JG550AAE HP PMM to IMC Bsc WLM Upgr w/150 AP E-LTU JG590AAE HP IMC Bsc WLAN Mgr SW Pltfm 50 AP E-LTU JG659AAE HP IMC Smart Connect Virtual Appliance Edition E-LTU JG766AAE HP IMC Smart Connect Virtual Appliance Edition E-LTU JG660AAE HP IMC Smart Connect w / WLAN Manager Virtual Appliance Edition E-LTU JG767AAE HP IMC Smart Connect with Wireless Service Manager Virtual Appliance Software E-LTU
HISTORY Version:1 (rev.1) - 20 June 2014 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2014 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux)
iEYEARECAAYFAlOkrM4ACgkQ4B86/C0qfVn7/QCeK5T1H9dXfVQgIKSr5USqLmvq CtMAnjujH7e5aXfIOvxyyuB0FcSwIWCM =CEL7 -----END PGP SIGNATURE----- . OpenSSL is a 3rd party product that is embedded with some HP printer products. This bulletin notifies HP Printer customers about impacted products. To obtain the updated firmware, go to www.hp.com and follow these steps:
Select "Drivers & Software". Enter the appropriate product name listed in the table below into the search field. Click on "Search". Click on the appropriate product. Under "Select operating system" click on "Cross operating system (BIOS, Firmware, Diagnostics, etc.)" Note: If the "Cross operating system ..." link is not present, select applicable Windows operating system from the list. Select the appropriate firmware update under "Firmware".
Firmware Updates Table
Product Name Model Number Firmware Revision
HP Color LaserJet CM4540 MFP CC419A, CC420A, CC421A v 2302963_436067 (or higher)
HP Color LaserJet CP5525 CE707A,CE708A,CE709A v 2302963_436070 (or higher)
HP Color LaserJet Enterprise M750 D3L08A, D3L09A, D3L10A v 2302963_436077 (or higher)
HP Color LaserJet M651 CZ255A, CZ256A, CZ257A, CZ258A v 2302963_436073 (or higher)
HP Color LaserJet M680 CZ248A, CZ249A v 2302963_436072 (or higher)
HP Color LaserJet Flow M680 CZ250A, CA251A v 2302963_436072 (or higher)
HP LaserJet Enterprise 500 color MFP M575dn CD644A, CD645A v 2302963_436081 (or higher)
HP LaserJet Enterprise 500 MFP M525f CF116A, CF117A v 2302963_436069 (or higher)
HP LaserJet Enterprise 600 M601 Series CE989A, CE990A v 2302963_436082 (or higher)
HP LaserJet Enterprise 600 M602 Series CE991A, CE992A, CE993A v 2302963_436082 (or higher)
HP LaserJet Enterprise 600 M603 Series CE994A, CE995A, CE996A v 2302963_436082 (or higher)
HP LaserJet Enterprise MFP M630 series B3G84A, B3G85A, B3G86A, J7X28A v 2303714_233000041 (or higher)
HP LaserJet Enterprise 700 color M775 series CC522A, CC523A, CC524A, CF304A v 2302963_436079 (or higher)
HP LaserJet Enterprise 700 M712 series CF235A, CF236A, CF238A v 2302963_436080 (or higher)
HP LaserJet Enterprise 800 color M855 A2W77A, A2W78A, A2W79A v 2302963_436076 (or higher)
HP LaserJet Enterprise 800 color MFP M880 A2W76A, A2W75A, D7P70A, D7P71A v 2302963_436068 (or higher)
HP LaserJet Enterprise Color 500 M551 Series CF081A,CF082A,CF083A v 2302963_436083 (or higher)
HP LaserJet Enterprise color flow MFP M575c CD646A v 2302963_436081 (or higher)
HP LaserJet Enterprise flow M830z MFP CF367A v 2302963_436071 (or higher)
HP LaserJet Enterprise flow MFP M525c CF118A v 2302963_436069 (or higher)
HP LaserJet Enterprise M4555 MFP CE502A,CE503A, CE504A, CE738A v 2302963_436064 (or higher)
HP LaserJet Enterprise M806 CZ244A, CZ245A v 2302963_436075 (or higher)
HP LaserJet Enterprise MFP M725 CF066A, CF067A, CF068A, CF069A v 2302963_436078 (or higher)
HP Scanjet Enterprise 8500 Document Capture Workstation L2717A, L2719A v 2302963_436065 (or higher)
OfficeJet Enterprise Color MFP X585 B5L04A, B5L05A,B5L07A v 2302963_436066 (or higher)
OfficeJet Enterprise Color X555 C2S11A, C2S12A v 2302963_436074 (or higher)
HP Color LaserJet CP3525 CC468A, CC469A, CC470A, CC471A v 06.183.1 (or higher)
HP LaserJet M4345 Multifunction Printer CB425A, CB426A, CB427A, CB428A v 48.306.1 (or higher)
HP LaserJet M5025 Multifunction Printer Q7840A v 48.306.1 (or higher)
HP Color LaserJet CM6040 Multifunction Printer Q3938A, Q3939A v 52.256.1 (or higher)
HP Color LaserJet Enterprise CP4525 CC493A, CC494A, CC495A v 07.164.1 (or higher)
HP Color LaserJet Enterprise CP4025 CC489A, CC490A v 07.164.1 (or higher)
HP LaserJet M5035 Multifunction Printer Q7829A, Q7830A, Q7831A v 48.306.1 (or higher)
HP LaserJet M9050 Multifunction Printer CC395A v 51.256.1 (or higher)
HP LaserJet M9040 Multifunction Printer CC394A v 51.256.1 (or higher)
HP Color LaserJet CM4730 Multifunction Printer CB480A, CB481A, CB482A, CB483A v 50.286.1 (or higher)
HP LaserJet M3035 Multifunction Printer CB414A, CB415A, CC476A, CC477A v 48.306.1 (or higher)
HP 9250c Digital Sender CB472A v 48.293.1 (or higher)
HP LaserJet Enterprise P3015 CE525A,CE526A,CE527A,CE528A,CE595A v 07.186.1 (or higher)
HP LaserJet M3027 Multifunction Printer CB416A, CC479A v 48.306.1 (or higher)
HP LaserJet CM3530 Multifunction Printer CC519A, CC520A v 53.236.1 (or higher)
HP Color LaserJet CP6015 Q3931A, Q3932A, Q3933A, Q3934A, Q3935A v 04.203.1 (or higher)
HP LaserJet P4515 CB514A,CB515A, CB516A, CB517A v 04.213.1 (or higher)
HP Color LaserJet CM6030 Multifunction Printer CE664A, CE665A v 52.256.1 (or higher)
HP LaserJet P4015 CB509A, CB526A, CB511A, CB510A v 04.213.1 (or higher)
HP LaserJet P4014 CB507A, CB506A, CB512A v 04.213.1 (or higher)
HISTORY Version:1 (rev.1) - 22 September 2014 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201406-0445",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "jboss enterprise application platform",
"scope": "eq",
"trust": 1.3,
"vendor": "redhat",
"version": "6.2.3"
},
{
"model": "jboss enterprise web server",
"scope": "eq",
"trust": 1.3,
"vendor": "redhat",
"version": "2.0.1"
},
{
"model": "jboss enterprise web platform",
"scope": "eq",
"trust": 1.3,
"vendor": "redhat",
"version": "5.2.0"
},
{
"model": "power",
"scope": "eq",
"trust": 1.2,
"vendor": "ibm",
"version": "7200"
},
{
"model": "powerlinux 7r2",
"scope": "eq",
"trust": 1.2,
"vendor": "ibm",
"version": "0"
},
{
"model": "openssl",
"scope": "lt",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8za"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "rox",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "1.16.1"
},
{
"model": "openssl",
"scope": "lt",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0m"
},
{
"model": "openssl",
"scope": "gte",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0"
},
{
"model": "openssl",
"scope": "gte",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "13.1"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "20"
},
{
"model": "application processing engine",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.0.2"
},
{
"model": "python",
"scope": "lt",
"trust": 1.0,
"vendor": "python",
"version": "3.4.2"
},
{
"model": "s7-1500",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "1.6"
},
{
"model": "jboss enterprise application platform",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5.2.0"
},
{
"model": "node.js",
"scope": "lt",
"trust": 1.0,
"vendor": "nodejs",
"version": "0.10.29"
},
{
"model": "python",
"scope": "lt",
"trust": 1.0,
"vendor": "python",
"version": "2.7.8"
},
{
"model": "server",
"scope": "lt",
"trust": 1.0,
"vendor": "filezilla",
"version": "0.9.45"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "19"
},
{
"model": "storage",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "python",
"scope": "gte",
"trust": 1.0,
"vendor": "python",
"version": "3.4.0"
},
{
"model": "mariadb",
"scope": "lt",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.0.13"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "4"
},
{
"model": "cp1543-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "1.1.25"
},
{
"model": "openssl",
"scope": "lt",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1h"
},
{
"model": "mariadb",
"scope": "gte",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.0.0"
},
{
"model": "python",
"scope": "gte",
"trust": 1.0,
"vendor": "python",
"version": "2.7.0"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "13.2"
},
{
"model": "power",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "7100"
},
{
"model": "power",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "7400"
},
{
"model": "powerlinux 7r1",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "0"
},
{
"model": "bladecenter advanced management module 3.66e",
"scope": null,
"trust": 0.9,
"vendor": "ibm",
"version": null
},
{
"model": "junos 12.1x44-d20",
"scope": null,
"trust": 0.9,
"vendor": "juniper",
"version": null
},
{
"model": "power express",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "5200"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.6,
"vendor": "juniper",
"version": "10.4"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.6,
"vendor": "juniper",
"version": "11.4"
},
{
"model": "junos 11.4r9",
"scope": null,
"trust": 0.6,
"vendor": "juniper",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.6,
"vendor": "juniper",
"version": "13.3"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.6,
"vendor": "juniper",
"version": "12.3"
},
{
"model": "power",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "7700"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.6,
"vendor": "juniper",
"version": "10.1"
},
{
"model": "one-x mobile sip for ios",
"scope": "eq",
"trust": 0.6,
"vendor": "avaya",
"version": "6.2.2"
},
{
"model": "one-x mobile sip for ios",
"scope": "eq",
"trust": 0.6,
"vendor": "avaya",
"version": "6.2.5"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.6,
"vendor": "juniper",
"version": "10.0"
},
{
"model": "power",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "5700"
},
{
"model": "power",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "7800"
},
{
"model": "power",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "7300"
},
{
"model": "power",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "7500"
},
{
"model": "junos 10.4s15",
"scope": null,
"trust": 0.6,
"vendor": "juniper",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.6,
"vendor": "juniper",
"version": "12.1x45"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.6,
"vendor": "juniper",
"version": "12.1"
},
{
"model": "junos 13.2r2",
"scope": null,
"trust": 0.6,
"vendor": "juniper",
"version": null
},
{
"model": "junos 10.4r15",
"scope": null,
"trust": 0.6,
"vendor": "juniper",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.6,
"vendor": "juniper",
"version": "11.1"
},
{
"model": "one-x mobile sip for ios",
"scope": "eq",
"trust": 0.6,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "one-x mobile sip for ios",
"scope": "eq",
"trust": 0.6,
"vendor": "avaya",
"version": "6.2.3"
},
{
"model": "junos 13.3r1",
"scope": null,
"trust": 0.6,
"vendor": "juniper",
"version": null
},
{
"model": "junos 10.4s",
"scope": null,
"trust": 0.6,
"vendor": "juniper",
"version": null
},
{
"model": "one-x mobile sip for ios",
"scope": "eq",
"trust": 0.6,
"vendor": "avaya",
"version": "6.2.4"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.6,
"vendor": "juniper",
"version": "12.2"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.6,
"vendor": "juniper",
"version": "11.2"
},
{
"model": "one-x mobile sip for ios",
"scope": "eq",
"trust": 0.6,
"vendor": "avaya",
"version": "6.2.1"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.6,
"vendor": "juniper",
"version": "10.2"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.6,
"vendor": "juniper",
"version": "11.4x27"
},
{
"model": "junos 11.4r8",
"scope": null,
"trust": 0.6,
"vendor": "juniper",
"version": null
},
{
"model": "junos 10.4r16",
"scope": null,
"trust": 0.6,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.1x45-d10",
"scope": null,
"trust": 0.6,
"vendor": "juniper",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.6,
"vendor": "juniper",
"version": "12.1x44"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.6,
"vendor": "juniper",
"version": "13.1"
},
{
"model": "junos 12.1r7",
"scope": null,
"trust": 0.6,
"vendor": "juniper",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.6,
"vendor": "juniper",
"version": "10.3"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "0.9.8k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "0.9.8j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "0.9.8p"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "0.9.8n"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "0.9.8q"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "0.9.8m"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "0.9.8l"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "0.9.8o"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0.9.110.6"
},
{
"model": "storevirtual 1tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "power ps702",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "cloudplatform",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "4.30"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3.3"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "1.0.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.117"
},
{
"model": "junos d30",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x45"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.112"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.46"
},
{
"model": "chrome for android",
"scope": "ne",
"trust": 0.3,
"vendor": "google",
"version": "35.0.1916.141"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "fortigate",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.6"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.6"
},
{
"model": "integration bus",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.0"
},
{
"model": "tandberg mxp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8800"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.18"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "1.9.1"
},
{
"model": "oncommand performance manager",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5600v210.1"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.10"
},
{
"model": "idataplex dx360 m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "79120"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.155"
},
{
"model": "laserjet pro color printer m251n/nw cf147a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "20020140919"
},
{
"model": "horizon view feature pack",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.3"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.5"
},
{
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.1.0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.6.1"
},
{
"model": "cp1543-1",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "computer telephony integration object server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 12.1r",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "malware analysis appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "4.2.2"
},
{
"model": "vsphere virtual disk development kit",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.1"
},
{
"model": "fortimanager",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.7"
},
{
"model": "laserjet p2055 printer series ce460a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "20141201"
},
{
"model": "rational tau",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.35"
},
{
"model": "ace application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "datafort e-series",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "system type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3690x571471.43"
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3100v2-480"
},
{
"model": "i v5r3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "junos 11.4r11",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "proventia network security controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.470"
},
{
"model": "xenclient enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "4.5.4"
},
{
"model": "security analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.6.10"
},
{
"model": "junos 12.1x46-d25",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "project openssl 1.0.0g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "junos space ja1500 appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.1.3"
},
{
"model": "system type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3850x571431.43"
},
{
"model": "clustered data ontap antivirus connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3"
},
{
"model": "laserjet printer series q7543a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "52008.241"
},
{
"model": "proxyav",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "3.5"
},
{
"model": "laserjet enterprise flow mfp m525c cf118a 2302963 436069",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.20"
},
{
"model": "fortios b0537",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.8"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.06"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.0"
},
{
"model": "laserjet enterprise m806 cz244a 2302963 436075",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "winscp",
"scope": "eq",
"trust": 0.3,
"vendor": "winscp",
"version": "5.1.3"
},
{
"model": "esxi",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.1"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.0"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "9.1-release-p15",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "laserjet enterprise color m775 series cf304a 2302963 436079",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "700"
},
{
"model": "fortirecorder",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "1.4.2"
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.00"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.3.3"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "rational build forge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.1"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9"
},
{
"model": "upward integration modules for vmware vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "content analysis system software",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "1.1.2.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.11"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.32"
},
{
"model": "laserjet enterprise mfp m525f cf117a 2302963 436069",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "500"
},
{
"model": "laserjet enterprise color m775 series cc522a 2302963 436079",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "700"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.15"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.7"
},
{
"model": "secure analytics 2013.2r8",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "vpn client v100r001c02spc702",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "laserjet enterprise color mfp m880 d7p70a 2302963 436068",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "800"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.6"
},
{
"model": "laserjet pro color mfp m276n/nw cf145a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "20020140919"
},
{
"model": "netscaler",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "9.1.100.3"
},
{
"model": "api management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "laserjet m9050 multifunction printer cc395a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "cacheflow",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "3.2"
},
{
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x310025820"
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "34.0"
},
{
"model": "junos 13.1r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "oneview",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.0"
},
{
"model": "integrity superdome and hp converged system for sap hana",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "x9005.50.12"
},
{
"model": "asset manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.20"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.3"
},
{
"model": "algo one",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.8"
},
{
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.1"
},
{
"model": "sdn for virtual environments",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.2"
},
{
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "5.0.2"
},
{
"model": "one-x communicator for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"model": "vdi-in-a-box",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.3.5"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.2"
},
{
"model": "winscp",
"scope": "eq",
"trust": 0.3,
"vendor": "winscp",
"version": "5.5.1"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "31005.1.2"
},
{
"model": "manageone v100r002c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.1"
},
{
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "tivoli endpoint manager for remote control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.1"
},
{
"model": "power express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7400"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.38"
},
{
"model": "tivoli workload scheduler distributed ga level",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.2.0"
},
{
"model": "snapprotect",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "junos r8-s2",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.34"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "color laserjet enterprise cp4525 cc495a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "10.0-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.49"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.342"
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"model": "oneview",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "1.10"
},
{
"model": "laserjet enterprise mfp m725 cf069a 2302963 436078",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.53"
},
{
"model": "data ontap",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "7.0.1"
},
{
"model": "storevirtual vsa software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "12.6"
},
{
"model": "prime access registrar appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.48"
},
{
"model": "nvp",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.2.2"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.1.1"
},
{
"model": "algo one",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.7"
},
{
"model": "database and middleware automation",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.0"
},
{
"model": "tivoli netcool/system service monitor fp11",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "tekelec hlr router",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.0"
},
{
"model": "open systems snapvault agent",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.0"
},
{
"model": "agile controller v100r001c00spc200",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "web security gateway anywhere",
"scope": "eq",
"trust": 0.3,
"vendor": "websense",
"version": "7.7"
},
{
"model": "laserjet p4515 cb515a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4.203.1"
},
{
"model": "laserjet pro mfp m425dn/dw cf286a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "40020140919"
},
{
"model": "laserjet enterprise m712 series cf236a 2302963 436080",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "700"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.49"
},
{
"model": "project openssl 1.0.0h",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "mds switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smart update manager for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.3.5"
},
{
"model": "idol speech software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "client applications",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.3"
},
{
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.1"
},
{
"model": "network connect",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.5.0.16091"
},
{
"model": "laserjet enterprise color m551 series cf082a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5000"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.6"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "0.9.8"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.124"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.10"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.1"
},
{
"model": "telepresence tx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"model": "director",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.5.2"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "cerberus",
"version": "7.0.0.2"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.2.2"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.32"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.14"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.211"
},
{
"model": "laserjet enterprise mfp m725 cf066a 2302963 436078",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.40"
},
{
"model": "websphere mq",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.10"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.0"
},
{
"model": "wx5002/5004 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "netscaler 9.3.e",
"scope": null,
"trust": 0.3,
"vendor": "citrix",
"version": null
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.71"
},
{
"model": "laserjet m9040 multifunction printer cc394a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "51.256.1"
},
{
"model": "updatexpress system packs installer",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.61"
},
{
"model": "usg5000 v300r001c10sph201",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.46"
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.3"
},
{
"model": "cognos metrics manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "junos space 13.3r1.8",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "proxyav",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "3.4"
},
{
"model": "project openssl 0.9.8y",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "enterprise communications broker pcz2.0.0m4p5",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "sparc enterprise m4000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1118"
},
{
"model": "netscaler",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "10.1"
},
{
"model": "aura application server sip core pb23",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.0"
},
{
"model": "vsr1000 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.33"
},
{
"model": "asg2000 v100r001c10sph001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "chrome os beta",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0.9.130.14"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.10"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.1.14"
},
{
"model": "wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.16"
},
{
"model": "junos r4-s2",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "13.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0.9.128.3"
},
{
"model": "virtuozzo containers for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "parallels",
"version": "4.6"
},
{
"model": "laserjet p4015 cb526a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "client applications",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"model": "laserjet enterprise mfp m630 series j7x28a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "laserjet p3005 printer series q7813a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.190.3"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "1.0.0"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "0.9.4"
},
{
"model": "vsphere virtual disk development kit",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.0"
},
{
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.24"
},
{
"model": "vsm v200r002c00spc503",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.37"
},
{
"model": "10.0-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "power",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "710/7300"
},
{
"model": "vdi-in-a-box",
"scope": "ne",
"trust": 0.3,
"vendor": "citrix",
"version": "5.3.8"
},
{
"model": "fortiauthenticator",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "3.0"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.3"
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.08"
},
{
"model": "airwave",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "7.4"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "3.1.4"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "parallels",
"version": "0"
},
{
"model": "nextscale nx360 m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "54550"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.52"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.110"
},
{
"model": "network connect 8.0r3.1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "flex system chassis management module",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32200"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.95"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.8"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "enterprise manager ops center",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1.4"
},
{
"model": "security access manager for web appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "s5900 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "esxi",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.0"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "watson explorer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0"
},
{
"model": "p2000 g3 msa array system ts251p006",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "documentum content server p05",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"model": "laserjet printer series q5404a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "42508.250.2"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "1.0.5"
},
{
"model": "jabber video for telepresence",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"model": "xenclient enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "4.1.2"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.5"
},
{
"model": "flex system p270",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7954-24x)0"
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.04"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.0.10"
},
{
"model": "laserjet p4015 cb509a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.5"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "winscp",
"scope": "eq",
"trust": 0.3,
"vendor": "winscp",
"version": "5.1.2"
},
{
"model": "tivoli workload scheduler distributed fp05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"model": "tivoli workload scheduler distributed fp01",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.0"
},
{
"model": "data ontap smi-s agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1"
},
{
"model": "endeca information discovery studio",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.1"
},
{
"model": "snapdrive for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.1"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.18"
},
{
"model": "big-iq device",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"model": "10.0-rc3-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "cacheflow",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "3.3"
},
{
"model": "infosphere master data management provider hub",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "one-x communicator for mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "x1.0.5"
},
{
"model": "laserjet m5035 multifunction printer q7829a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "48.306.1"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.38"
},
{
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3200"
},
{
"model": "s2750\u0026s5700\u0026s6700 v100r006",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "8.0-release",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "director",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.5.2.3"
},
{
"model": "linerate",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "1.6.1"
},
{
"model": "storevirtual 3tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "laserjet enterprise m602 series ce992a 2302963 436082",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "600"
},
{
"model": "fortiwifi",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.8"
},
{
"model": "laserjet enterprise m712 series cf238a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7000"
},
{
"model": "ssl for openvms",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.4-453"
},
{
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "5.0"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1.4"
},
{
"model": "junos 12.1r8-s3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security network intrusion prevention system gx5208-v2",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"model": "blackberry enterprise service",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.344"
},
{
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x375087220"
},
{
"model": "9.2-release-p7",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "content analysis system software",
"scope": "ne",
"trust": 0.3,
"vendor": "bluecoat",
"version": "1.1.5.5"
},
{
"model": "fortimail",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.5"
},
{
"model": "junos 12.1x46-d10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "sparc enterprise m9000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1117"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.14"
},
{
"model": "advanced settings utility",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.60"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0.0"
},
{
"model": "websphere datapower xml accelerator xa35",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.0.7"
},
{
"model": "(comware family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "12500v7)0"
},
{
"model": "automation stratix",
"scope": "ne",
"trust": 0.3,
"vendor": "rockwell",
"version": "590015.6.3"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.5"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.11"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.50"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v5000-"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.72"
},
{
"model": "nexus series fabric extenders",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "20000"
},
{
"model": "intelligencecenter",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "3.2"
},
{
"model": "project openssl 1.0.1f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "strm 2012.1r8",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual 600gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.0"
},
{
"model": "financial services lending and leasing",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "14.2"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3.2"
},
{
"model": "fortimail build",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.8546"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.55"
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.5"
},
{
"model": "documentum content server p02",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "9.0.3"
},
{
"model": "sbr global enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "color laserjet printer series q7533a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "300046.80.2"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.10"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.19"
},
{
"model": "upward integration modules for microsoft system center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "power ps700",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "bcaaa",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.5"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "winscp",
"scope": "eq",
"trust": 0.3,
"vendor": "winscp",
"version": "5.1.7"
},
{
"model": "communicator for android",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "laserjet enterprise m712 series cf235a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7000"
},
{
"model": "color laserjet cp5525 ce708a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.12"
},
{
"model": "desktop collaboration experience dx650",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "aura application server sip core pb28",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.0"
},
{
"model": "oncommand workflow automation",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "automation stratix",
"scope": "eq",
"trust": 0.3,
"vendor": "rockwell",
"version": "59000"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.00"
},
{
"model": "storevirtual hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433511.5"
},
{
"model": "communicator for android",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0.2"
},
{
"model": "client applications",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.48"
},
{
"model": "telepresence system series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "content analysis system software",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "1.1.5.2"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "11.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.41"
},
{
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.63"
},
{
"model": "one-x communicator for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.9"
},
{
"model": "secure analytics 2014.2r2",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "color laserjet cm4540 mfp cc421a 2302963 436067",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "tivoli workload scheduler for applications fp02",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4"
},
{
"model": "clustered data ontap antivirus connector",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "storevirtual hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.5"
},
{
"model": "color laserjet cp6015 q3934a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4.203.1"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.5"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "41005.1.21"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.6"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "storevirtual vsa software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "12.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.24"
},
{
"model": "telepresence ip gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ape",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "2.0"
},
{
"model": "junos 12.1r10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "flex system en2092 1gb ethernet scalable switch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.4.0"
},
{
"model": "p2000 g3 msa array system ts251p005",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "idol software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.8"
},
{
"model": "xenclient enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.1"
},
{
"model": "smart update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3.0"
},
{
"model": "open systems snapvault 3.0.1p6",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "key",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "0"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "51005.2"
},
{
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.0.5"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.14"
},
{
"model": "laserjet p4515 cb515a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4.213.1"
},
{
"model": "worklight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.0"
},
{
"model": "tivoli netcool/system service monitor fp13",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "laserjet enterprise color m775 series cc523a 2302963 436079",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "700"
},
{
"model": "9.3-beta1-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.01"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.11"
},
{
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.1"
},
{
"model": "power 780",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "watson explorer security",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1"
},
{
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"model": "power express f/c",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "52056340"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.53"
},
{
"model": "tandberg mxp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7700"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "9.4"
},
{
"model": "junos 12.2r6",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.7"
},
{
"model": "u200s and cs family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "client applications",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "security threat response manager 2013.2r8",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "28.0.1500.71"
},
{
"model": "pulse desktop 5.0r4.1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "cloudburst",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.0"
},
{
"model": "vdi-in-a-box",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.3.2"
},
{
"model": "vdi-in-a-box",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.3.7"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.1"
},
{
"model": "winscp",
"scope": "ne",
"trust": 0.3,
"vendor": "winscp",
"version": "5.5.4"
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.04"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.3"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50000"
},
{
"model": "enterprise session border controller ecz7.3m2p2",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "integrated management module ii",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.02"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.6"
},
{
"model": "junos space",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "laserjet m3035 multifunction printer cc476a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "hsr6800 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.1"
},
{
"model": "management center",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "1.3"
},
{
"model": "color laserjet m651 cz258a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.3"
},
{
"model": "aura session manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "switch series (comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10500v5)0"
},
{
"model": "ddos secure",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "5.14.1-1"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "3.4.1"
},
{
"model": "9.3-beta1-p2",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "image construction and composition tool",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.3"
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.2"
},
{
"model": "vsm v200r002c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "junos 12.2r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "message networking sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "officejet enterprise color mfp b5l05a 2302963 436066",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "x585"
},
{
"model": "color laserjet cm4540 mfp cc420a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "dgs-1210-52",
"scope": "eq",
"trust": 0.3,
"vendor": "d link",
"version": "4.00.025"
},
{
"model": "ngfw family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "powervu d9190 comditional access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 3tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "integrated management module ii",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.31"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.57"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "11.3"
},
{
"model": "msr9xx russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "i v5r3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "junos 12.3r4-s3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.14"
},
{
"model": "ssl vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.0"
},
{
"model": "10.0-release-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "1.9.3"
},
{
"model": "malware analysis appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "4.1.1"
},
{
"model": "ive os 7.4r11.1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "flex system p260",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7895-23x)0"
},
{
"model": "laserjet enterprise m806 cz244a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "usage meter",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.3"
},
{
"model": "data ontap",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "6.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.73"
},
{
"model": "security network intrusion prevention system gx5008",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "storevirtual china hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.5"
},
{
"model": "softco v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "proxyav",
"scope": "ne",
"trust": 0.3,
"vendor": "bluecoat",
"version": "3.4.2.7"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.3"
},
{
"model": "s2700\u0026s3700 v100r006c05+v100r06h",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.56"
},
{
"model": "horizon mirage edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "4.4.2"
},
{
"model": "oceanstor s6800t v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1.1"
},
{
"model": "storevirtual 4tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "virtuozzo containers for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "parallels",
"version": "4.6"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "junos 12.1x44-d25",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "color laserjet cm4730 multifunction printer cb480a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.54"
},
{
"model": "sbr enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "laserjet enterprise p3015 ce527a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "telepresence mcu series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "flex system fabric cn4093 10gb converged scalable switch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.4.0"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.3.9.3"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.8"
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.014"
},
{
"model": "asg2000 v100r001c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.154"
},
{
"model": "idp 5.1r4",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security network intrusion prevention system gx4004",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "security network intrusion prevention system gv1000",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "nac manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "splunk",
"scope": "ne",
"trust": 0.3,
"vendor": "splunk",
"version": "6.0.4"
},
{
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "smc2.0 v100r002c01b017sp17",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "463012.6"
},
{
"model": "laserjet cm3530 multifunction printer cc519a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "53.236.1"
},
{
"model": "laserjet pro color mfp m276n/nw cf144a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "20020140919"
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "58000"
},
{
"model": "color laserjet cm4730 multifunction printer cb481a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "email appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "sophos",
"version": "3.7.0.0"
},
{
"model": "email security gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "websense",
"version": "7.8.3"
},
{
"model": "junos os 12.1x46-d20",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "10.0.2"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.0.10"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.43"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.13"
},
{
"model": "junos 12.2r4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "one-x communicator for mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "x1.0.4"
},
{
"model": "network connect 7.4r5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "msa storage gl200r007",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "1040"
},
{
"model": "winscp",
"scope": "eq",
"trust": 0.3,
"vendor": "winscp",
"version": "5.1.4"
},
{
"model": "tivoli workload scheduler distributed",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.10"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89450"
},
{
"model": "rox",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "11.16.1"
},
{
"model": "icewall sso dfw",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.0"
},
{
"model": "usg2000 v300r001c10sph201",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "laserjet p4014 cb506a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.0"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.3.1.8"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.6"
},
{
"model": "system x3500m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "73801.42"
},
{
"model": "licensing",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"model": "ive os",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.0"
},
{
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x325025830"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.53"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.9"
},
{
"model": "fortimail",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.1.2"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.0"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.5"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.00"
},
{
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.2"
},
{
"model": "enterprise content management system monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "storevirtual 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "switch series (comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10500v7)0"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2.6"
},
{
"model": "idol image server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "10.7"
},
{
"model": "ecns600 v100r002c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "espace u19** v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl 1.0.0c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "sbr carrier",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.5"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "spa112 2-port phone adapter",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cloudplatform",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "4.2.1-x"
},
{
"model": "watson explorer security",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "laserjet enterprise color m551 series cf081a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5000"
},
{
"model": "netscaler",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "9.0"
},
{
"model": "universal small cell series software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70003.4.20"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6.2"
},
{
"model": "oceanstor s5600t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "9.0--releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "laserjet enterprise color m855 a2w78a 2302963 436076",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "800"
},
{
"model": "one-x communicator for mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "x1.0.2"
},
{
"model": "color laserjet printer series q5984a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "380046.80.8"
},
{
"model": "simatic cp1543-1",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "1.1"
},
{
"model": "power express f/c",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "52056330"
},
{
"model": "color laserjet cp5525 ce707a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "9.0-releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "system dx360m2 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "73231.42"
},
{
"model": "storevirtual china hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.5"
},
{
"model": "psb email and server security",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "10.00"
},
{
"model": "netscaler",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "9.3-66.5"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.23"
},
{
"model": "laserjet p4014 cb507a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4.213.1"
},
{
"model": "bladecenter js43 with feature code",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7778-23x8446)0"
},
{
"model": "toolscenter suite",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.53"
},
{
"model": "unified communications series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.18"
},
{
"model": "junos space 11.4r5.5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "system storage ts2900 tape library",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0026"
},
{
"model": "junos 12.1r7-s1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "8.4-release-p12",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "netcool/system service monitor fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.014"
},
{
"model": "exalogic",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "x2-22.0.6.2.0"
},
{
"model": "color laserjet m680 cz248a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "bbm for android",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.46"
},
{
"model": "fortianalyzer",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.5"
},
{
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.6.0"
},
{
"model": "color laserjet enterprise cp4025 cc489a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.164.1"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"model": "tivoli management framework",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.1"
},
{
"model": "laserjet m3027 multifunction printer cb416a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "security information and event management hf11",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.3.2"
},
{
"model": "laserjet pro mfp m425dn/dw cf288a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "40020140919"
},
{
"model": "snapdrive for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "junos 12.1r5-s3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.12"
},
{
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x363071580"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.8"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.29"
},
{
"model": "asset manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.30"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.4"
},
{
"model": "linerate",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.2.1"
},
{
"model": "xenclient enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.1.1"
},
{
"model": "content analysis system",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "1.1"
},
{
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "vsphere storage appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.1"
},
{
"model": "aura experience portal sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "junos space",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1"
},
{
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.1"
},
{
"model": "elan",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "8.4"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.15"
},
{
"model": "tivoli storage productivity center fp3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.2"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "netscaler",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "10.0"
},
{
"model": "laserjet m5035 multifunction printer q7831a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "48.306.1"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x46"
},
{
"model": "cacheflow",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "2.2"
},
{
"model": "one-x communicator for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.5"
},
{
"model": "msr2000 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6.5"
},
{
"model": "email security gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "websense",
"version": "7.8.2"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"model": "initiate master data service provider hub",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"model": "storevirtual 3tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "aura presence services sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "color laserjet printer series cb433a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "470046.230.6"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.3"
},
{
"model": "laserjet enterprise m712 series cf236a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7000"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "3.1.12"
},
{
"model": "tivoli netcool/system service monitor fp9",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "communicator for ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0.1"
},
{
"model": "color laserjet printer series q7535a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "300046.80.2"
},
{
"model": "data ontap",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "8.1.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.7"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.2"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.3"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "svn2200 v200r001c01hp0001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual fc 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "bladecenter js12 express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7998-60x)0"
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.4"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.12"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"model": "laserjet multifunction printer series q3943a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "43459.310.2"
},
{
"model": "usg9500 v300r001c01spc300",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "laserjet p4015 cb526a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4.213.1"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.7"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "cms r16 r6",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.2"
},
{
"model": "system x3200m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "73271.42"
},
{
"model": "client applications",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.115"
},
{
"model": "cit",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.52"
},
{
"model": "storevirtual 1tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "flashsystem 9840-ae1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "840"
},
{
"model": "sterling connect:direct for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"model": "management center",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "1.3.2.1"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.12"
},
{
"model": "storevirtual 450gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.0"
},
{
"model": "color laserjet cp3505 printer series ce491a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "3.160.2"
},
{
"model": "laserjet m5035 multifunction printer q7830a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "algo one",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "network connect",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.4.0.15779"
},
{
"model": "color laserjet cp3525 cc468a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "6.183.1"
},
{
"model": "open systems snapvault",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.6"
},
{
"model": "8.4-release-p4",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "aura application server sip core pb5",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53003.0"
},
{
"model": "view client",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "4.0"
},
{
"model": "host agent for oncommand core package",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "mcp russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "66000"
},
{
"model": "storevirtual 1tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "network connect",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.0.0.12141"
},
{
"model": "real-time compression appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.9.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.159"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "ecns610 v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.24"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.93"
},
{
"model": "color laserjet printer series q7495a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "470046.230.6"
},
{
"model": "a6600 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "netezza platform software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.817"
},
{
"model": "laserjet enterprise m602 series ce991a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6000"
},
{
"model": "f5000 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "color laserjet cm6030 multifunction printer ce664a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "52.256.1"
},
{
"model": "9.2-release-p8",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.1"
},
{
"model": "color laserjet enterprise cp4025 cc489a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "network connect 7.4r9.1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "vcsa",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.0"
},
{
"model": "idataplex dx360 m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "79130"
},
{
"model": "protection service for email",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "7.5"
},
{
"model": "color laserjet cp3525 cc471a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "6.183.1"
},
{
"model": "laserjet enterprise flow mfp m525c cf118a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "junos r11",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1"
},
{
"model": "proventia network security controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.913"
},
{
"model": "laserjet enterprise color flow mfp m575c cd646a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "laserjet m3035 multifunction printer cb415a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "48.306.1"
},
{
"model": "junos 10.4s13",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.0"
},
{
"model": "data ontap",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "7.3"
},
{
"model": "laserjet cm3530 multifunction printer cc520a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "48.306.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.7"
},
{
"model": "sdn for virtual environments",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.0"
},
{
"model": "oceanstor s5600t v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.2"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x47"
},
{
"model": "espace iad v300r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.44"
},
{
"model": "color laserjet cp5525 ce708a 2302963 436070",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "cognos express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"model": "pk family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1810v10"
},
{
"model": "color laserjet cp6015 q3935a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "3par service processor sp-4.2.0.ga-29.p002",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "3.1.10"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1"
},
{
"model": "telepresence server on virtual machine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "laserjet enterprise m602 series ce993a 2302963 436082",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "600"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.126"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.5-2"
},
{
"model": "laserjet m4345 multifunction printer cb427a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "48.306.1"
},
{
"model": "open systems snapvault",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.6.1"
},
{
"model": "laserjet p4515 cb517a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "1.9"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "color laserjet cp5525 ce709a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "laserjet m5025 multifunction printer q7840a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.12"
},
{
"model": "oceanstor s5800t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.2"
},
{
"model": "security network intrusion prevention system gx4002",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "oceanstor s5800t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "color laserjet cp6015 q3933a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "bladesystem c-class virtual connect",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.20"
},
{
"model": "color laserjet flow m680 cz250a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "junos 11.4r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "vdi communicator",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0.2"
},
{
"model": "color laserjet cp3505 printer series cb444a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "3.160.2"
},
{
"model": "xenclient enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "4.5.3"
},
{
"model": "icewall sso dfw r3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.10"
},
{
"model": "web security gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "websense",
"version": "7.7"
},
{
"model": "color laserjet printer series cb432a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "470046.230.6"
},
{
"model": "cognos express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "horizon view client",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.3.1"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.7.0"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.0.00"
},
{
"model": "color laserjet multifunction printer series q7519a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "400046.380.3"
},
{
"model": "telepresence tx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90006.1.20"
},
{
"model": "flashsystem 9848-ae1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "840"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.2"
},
{
"model": "malware analysis appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "bluecoat",
"version": "4.2.3"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.31"
},
{
"model": "flex system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.2"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.2"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.00"
},
{
"model": "proxysg sgos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.5.6.2"
},
{
"model": "junos os 12.1x47-d15",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.25"
},
{
"model": "junos 13.1r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "vfabric application director",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.0"
},
{
"model": "storevirtual 3tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "tandberg mxp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9900"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.10"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.3"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.1.2"
},
{
"model": "cloud service automation",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.00"
},
{
"model": "d9036 modular encoding platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cluster network/management switches",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "vma san gateway g5.5.1",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "flex system p260 compute node /fc efd9",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "10.0-rc1-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.0.92743"
},
{
"model": "system storage ts2900 tape library",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0025"
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8300"
},
{
"model": "color laserjet cm6040 multifunction printer q3938a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.0"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "chargeback manager",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.6"
},
{
"model": "fortianalyzer",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2"
},
{
"model": "color laserjet m651 cz258a 2302963 436073",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "power",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5950"
},
{
"model": "tivoli netcool/system service monitor fp7",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "vdi-in-a-box",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.3.4"
},
{
"model": "sterling b2b integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "flex system p260",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7895-22x)0"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"model": "tssc",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.15"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "0.9.7"
},
{
"model": "secblade fw family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "winscp",
"scope": "eq",
"trust": 0.3,
"vendor": "winscp",
"version": "5.5.3"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.42"
},
{
"model": "icewall mcrp",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"model": "guardium database activity monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"model": "bbm for iphone",
"scope": "ne",
"trust": 0.3,
"vendor": "rim",
"version": "2.2.1.24"
},
{
"model": "vsphere sdk for perl",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5"
},
{
"model": "laserjet enterprise color mfp m880 a2w76a 2302963 436068",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "800"
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "31.0.1650.59"
},
{
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.2.1"
},
{
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "project openssl 0.9.8s",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"model": "telepresence serial gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "uacos c4.4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "linerate",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "1.6"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "elog v100r003c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2"
},
{
"model": "proxysg sgos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.2"
},
{
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.3.0"
},
{
"model": "ata series analog telephone adaptor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1900"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.5"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.7"
},
{
"model": "flare experience for ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.2.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.125"
},
{
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.0.9.8"
},
{
"model": "laserjet enterprise p3015 ce528a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.186.1"
},
{
"model": "junos space",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "1.3"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89610"
},
{
"model": "idol speech software",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "10.7"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "color laserjet enterprise cp4525 cc494a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.7"
},
{
"model": "vcenter operations manager",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.8.1"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5.0"
},
{
"model": "storevirtual hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.5"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "1.9.5"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.30"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.51"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364160"
},
{
"model": "fortianalyzer",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.4"
},
{
"model": "prime lan management solution",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "msr50 g2 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5"
},
{
"model": "flex system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.4"
},
{
"model": "big-ip edge clients for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "7080"
},
{
"model": "dgs-1500-52",
"scope": "eq",
"trust": 0.3,
"vendor": "d link",
"version": "2.51.005"
},
{
"model": "junos 11.4r6-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "laserjet m9040 multifunction printer cc394a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "cms r17ac.h",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.1"
},
{
"model": "color laserjet cp3525 cc470a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "storevirtual 1tb mdl china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.122"
},
{
"model": "laserjet pro color printer m251n/nw cf146a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "20020140919"
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.1"
},
{
"model": "laserjet printer series q5401a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "42508.250.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.47"
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.0.10"
},
{
"model": "ucs central",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "power ps703 blade",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7891-73x)0"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "3.3.1"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.36"
},
{
"model": "system storage ts3400 tape library",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0039"
},
{
"model": "dynamic system analysis",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.60"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.6"
},
{
"model": "s7700\u0026s9700 v200r003",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "flex system p460 compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7895-43x)0"
},
{
"model": "update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.1"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.3"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "1.0.6"
},
{
"model": "sterling connect:direct for microsoft windows",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.7"
},
{
"model": "openvpn",
"scope": "ne",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.3.4"
},
{
"model": "junos 12.1x44-d32",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "splunk",
"scope": "ne",
"trust": 0.3,
"vendor": "splunk",
"version": "6.1.2"
},
{
"model": "freedome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "0"
},
{
"model": "fortios b0630",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.8"
},
{
"model": "proventia network security controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1768"
},
{
"model": "nac guest server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.00"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.60"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "8.4"
},
{
"model": "dsr-1000n 1.09.b61",
"scope": "ne",
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "unity connection",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project metasploit framework",
"scope": "eq",
"trust": 0.3,
"vendor": "metasploit",
"version": "4.1.0"
},
{
"model": "oncommand unified manager host package",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.1"
},
{
"model": "oceanstor s2200t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "web security",
"scope": "eq",
"trust": 0.3,
"vendor": "websense",
"version": "7.7"
},
{
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"model": "icewall sso dfw r1",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0"
},
{
"model": "vdi-in-a-box",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.4.1"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.10"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.1"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.14"
},
{
"model": "security enterprise scanner",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3"
},
{
"model": "spa232d multi-line dect ata",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "policy center v100r003c00spc305",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.1"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5600v19.7"
},
{
"model": "bladesystem c-class onboard administrator",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.11"
},
{
"model": "infosphere guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"model": "flex system p270 compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7954-24x)0"
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "58200"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.52"
},
{
"model": "laserjet pro m401a/d/dn/dnw/dw/n cf285a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "40020150212"
},
{
"model": "crossbow",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "system x3650m2 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "79471.42"
},
{
"model": "vdi-in-a-box",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.3.0"
},
{
"model": "system x3200m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "73281.42"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.16"
},
{
"model": "ios software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "i v5r4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.39"
},
{
"model": "ios xe software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vcenter server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.1"
},
{
"model": "color laserjet cm6040 multifunction printer q3939a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32400"
},
{
"model": "color laserjet cp6015 q3933a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4.203.1"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "integrated management module ii",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.76"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1"
},
{
"model": "10.0-release-p5",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "laserjet m3027 multifunction printer cc479a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "junos space",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "11.1"
},
{
"model": "laserjet multifunction printer series q3942a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "43459.310.2"
},
{
"model": "crossbow",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "4.2.3"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "9.2"
},
{
"model": "junos 10.4s14",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "oncommand unified manager core package",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.25"
},
{
"model": "storevirtual 600gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413011.5"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "laserjet m4345 multifunction printer cb428a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "48.306.1"
},
{
"model": "storevirtual 2tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "fortiweb",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.1"
},
{
"model": "anyconnect secure mobility client for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "uacos c4.4r11.1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "dsr-500n 1.09.b61",
"scope": "ne",
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "color laserjet m651 cz255a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "unified contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.1.16"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.8"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.11"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "storeever msl6480 tape library",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4.40"
},
{
"model": "msr3000 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "video surveillance series ip camera",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40000"
},
{
"model": "tivoli endpoint manager for remote control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "10.0"
},
{
"model": "color laserjet enterprise m750 d3l09a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "anyconnect secure mobility client for desktop platforms",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos space 13.1r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.013"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.2"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.3"
},
{
"model": "laserjet enterprise color m855 a2w79a 2302963 436076",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "800"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.67"
},
{
"model": "filenet system monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"model": "spa510 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "operations automation",
"scope": "eq",
"trust": 0.3,
"vendor": "parallels",
"version": "5.4"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.20"
},
{
"model": "4800g switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "junos 12.1x44-d34",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "flex system p460",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7895-43x)0"
},
{
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "4.3.7"
},
{
"model": "fortimail",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.4"
},
{
"model": "idp 4.1r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10"
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.00"
},
{
"model": "storevirtual vsa software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.5"
},
{
"model": "storevirtual 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "tivoli endpoint manager for remote control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"model": "usg9500 v200r001c01sph902",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "data ontap smi-s agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.31"
},
{
"model": "laserjet enterprise m4555 mfp ce503a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.11"
},
{
"model": "sylpheed",
"scope": "ne",
"trust": 0.3,
"vendor": "sylpheed",
"version": "3.4.2"
},
{
"model": "host checker",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.3"
},
{
"model": "junos space ja2500 appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "enterprise linux server eus 6.5.z",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "9.0"
},
{
"model": "laserjet m5035 multifunction printer q7831a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.10"
},
{
"model": "business server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "1"
},
{
"model": "prime performance manager for sps",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "receiver",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"model": "storevirtual 4tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5"
},
{
"model": "clustered data ontap antivirus connector",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.2"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "0.9.12"
},
{
"model": "secure work space",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "0"
},
{
"model": "color laserjet cp6015 q3935a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "53.236.1"
},
{
"model": "s7700\u0026s9700 v200r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "87100"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.2"
},
{
"model": "color laserjet cm4730 multifunction printer cb482a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "aura application server sip core",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.0"
},
{
"model": "sterling file gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.37"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "s3900 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.3.0.3"
},
{
"model": "collaboration services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "unified communications widgets click to call",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.16"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.49"
},
{
"model": "color laserjet cp6015 q3933a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "53.236.1"
},
{
"model": "softco v100r003",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.6"
},
{
"model": "enterprise manager ops center",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1.3"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.13"
},
{
"model": "telepresence t series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "unified attendant console advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "idol software",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "10.7"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "9.0.3"
},
{
"model": "puredata system for hadoop",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.02"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "1.0.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "cerberus",
"version": "7.0.0.1"
},
{
"model": "proventia network security controller 1.0.3352m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "idatplex dx360 m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "79130"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5600v310.1"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10000"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.4"
},
{
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.169"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4.1"
},
{
"model": "fastsetup",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.11"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.4"
},
{
"model": "flare experience for ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.26"
},
{
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32100"
},
{
"model": "laserjet printer series q5409a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "43508.250.2"
},
{
"model": "laserjet enterprise mfp m630 series b3g85a 2303714 233000041",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.2"
},
{
"model": "cacheflow",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "3.0"
},
{
"model": "tivoli workload scheduler distributed",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.5-3"
},
{
"model": "color laserjet multifunction printer series cb483a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "400046.380.3"
},
{
"model": "client applications",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.1"
},
{
"model": "jabber for ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "dgs-1500-28p",
"scope": "eq",
"trust": 0.3,
"vendor": "d link",
"version": "2.51.005"
},
{
"model": "security information and event management",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.4"
},
{
"model": "project openssl 0.9.8n",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "junos 11.4r12",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.14"
},
{
"model": "security network intrusion prevention system gx5208",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.1.1"
},
{
"model": "a6600 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "xenclient enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "4.5.1"
},
{
"model": "netscaler",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "9.1"
},
{
"model": "laserjet multifunction printer series q3728a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "9040/90508.290.2"
},
{
"model": "junos space 12.3r2.8",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "system x3650m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "79451.42"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"model": "rational tau",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.36"
},
{
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "color laserjet cp6015 q3932a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4.203.1"
},
{
"model": "operations analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "bcaaa",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.9"
},
{
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"model": "vcloud networking and security",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.1.2"
},
{
"model": "junos space",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.3"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2.4"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.213"
},
{
"model": "vsphere support assistant",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5"
},
{
"model": "endpoint manager for remote control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.0"
},
{
"model": "upward integration modules for microsoft system center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "manageone v100r001c02",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "vcenter server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.0"
},
{
"model": "one-x communicator for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.7"
},
{
"model": "laserjet m4345 multifunction printer cb426a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "48.306.1"
},
{
"model": "storevirtual 1tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "tivoli netcool/system service monitor fp2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "rational tau",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.34"
},
{
"model": "s7700\u0026s9700 v100r006",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "31005.2"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.19"
},
{
"model": "flex system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.1"
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"model": "s6900 v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "14.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.65"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.3"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.1.1"
},
{
"model": "ucs b-series servers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "0.7.4"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.16"
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.011"
},
{
"model": "junos r7",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.3"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.29"
},
{
"model": "storeever msl6480 tape library",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "junos os 11.4r12-s1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "linerate",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.2"
},
{
"model": "3par service processor sp-4.3.0.ga-17.p001",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "laserjet printer series q5407a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "43508.250.2"
},
{
"model": "laserjet enterprise color mfp m880 a2w76a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8000"
},
{
"model": "client applications",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.28"
},
{
"model": "storevirtual hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.6"
},
{
"model": "laserjet enterprise color m775 series cc524a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7000"
},
{
"model": "universal small cell series software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50003.4.2.0"
},
{
"model": "laserjet p4515 cb515a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "cloudburst",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "junos 12.1r9",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "junos 11.4r10-s1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "firepass",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.45"
},
{
"model": "junos 12.1x46-d20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "cit",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.41"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.116"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.73"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.4"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.67"
},
{
"model": "junos 12.2r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.2"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.11"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "vdi-in-a-box",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.3.1"
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.015"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9"
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.09"
},
{
"model": "sbr carrier 8.0.0-r2",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "documentum content server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "fortiweb",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.1.1"
},
{
"model": "malware analysis appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "4.2"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.2"
},
{
"model": "storevirtual 4tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "security analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "7.0"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "77109.7"
},
{
"model": "laserjet pro m401a/d/dn/dnw/dw/n cf399a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "40020150212"
},
{
"model": "color laserjet cp3525 cc469a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "6.183.1"
},
{
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.4.1"
},
{
"model": "guardium database activity monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "quantum policy suite",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "laserjet enterprise color m775 series cc522a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7000"
},
{
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "msr20 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.0"
},
{
"model": "forticlient",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "3.0.614"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "asset manager 9.41.p1",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"model": "cloudsystem enterprise software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0.2"
},
{
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "5.0.6"
},
{
"model": "cognos tm1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.57"
},
{
"model": "msr1000 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.88"
},
{
"model": "proxysgos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.3"
},
{
"model": "9.2-rc2-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "utm manager",
"scope": "eq",
"trust": 0.3,
"vendor": "sophos",
"version": "4.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.51"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.5"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.9"
},
{
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.0"
},
{
"model": "tivoli netcool/system service monitor fp10",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.3"
},
{
"model": "cloud server",
"scope": "eq",
"trust": 0.3,
"vendor": "parallels",
"version": "6.0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.16"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "system x3630m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "73771.42"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "10.0.2"
},
{
"model": "rational build forge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "bladesystem c-class onboard administrator",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4.22"
},
{
"model": "fortirecorder",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "1.4.1"
},
{
"model": "enterprise linux long life 5.9.server",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "tssc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "powerlinux 7r4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "vcenter chargeback manager",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.6"
},
{
"model": "network connect",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.1.0.18193"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "463012.0"
},
{
"model": "storevirtual china hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.6"
},
{
"model": "color laserjet cp6015 q3931a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4.203.1"
},
{
"model": "system dx360m2 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "73211.42"
},
{
"model": "telepresence mxp series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "blackberry enterprise service",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1.2"
},
{
"model": "infosphere balanced warehouse c4000",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "fusion",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.123"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.7"
},
{
"model": "upward integration modules for vmware vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.2"
},
{
"model": "jetdirect ew2500 802.11b/g wireless print server j8021a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "41.16"
},
{
"model": "cit",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.53"
},
{
"model": "color laserjet cm4730 multifunction printer cb483a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "50.286.1"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "3.1"
},
{
"model": "junos r2-s2",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "13.3"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.6"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.12"
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7900.00"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.50"
},
{
"model": "project metasploit framework",
"scope": "eq",
"trust": 0.3,
"vendor": "metasploit",
"version": "4.9.1"
},
{
"model": "client connector",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "1.0"
},
{
"model": "smart update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.4"
},
{
"model": "integrated management module ii",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.91"
},
{
"model": "laserjet enterprise m4555 mfp ce738a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "junos os 12.2r9",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "color laserjet cm4730 multifunction printer cb480a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "50.286.1"
},
{
"model": "flare experience for ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.2.2"
},
{
"model": "xenclient enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "4.1.4"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4"
},
{
"model": "communicator for ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "lifetime key management appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "bladesystem c-class onboard administrator",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.20"
},
{
"model": "vix api",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.12"
},
{
"model": "srg1200\u00262200\u00263200 v100r002c02spc800",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "telepresence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70100"
},
{
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"model": "ei switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "51200"
},
{
"model": "color laserjet cm4730 multifunction printer cb481a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "50.286.1"
},
{
"model": "laserjet pro m401a/d/dn/dnw/dw/n cf270a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "40020150212"
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1"
},
{
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "winscp",
"scope": "eq",
"trust": 0.3,
"vendor": "winscp",
"version": "5.1"
},
{
"model": "junos space",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "13.3"
},
{
"model": "infosphere guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.5"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "laserjet enterprise color m855 a2w78a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8000"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.15"
},
{
"model": "message networking sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.2"
},
{
"model": "strm",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "2012.1"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.26"
},
{
"model": "prime data center network manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 1tb mdl china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "infosphere balanced warehouse d5100",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "cc v200r001c31",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "cognos tm1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2"
},
{
"model": "junos 13.2r2-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.1r8",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 11.1r5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "s12700 v200r005+v200r005hp0",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "xenmobile app controller",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "2.10"
},
{
"model": "websphere datapower xml accelerator xa35",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.0"
},
{
"model": "laserjet enterprise color m775 series cc523a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7000"
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.0.10648"
},
{
"model": "laserjet p4014 cb507a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "xenmobile app controller",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "2.9"
},
{
"model": "database and middleware automation",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.10"
},
{
"model": "oceanstor s5500t v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1.0"
},
{
"model": "8.0-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "software development kit",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual china hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.6"
},
{
"model": "netscaler build",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "8.047.8"
},
{
"model": "enterprise linux server eus 6.4.z",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "vcd",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.11"
},
{
"model": "security information and event management hf3",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.1.4"
},
{
"model": "laserjet enterprise color m551 series cf083a 2302963 436083",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "500"
},
{
"model": "websphere datapower soa appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1.2"
},
{
"model": "documentum content server sp2 p13",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "enterprise server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "icewall sso dfw r2",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.5"
},
{
"model": "agent desktop for cisco unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "laserjet p2055 printer series ce456a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "20141201"
},
{
"model": "messaging secure gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "7.1"
},
{
"model": "oneview",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.01"
},
{
"model": "9250c digital sender cb472a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "i v5r4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "smart update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0.0"
},
{
"model": "cognos metrics manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"model": "one-x client enablement services sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "netiq admininstration console server",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "0"
},
{
"model": "director",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.1.131"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "s2750\u0026s5700\u0026s6700 v200r005+v200r005hp0",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "41005.1.2"
},
{
"model": "sparc m10-4",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "0"
},
{
"model": "junos 13.3r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.6"
},
{
"model": "software foundation python",
"scope": "eq",
"trust": 0.3,
"vendor": "python",
"version": "3.5"
},
{
"model": "power express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7100"
},
{
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "laserjet enterprise color m855 a2w79a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8000"
},
{
"model": "netscaler",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "10.0-76.7"
},
{
"model": "bbm for iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "0"
},
{
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.0.4"
},
{
"model": "anyconnect secure mobility client",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.3"
},
{
"model": "documentum content server sp2 p14",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.6"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.3.8.3"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.1"
},
{
"model": "color laserjet cp6015 q3934a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "tivoli endpoint manager for remote control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "flex system enterprise chassis",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8721"
},
{
"model": "color laserjet m651 cz257a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "director",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.0"
},
{
"model": "laserjet enterprise m4555 mfp ce502a 2302963 436064",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "vsphere virtual disk development kit",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5"
},
{
"model": "ive os 8.0r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "system storage ts2900 tape librray",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "0033"
},
{
"model": "laserjet enterprise m4555 mfp ce504a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.6"
},
{
"model": "laserjet cm3530 multifunction printer cc519a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.0.9"
},
{
"model": "ecns600 v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "netscaler",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "10.0-77.5"
},
{
"model": "web gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.4.2.1"
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.3"
},
{
"model": "junos space",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "11.3"
},
{
"model": "laserjet p3005 printer series q7816a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.190.3"
},
{
"model": "jabber voice for iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.6"
},
{
"model": "9.3-prerelease",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "unified ip conference phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"model": "project openssl 1.0.0e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "junos os 12.1x46-d25",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "laserjet p4515 cb516a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4.213.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.172"
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"model": "aura application server sip core pb19",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.0"
},
{
"model": "bladecenter js22",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7998-61x)0"
},
{
"model": "storevirtual 450gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.15"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.65"
},
{
"model": "executive scorecard",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.41"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.5"
},
{
"model": "8.4-releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "infosphere balanced warehouse c3000",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "4.3.6"
},
{
"model": "esxi",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6.4"
},
{
"model": "junos 12.3r7",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security network intrusion prevention system gx7800",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "security manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "uacos c5.0",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "strm/jsa",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "2013.2"
},
{
"model": "junos 12.3r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "z/tpf",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.10"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.40"
},
{
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"model": "laserjet enterprise color mfp m880 d7p70a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8000"
},
{
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "storevirtual 1tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "storevirtual hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.0"
},
{
"model": "laserjet p4515 cb514a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.2.0.9"
},
{
"model": "puredata system for operational analytics a1791",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "dsm v100r002c05spc615",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.6"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.55"
},
{
"model": "system x3400m2 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "78361.42"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.2"
},
{
"model": "fortirecorder",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "1.5"
},
{
"model": "project openssl 0.9.8t",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "cognos insight standalone fp1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "vdi communicator",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "bladecenter js23",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7778-23x)0"
},
{
"model": "winscp",
"scope": "eq",
"trust": 0.3,
"vendor": "winscp",
"version": "5.1.5"
},
{
"model": "hosted collaboration mediation fulfillment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.0"
},
{
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "msa storage gl200r007",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2040"
},
{
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "icewall sso certd r3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0"
},
{
"model": "command view server based management",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.3.2"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "laserjet printer series q7697a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "9040/90508.260.3"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.161"
},
{
"model": "storevirtual vsa software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "12.5"
},
{
"model": "paging server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "xenclient enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.0.6"
},
{
"model": "fortigate",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.5"
},
{
"model": "data ontap smi-s agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.2"
},
{
"model": "9500e family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"model": "ace application control engine module ace20",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "laserjet enterprise m712 series cf235a 2302963 436080",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "700"
},
{
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"model": "fortisandbox build",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "1.3.086"
},
{
"model": "hyperdp oceanstor n8500 v200r001c09",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.2"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.0.4"
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "23.0.1271.94"
},
{
"model": "agent desktop for cisco unified contact center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"model": "vcenter site recovery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.0.31"
},
{
"model": "dgs-1210-28p",
"scope": "eq",
"trust": 0.3,
"vendor": "d link",
"version": "4.00.043"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11000"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.75"
},
{
"model": "color laserjet m680 cz248a 2302963 436072",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.91"
},
{
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "14.04"
},
{
"model": "ape",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "hyperdp v200r001c91spc201",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x330073820"
},
{
"model": "asset manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.40"
},
{
"model": "unified attendant console",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "dsr-500 1.09.b61",
"scope": "ne",
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "netscaler",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "9.3-64.4"
},
{
"model": "s3900 v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "oceanstor s5600t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.19"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.1"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1"
},
{
"model": "enterprise linux server eus 6.3.z",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "6.0"
},
{
"model": "junos 10.2r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0.10.140.0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.32"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.6"
},
{
"model": "xenclient enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "4.1.3"
},
{
"model": "data ontap",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "6.5"
},
{
"model": "storevirtual 2tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "laserjet p3005 printer series q7814a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.190.3"
},
{
"model": "ace application control engine module ace10",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5600v110.1"
},
{
"model": "rox",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "20"
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "36100"
},
{
"model": "ive os 7.4r8",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.21"
},
{
"model": "hi switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "55000"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.7"
},
{
"model": "laserjet enterprise m4555 mfp ce503a 2302963 436064",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "msr9xx family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "vcenter site recovery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.1.1"
},
{
"model": "nsx for multi-hypervisor",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "4.1.2"
},
{
"model": "laserjet printer series q7698a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "9040/90508.260.3"
},
{
"model": "sbr enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.17"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.63"
},
{
"model": "aura system manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "junos os 13.3r2-s3",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "tivoli workload scheduler distributed fp07",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4"
},
{
"model": "msr30 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "scale out network attached storage",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.3.3"
},
{
"model": "smart update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3.1"
},
{
"model": "manageone v100r002c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "2.0.4"
},
{
"model": "data ontap",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "7.0.2"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "463011.5"
},
{
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x375087330"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.20"
},
{
"model": "esight-ewl v300r001c10spc300",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ave2000 v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "color laserjet enterprise cp4525 cc493a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.164.1"
},
{
"model": "executive scorecard",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.40"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.22"
},
{
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.0.2"
},
{
"model": "websphere datapower b2b appliance xb62",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "laserjet multifunction printer series q3726a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "9040/90508.290.2"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "9.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.82"
},
{
"model": "color laserjet cp4005 printer series cb504a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "46.230.6"
},
{
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "4.3.1"
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1"
},
{
"model": "netscaler",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "10.0.74.4"
},
{
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "junos space 12.3p2.8",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.85"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.60"
},
{
"model": "pulse desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.0"
},
{
"model": "rational insight ifix1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1"
},
{
"model": "fortios",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.8"
},
{
"model": "netezza platform software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.12"
},
{
"model": "tivoli workload scheduler distributed fp02",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"model": "telepresence integrator c series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "laserjet m4345 multifunction printer cb425a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "48.306.1"
},
{
"model": "8.4-prerelease",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.1"
},
{
"model": "laserjet enterprise m602 series ce991a 2302963 436082",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "600"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"model": "malware analysis appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "bluecoat",
"version": "4.1.2"
},
{
"model": "usg9300 v200r001c01sph902",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "clearpass",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.1.0"
},
{
"model": "xenclient enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.0.5"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0.9.126.0"
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "anyoffice v200r002c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "digital media players series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "43000"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"model": "color laserjet flow m680 ca251a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "5.0.4"
},
{
"model": "splunk",
"scope": "ne",
"trust": 0.3,
"vendor": "splunk",
"version": "5.0.9"
},
{
"model": "cacheflow",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "2.0"
},
{
"model": "aura session manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "31005.1.1"
},
{
"model": "bbm for android",
"scope": "ne",
"trust": 0.3,
"vendor": "rim",
"version": "2.2.1.40"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "13.10"
},
{
"model": "virtual automation",
"scope": "eq",
"trust": 0.3,
"vendor": "parallels",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.68"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.0.0"
},
{
"model": "color laserjet enterprise cp4025 cc490a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.34"
},
{
"model": "snapdrive for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"model": "ds8870",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.50"
},
{
"model": "color laserjet multifunction printer series cb481a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "400046.380.3"
},
{
"model": "laserjet printer series q7545a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "52008.241"
},
{
"model": "junos 13.2r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.2143"
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "19100"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.1"
},
{
"model": "usg9500 usg9500 v300r001c20",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "laserjet printer series q5406a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "43508.250.2"
},
{
"model": "espace u2990 v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "forticlient build",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2.0591"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.34"
},
{
"model": "studio",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.60"
},
{
"model": "aura conferencing sp1 standard",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "laserjet enterprise mfp m525f cf116a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5000"
},
{
"model": "color laserjet cp3525 cc468a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "cloudplatform",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "4.2"
},
{
"model": "telepresence isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32410"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.2.3"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.10"
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "66020"
},
{
"model": "ssl visibility",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "3.6"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "11.4x27.62"
},
{
"model": "system m5 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x310054570"
},
{
"model": "vcd",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.1.3"
},
{
"model": "9.0-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.4.0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.8"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.4"
},
{
"model": "telepresence ex series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "one-x mobile ces for iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "junos os 13.3r3",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "59200"
},
{
"model": "security analytics platform",
"scope": "ne",
"trust": 0.3,
"vendor": "bluecoat",
"version": "7.1.3"
},
{
"model": "oceanstor s6800t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "management center",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "1.1"
},
{
"model": "manageone v100r001c02 spc901",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos 11.4r10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security information and event management",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.2"
},
{
"model": "xiv storage system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "281011.4"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.20"
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.6"
},
{
"model": "junos 12.1x45-d20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1.1"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "system x3500m2 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "78391.42"
},
{
"model": "utm",
"scope": "eq",
"trust": 0.3,
"vendor": "sophos",
"version": "9.2"
},
{
"model": "oceanstor s2600t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "color laserjet cp5525 ce707a 2302963 436070",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "enterprise linux els",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v3500-"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.26"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.13"
},
{
"model": "email and server security",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "11.00"
},
{
"model": "color laserjet cm6030 multifunction printer ce664a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "isoc v200r001c02spc202",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "9000"
},
{
"model": "psb email and server security",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "9.20"
},
{
"model": "color laserjet cp3525 cc471a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "storevirtual 2tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "9.2-release-p4",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "chrome os",
"scope": "ne",
"trust": 0.3,
"vendor": "google",
"version": "35.0.1916.155"
},
{
"model": "ons series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154000"
},
{
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "4.3.5"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.2"
},
{
"model": "unified intelligent contact management enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos space r1.8",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "13.1"
},
{
"model": "clearpass",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.1.4"
},
{
"model": "webapp secure",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "anyconnect secure mobility client for ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"model": "security threat response manager",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "2013.2"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "0.9.11"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.70"
},
{
"model": "utm",
"scope": "eq",
"trust": 0.3,
"vendor": "sophos",
"version": "8.3"
},
{
"model": "aura system manager sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "policy center v100r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x357087180"
},
{
"model": "laserjet enterprise p3015 ce526a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.50"
},
{
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.0"
},
{
"model": "websphere datapower soa appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.0.14"
},
{
"model": "junos 12.3r4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1"
},
{
"model": "director",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.4"
},
{
"model": "color laserjet cp6015 q3934a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "53.236.1"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.2.170"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v3700-"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.92"
},
{
"model": "colorqube ps",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "88704.76.0"
},
{
"model": "web security gateway anywhere",
"scope": "eq",
"trust": 0.3,
"vendor": "websense",
"version": "7.8.1"
},
{
"model": "updatexpress system packs installer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.60"
},
{
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "oncommand unified manager core package",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "5.0"
},
{
"model": "sterling connect:direct for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.0"
},
{
"model": "video surveillance 4300e/4500e high-definition ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smart update manager",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "6.4.1"
},
{
"model": "director",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.1"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.21"
},
{
"model": "system type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3950x638370"
},
{
"model": "vdi-in-a-box",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.3.6"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.85"
},
{
"model": "one-x communicator for mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "x1.0"
},
{
"model": "color laserjet multifunction printer series cb480a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "400046.380.3"
},
{
"model": "vm virtualbox 4.2.0-rc3",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "color laserjet cm4540 mfp cc421a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "xenclient enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "4.5.2"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.50"
},
{
"model": "color laserjet multifunction printer series cb482a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "400046.380.3"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.16"
},
{
"model": "sdn for virtual environments",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1"
},
{
"model": "laserjet multifunction printer series q3944a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "43459.310.2"
},
{
"model": "watson explorer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.3"
},
{
"model": "jabber video for ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 12.1x44-d26",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos os 13.2r5",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "communications policy management",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.51"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.8"
},
{
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.5"
},
{
"model": "jboss enterprise application platform",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5.2"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2.2"
},
{
"model": "junos 10.4r14",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "51005.1"
},
{
"model": "laserjet printer series q5403a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "42508.250.2"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "junos space",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "1.4"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.56"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"model": "webex connect client for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vcsa",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.343"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.12"
},
{
"model": "color laserjet printer series q5982a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "380046.80.8"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.4"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.4"
},
{
"model": "junos pulse 4.0r5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.1.12"
},
{
"model": "cognos planning fp3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"model": "junos -d10",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x46"
},
{
"model": "p2 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1810v10"
},
{
"model": "fortiauthenticator",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "3.0.2"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.28"
},
{
"model": "junos space 13.1r1.6",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "view client",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.3.1"
},
{
"model": "junos 10.0s25",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 10.4r6",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "email and server security",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "10.00"
},
{
"model": "system dx360m2 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "73251.42"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.13"
},
{
"model": "rational tau",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "softco v200r001c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.52"
},
{
"model": "xenclient enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.0.3"
},
{
"model": "color laserjet cm6040 multifunction printer q3939a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "52.256.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.18"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.28"
},
{
"model": "junos 10.4r11",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.6"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "5.1"
},
{
"model": "vsphere storage appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.1.3"
},
{
"model": "laserjet p4015 cb511a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4.213.1"
},
{
"model": "junos space",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "2.0"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "2.0.1"
},
{
"model": "flare experience for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1.2"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.17"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.18"
},
{
"model": "junos 12.3r4-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.36"
},
{
"model": "agile controller v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "nip2000\u00265000 v100r002c10hp0001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "tapi service provider",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.29"
},
{
"model": "datafort s-series",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.4"
},
{
"model": "core",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "junos r5",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "13.2"
},
{
"model": "russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "66020"
},
{
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"model": "management center",
"scope": "ne",
"trust": 0.3,
"vendor": "bluecoat",
"version": "1.2.1.1"
},
{
"model": "laserjet pro m401a/d/dn/dnw/dw/n cf274a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "40020150212"
},
{
"model": "telepresence isdn gw mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83210"
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smc2.0 v100r002c01b017sp16",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.0"
},
{
"model": "blackberry link",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "1.2"
},
{
"model": "msr20-1x family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.77"
},
{
"model": "8.0-rc1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "aura conferencing standard",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.17"
},
{
"model": "one-x mobile ces for android",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.1.4"
},
{
"model": "system x3650m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "54541.42"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.0.7"
},
{
"model": "physical access gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system m5 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x325054580"
},
{
"model": "cognos insight standalone",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2"
},
{
"model": "session border controller enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.4"
},
{
"model": "junos 11.4r5-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "ive os 8.0r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89410"
},
{
"model": "project openssl 0.9.8u",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "isoc v200r001c01spc101",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "5000"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1"
},
{
"model": "prime network registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.13"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.36"
},
{
"model": "junos os 12.1x44-d40",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "watson explorer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.0"
},
{
"model": "fortiweb",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.3.1"
},
{
"model": "power",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7600"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3.1"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "31005.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.114"
},
{
"model": "real-time compression appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.8.106"
},
{
"model": "lifetime key management software",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "security access manager for web appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "vcenter converter standalone",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.1"
},
{
"model": "color laserjet cm4730 multifunction printer cb482a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "50.286.1"
},
{
"model": "10.0-beta",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "32.0.1700.95"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.22"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"model": "horizon workspace server gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.8.1"
},
{
"model": "documentum content server p06",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.0.3"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.89"
},
{
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "junos 12.1r8-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl 1.0.0d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "prime network analysis module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6"
},
{
"model": "project openssl 1.0.1e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.07"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.56"
},
{
"model": "laserjet multifunction printer series q3945a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "43459.310.2"
},
{
"model": "websphere datapower xml accelerator xa35",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.0.15"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "executive scorecard",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.5"
},
{
"model": "bladesystem c-class onboard administrator",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.21"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "0.9.6"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.14"
},
{
"model": "xenclient enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.0.4"
},
{
"model": "isoc v200r001c00spc202",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "3000"
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "60000"
},
{
"model": "one-x client enablement services sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "small business isa500 series integrated security appliances",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "flare experience for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1.1"
},
{
"model": "integrated management module ii",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.21"
},
{
"model": "netiq identity server",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "0"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "color laserjet enterprise cp4525 cc495a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.164.1"
},
{
"model": "junos 12.3r5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.80"
},
{
"model": "winscp",
"scope": "eq",
"trust": 0.3,
"vendor": "winscp",
"version": "5.5.2"
},
{
"model": "real-time compression appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.9.107"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.28"
},
{
"model": "storevirtual hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433511.5"
},
{
"model": "systems insight manager 7.3.0a",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "flex system p260 compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7895-23x)0"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "laserjet enterprise mfp m630 series b3g84a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.4"
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.2"
},
{
"model": "sterling connect:enterprise for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.5"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.3"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"model": "vcsa",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5"
},
{
"model": "color laserjet enterprise m750 d3l10a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.27"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.170"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.1"
},
{
"model": "idp 4.1r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "horizon workspace client for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.8.1"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.20"
},
{
"model": "big-iq device",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"model": "xenclient enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "4.1"
},
{
"model": "real-time compression appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.2"
},
{
"model": "laserjet m3035 multifunction printer cc476a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "48.306.1"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "laserjet enterprise flow m830z mfp cf367a 2302963 436071",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "usg9500 usg9500 v300r001c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "power",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5750"
},
{
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "config advisor",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "color laserjet cm4540 mfp cc420a 2302963 436067",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "color laserjet enterprise cp4525 cc494a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.164.1"
},
{
"model": "laserjet enterprise mfp m725 cf067a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "color laserjet printer series q7492a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "470046.230.6"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.0.9"
},
{
"model": "eucalyptus",
"scope": "eq",
"trust": 0.3,
"vendor": "eucalyptus",
"version": "4.0"
},
{
"model": "tandberg codian mse model",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83200"
},
{
"model": "uma v200r001c00spc200",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "color laserjet m680 cz249a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "laserjet m3035 multifunction printer cc477a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "isoc v200r001c00",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "3000"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.1.0"
},
{
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "fortimanager",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2"
},
{
"model": "simatic wincc oa",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "3.12"
},
{
"model": "forticlient",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.10"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.22"
},
{
"model": "eupp v100r001c10spc002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "rox",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "10"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.8"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.0"
},
{
"model": "websphere datapower low latency appliance xm70",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.0.15"
},
{
"model": "project openssl 0.9.8m",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "cognos insight standalone fp2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"model": "oncommand balance",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "5.0"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "f1000a and s family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "rational application developer for websphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "stunnel",
"scope": "ne",
"trust": 0.3,
"vendor": "stunnel",
"version": "5.02"
},
{
"model": "u200a and m family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.57"
},
{
"model": "sbr carrier",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.6"
},
{
"model": "flex system fc5022",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "850/8700"
},
{
"model": "officejet enterprise color c2s12a 2302963 436074",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "x555"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.0"
},
{
"model": "initiate master data service patient hub",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "storevirtual china hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433511.5"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70000"
},
{
"model": "cognos tm1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5.2.3"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.11"
},
{
"model": "vdi-in-a-box",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.4.2"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "oceanstor s5500t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "videoscape anyres live",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.66"
},
{
"model": "junos d20",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x46"
},
{
"model": "color laserjet cm4540 mfp cc419a 2302963 436067",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.3"
},
{
"model": "storevirtual 450gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.31"
},
{
"model": "vcenter converter standalone",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5"
},
{
"model": "infosphere master data management patient hub",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.4"
},
{
"model": "hsr6602 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "wag310g wireless-g adsl2+ gateway with voip",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "documentum content server p07",
"scope": "ne",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"model": "sterling connect:enterprise for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.44"
},
{
"model": "security threat response manager",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "2012.1"
},
{
"model": "jabber for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "image construction and composition tool",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.1"
},
{
"model": "unified wireless ip phone series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "29200"
},
{
"model": "one-x mobile for blackberry",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "9.5"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.50"
},
{
"model": "9.0-release-p6",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.14"
},
{
"model": "laserjet m4345 multifunction printer cb425a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.0.6"
},
{
"model": "websphere datapower soa appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.07"
},
{
"model": "storevirtual 1tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "ida pro",
"scope": "eq",
"trust": 0.3,
"vendor": "hex ray",
"version": "6.5"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "31.0"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.8"
},
{
"model": "junos space 14.1r1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"model": "upward integration modules for vmware vsphere",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "11.4x27.44"
},
{
"model": "prime optical for sps",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.22"
},
{
"model": "9.2-rc2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "color laserjet m651 cz255a 2302963 436073",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "si switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "51200"
},
{
"model": "scanjet enterprise document capture workstation l2717a 2302963 436065",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "8500"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.19"
},
{
"model": "laserjet p4015 cb510a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4.213.1"
},
{
"model": "flare experience for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1.5"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.99"
},
{
"model": "cognos metrics manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.168"
},
{
"model": "icewall sso agent option",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.02007"
},
{
"model": "cloudsystem foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0.2"
},
{
"model": "9.0-rc3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "junos 13.3r2-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "open systems snapvault",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.41"
},
{
"model": "junos 12.1r5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security network intrusion prevention system gx4004-v2",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "documentum content server",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"model": "vcd",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.6.2"
},
{
"model": "system type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3850x638370"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "smart call home",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "elan",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "8.3.3"
},
{
"model": "oncommand unified manager core package",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "xenclient enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.0.1"
},
{
"model": "project openssl beta5",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.0"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.1.3"
},
{
"model": "laserjet enterprise color mfp m575dn cd645a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5000"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "system x3250m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "42511.42"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.3"
},
{
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.0"
},
{
"model": "laserjet enterprise m806 cz245a 2302963 436075",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "storevirtual 3tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "fortimanager",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "3.0"
},
{
"model": "linerate",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.2.4"
},
{
"model": "suse core for",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9x86"
},
{
"model": "ecns610 v100r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.3"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"model": "junos 13.2r5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "documentum content server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "horizon workspace server data",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.8.1"
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "18.0.1025308"
},
{
"model": "9.0-rc1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.81"
},
{
"model": "storage encryption",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.4"
},
{
"model": "laserjet m3027 multifunction printer cb416a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "48.306.1"
},
{
"model": "storevirtual china hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433511.5"
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "32.0.1700.99"
},
{
"model": "junos 12.3r6",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.108"
},
{
"model": "xenclient enterprise",
"scope": "ne",
"trust": 0.3,
"vendor": "citrix",
"version": "5.1.3"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.13"
},
{
"model": "laserjet enterprise mfp m630 series b3g84a 2303714 233000041",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "netscaler ipmi/lom interface",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"model": "8.4-release-p8",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "msr20 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "colorqube ps",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "85704.76.0"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "0.9.9"
},
{
"model": "oceanstor s6800t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "color laserjet m680 cz249a 2302963 436072",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.62"
},
{
"model": "servicecenter",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"model": "bladesystem c-class virtual connect",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4.30"
},
{
"model": "sparc m10-4s",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "0"
},
{
"model": "fortiauthenticator build",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "3.1.060"
},
{
"model": "laserjet enterprise m601 series ce990a 2302963 436082",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "600"
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "129000"
},
{
"model": "snapdrive for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "vcenter support assistant",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.4"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.14"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "33.0"
},
{
"model": "sbr carrier 7.6.0-r10",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.56"
},
{
"model": "hsr6800 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "laserjet printer series q7552a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "52008.241"
},
{
"model": "scanjet enterprise document capture workstation l2717a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "85000"
},
{
"model": "project openssl 0.9.8m beta1",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.39"
},
{
"model": "clearpass",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.3.0"
},
{
"model": "bladecenter js23/js43",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7778-23x)0"
},
{
"model": "enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.1"
},
{
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "4.3"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.1.185"
},
{
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.2"
},
{
"model": "project openssl 0.9.8q",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.11"
},
{
"model": "laserjet printer series q3721a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "9040/90508.260.3"
},
{
"model": "flex system fabric en4093 10gb scalable switch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.4.0"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.0.5"
},
{
"model": "manageone v100r002c10 spc320",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.10"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.2"
},
{
"model": "svn2200 v200r001c01spc600",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "rational application developer for websphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.0.1"
},
{
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "messagesight server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"model": "secblade iii",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "safe profile",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "0"
},
{
"model": "jabber software development kit",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.79"
},
{
"model": "junos 13.1r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.0"
},
{
"model": "laserjet m5035 multifunction printer q7830a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "48.306.1"
},
{
"model": "jetdirect 640n eio card j8025a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "45.35"
},
{
"model": "junos 13.2r5",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.4"
},
{
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.2.2"
},
{
"model": "vdi-in-a-box",
"scope": "ne",
"trust": 0.3,
"vendor": "citrix",
"version": "5.4.4"
},
{
"model": "itbm standard",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0"
},
{
"model": "websphere datapower soa appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.00"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1.2"
},
{
"model": "ssl for openvms",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.4-467"
},
{
"model": "color laserjet cp3525 cc469a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "junos 13.1r4-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.2"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "3.1.11"
},
{
"model": "fortivoiceos build",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "3.0.3165"
},
{
"model": "laserjet enterprise color m551 series cf082a 2302963 436083",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "500"
},
{
"model": "secure analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "2013.2"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"model": "flare experience for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1.4"
},
{
"model": "eupp v100r001c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2"
},
{
"model": "security network intrusion prevention system gx6116",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "flex system fabric si4093 system interconnect module",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.4.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.17"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "laserjet printer series q3722a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "9040/90508.260.3"
},
{
"model": "sterling connect:direct for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5.00"
},
{
"model": "junos pulse 5.0r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.14"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.22"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "13000"
},
{
"model": "enterprise linux eus 5.9.z server",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "communications policy management",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.7.3"
},
{
"model": "laserjet p4515 cb516a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "linerate",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.2.3"
},
{
"model": "uma-db v2r1coospc101",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "security information and event management hf6",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.2.2"
},
{
"model": "management center",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "1.2"
},
{
"model": "project openssl 0.9.8g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "telepresence exchange system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "datafort management console",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "cms r17",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "usg9300 usg9300 v100r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.05"
},
{
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.2"
},
{
"model": "f1000e family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "7"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.113"
},
{
"model": "laserjet enterprise m601 series ce989a 2302963 436082",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "600"
},
{
"model": "sterling file gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"model": "oncommand unified manager core package 5.2.1p1",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.0"
},
{
"model": "junos 11.4r6.6",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.40"
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "19200"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.3"
},
{
"model": "color laserjet cm4540 mfp cc419a",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7600-"
},
{
"model": "blackberry enterprise service",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1.3"
},
{
"model": "vsphere replication",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.6"
},
{
"model": "espace u2990 v200r001c02",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "msr93x russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.1"
},
{
"model": "airwave",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "0"
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.01"
},
{
"model": "big data extensions",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.1"
},
{
"model": "storevirtual 3tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "junos space 12.3r1.3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "dsr-1000n rev. a1",
"scope": null,
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.19"
},
{
"model": "junos 11.2r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "svn5500 v200r001c01spc600",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "msr50 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.2.0.1055"
},
{
"model": "laserjet m5025 multifunction printer q7840a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "48.306.1"
},
{
"model": "flex system p260 compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7895-22x)0"
},
{
"model": "tivoli netcool/system service monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "snapdrive for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.2"
},
{
"model": "jabber voice for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "onepk all-in-one vm",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "idp 4.2r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "virtuozzo containers for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "parallels",
"version": "4.7"
},
{
"model": "proxysgos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.5"
},
{
"model": "junos 12.1r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "laserjet enterprise m603 series ce994a 2302963 436082",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "600"
},
{
"model": "vsphere support assistant",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.37"
},
{
"model": "airwave",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "7.2"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "laserjet enterprise m806 cz245a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "color laserjet printer series q7493a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "470046.230.6"
},
{
"model": "msr50 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "proxysg sgos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "4.0"
},
{
"model": "linerate",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "1.6.3"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.61"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"model": "tivoli netcool/system service monitor fp6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.41"
},
{
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.6"
},
{
"model": "8.4-rc1-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "junos 10.0s28",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "algo one",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.9"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "isoc v200r001c02",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "9000"
},
{
"model": "aura system manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "color laserjet cp6015 q3931a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "security information and event management",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.1"
},
{
"model": "color laserjet enterprise cp4525 cc493a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "10.0-release-p4",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "1.0.4"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"model": "content analysis system software",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "1.1.4.2"
},
{
"model": "ddos secure",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "utm",
"scope": "eq",
"trust": 0.3,
"vendor": "sophos",
"version": "9.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.40"
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.07"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1183.0"
},
{
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.1"
},
{
"model": "ssl visibility",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "3.7"
},
{
"model": "fortigate build",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2.0589"
},
{
"model": "tivoli storage flashcopy manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.18"
},
{
"model": "junos os 12.3r8",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "cms r17 r3",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "horizon workspace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.8.1"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.0"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "websphere datapower b2b appliance xb62",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1.3"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.10"
},
{
"model": "color laserjet cm6030 multifunction printer ce665a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "52.256.1"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.16"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.5"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.79"
},
{
"model": "manageability sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.0.3"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "10"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.1.13"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "security network intrusion prevention system gx5108",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "fortiwifi",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "0"
},
{
"model": "vcenter server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5"
},
{
"model": "vix api",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.12"
},
{
"model": "storevirtual fc 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.16"
},
{
"model": "junos 5.0r4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5"
},
{
"model": "fortiap",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "0"
},
{
"model": "tivoli workload scheduler for applications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.03"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.33"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.2.3"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "3.1.9"
},
{
"model": "data ontap",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "6.4"
},
{
"model": "storevirtual 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "3.3"
},
{
"model": "web security gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "websense",
"version": "7.8.1"
},
{
"model": "oncommand workflow automation",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "i v5r3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "vsphere replication",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.1"
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.02"
},
{
"model": "clearpass",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.1.3"
},
{
"model": "uacos c5.0r4.1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "laserjet enterprise p3015 ce525a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "junos 13.1r.3-s1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "webex messenger service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "web filter",
"scope": "eq",
"trust": 0.3,
"vendor": "websense",
"version": "7.8.3"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.6"
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "33.0.1750.152"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.1.2"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.6"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.10"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3100v20"
},
{
"model": "laserjet p2055 printer series ce459a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "20141201"
},
{
"model": "color laserjet cm4730 multifunction printer cb483a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "proxysg sgos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.3"
},
{
"model": "netscaler build",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "9.196.4"
},
{
"model": "real-time compression appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.203"
},
{
"model": "fortiweb",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.3"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8x"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.23"
},
{
"model": "logcenter v200r003c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "dynamic system analysis",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.61"
},
{
"model": "dgs-1210-28",
"scope": "eq",
"trust": 0.3,
"vendor": "d link",
"version": "4.00.012"
},
{
"model": "ssl vpn 7.4r11.1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.20"
},
{
"model": "laserjet enterprise m601 series ce989a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6000"
},
{
"model": "telepresence supervisor mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "80500"
},
{
"model": "initiate master data service provider hub",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"model": "network connect",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.3.0.13725"
},
{
"model": "infosphere master data management server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.3"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.11"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.152"
},
{
"model": "color laserjet printer series q7534a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "300046.80.2"
},
{
"model": "horizon workspace client for mac",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.8.1"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.51"
},
{
"model": "rational build forge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.2"
},
{
"model": "storevirtual 3tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "netiq access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "4.0"
},
{
"model": "flex system enterprise chassis",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7893"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"model": "watson explorer",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.4"
},
{
"model": "s7700\u0026s9700 v200r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "flare experience for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1"
},
{
"model": "netiq access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.2"
},
{
"model": "application networking manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "command view for tape libraries",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "sparc enterprise m8000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1117"
},
{
"model": "oceanstor s2600t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "laserjet enterprise color mfp m575dn cd645a 2302963 436081",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "500"
},
{
"model": "junos 12.1x45-d15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "tivoli workload scheduler distributed fp03",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.4"
},
{
"model": "project openssl 1.0.1h",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "fortiweb",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.1.2"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.0.4"
},
{
"model": "9.2-rc1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.2.0"
},
{
"model": "msr30-16 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "jabber for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "fortiwifi build",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2.0589"
},
{
"model": "laserjet enterprise color m855 a2w77a 2302963 436076",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "800"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.4"
},
{
"model": "puredata system for hadoop",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.01"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.3"
},
{
"model": "telepresence video communication server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cloudsystem chargeback",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.40"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "3.1.10"
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1.0.2354"
},
{
"model": "one-x communicator for mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "x1.0.3"
},
{
"model": "data ontap",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "7.0"
},
{
"model": "aura application server sip core pb3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53003.0"
},
{
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "4.3.3"
},
{
"model": "netiq access gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "0"
},
{
"model": "security analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.6"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.2"
},
{
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.1"
},
{
"model": "security threat response manager 2012.1r8",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl 1.0.0f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "99710"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"model": "laserjet m3027 multifunction printer cc479a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "48.306.1"
},
{
"model": "sparc enterprise m3000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1117"
},
{
"model": "color laserjet cp6015 q3932a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "53.236.1"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.1"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "2.0"
},
{
"model": "enterprise linux long life server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5.6"
},
{
"model": "laserjet enterprise mfp m525f cf117a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5000"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0.9.134.14"
},
{
"model": "management center",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "1.0"
},
{
"model": "ftp server",
"scope": "ne",
"trust": 0.3,
"vendor": "cerberus",
"version": "7.0.0.3"
},
{
"model": "junos 11.1r4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "ata analog telephone adaptor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1870"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "2.0.2"
},
{
"model": "project openssl 1.0.0b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.1"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.4"
},
{
"model": "fortimail",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.7"
},
{
"model": "one-x communicator for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.2"
},
{
"model": "expressway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.6"
},
{
"model": "fortiweb",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.4"
},
{
"model": "storage management initiative specification providers fo",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "57100"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.1"
},
{
"model": "storevirtual 1tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "msr30-1x russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.15"
},
{
"model": "proventia network security controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1209"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.79"
},
{
"model": "puremessage for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "sophos",
"version": "4.04"
},
{
"model": "junos 11.4r5.5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "cognos business intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4.1"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.74"
},
{
"model": "laserjet enterprise p3015 ce595a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "laserjet p4515 cb514a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4.213.1"
},
{
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.0.0"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.1.2"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.03"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.2"
},
{
"model": "aura system manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "clustered data ontap antivirus connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0"
},
{
"model": "sterling connect:direct",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5"
},
{
"model": "netscaler build",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "9.070.5"
},
{
"model": "content analysis system software",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "1.1.1.1"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.1.11"
},
{
"model": "security information and event management ga",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.4.0"
},
{
"model": "junos 11.4r12-s1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "data ontap",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "7.2.4"
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "125000"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "13.2"
},
{
"model": "8.4-beta1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.55"
},
{
"model": "officejet enterprise color c2s11a 2302963 436074",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "x555"
},
{
"model": "web appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "3.9.0.0"
},
{
"model": "tsm v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.12"
},
{
"model": "msr30-16 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "imc ead",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.00"
},
{
"model": "rational tau",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.31"
},
{
"model": "laserjet m5035 multifunction printer q7829a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "fortios b064",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.5-1"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.12"
},
{
"model": "mysql",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.20"
},
{
"model": "laserjet p4015 cb509a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4.213.1"
},
{
"model": "usg9500 v300r001c20sph102",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x353071600"
},
{
"model": "initiate master data service patient hub",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "laserjet m3035 multifunction printer cb414a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "48.306.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.25"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "11.4x27.43"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.13"
},
{
"model": "asa cx context-aware security",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "color laserjet cp5525 ce709a 2302963 436070",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "horizon workspace client for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.5"
},
{
"model": "web filter",
"scope": "eq",
"trust": 0.3,
"vendor": "websense",
"version": "7.7"
},
{
"model": "project openssl 1.0.1d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.52"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.5"
},
{
"model": "unified im and presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "junos 11.4r7-s1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "junos d10",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x47"
},
{
"model": "security network intrusion prevention system gv200",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "laserjet enterprise color mfp m880 a2w75a 2302963 436068",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "800"
},
{
"model": "elog v100r003c01spc503",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.3"
},
{
"model": "system storage ts3400 tape library",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0040"
},
{
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3100"
},
{
"model": "cit",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.40"
},
{
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x357087520"
},
{
"model": "flex system fabric en4093r 10gb scalable switch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.4.0"
},
{
"model": "s5900 v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "scanjet enterprise document capture workstation l2719a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "85000"
},
{
"model": "fortiweb",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2.0"
},
{
"model": "s6900 v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "web security gateway anywhere",
"scope": "eq",
"trust": 0.3,
"vendor": "websense",
"version": "7.7.3"
},
{
"model": "storevirtual hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.5"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.1"
},
{
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.1"
},
{
"model": "storevirtual 3tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "storevirtual fc 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "junos 12.1r11",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.1"
},
{
"model": "fusionsphere v100r003",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "5.0.5"
},
{
"model": "websphere datapower soa appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.015"
},
{
"model": "tsm v100r002c07spc219",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "vma san gateway g5.5.1.3",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "network connect",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.4.0.14619"
},
{
"model": "one-x mobile lite for android",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.173"
},
{
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3"
},
{
"model": "system dx360m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "63911.42"
},
{
"model": "espace iad v300r002c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "sterling connect:direct",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.6"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.4"
},
{
"model": "documentum content server sp1 p28",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.24"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"model": "prime collaboration provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5"
},
{
"model": "real-time compression appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.8"
},
{
"model": "security network intrusion prevention system gx7412-10",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "fortianalyzer",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.7"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.45"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4.1.0"
},
{
"model": "cognos express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"model": "-release-p5",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "8.0"
},
{
"model": "color laserjet cp6015 q3931a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "53.236.1"
},
{
"model": "9.2-rc3-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.5"
},
{
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.0.1"
},
{
"model": "laserjet p3005 printer series q7815a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.190.3"
},
{
"model": "datafort fc-series",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1.0.9"
},
{
"model": "vcac",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.1"
},
{
"model": "vcenter site recovery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.1"
},
{
"model": "power express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7200"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "laserjet printer series q5408a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "43508.250.2"
},
{
"model": "s2750\u0026s5700\u0026s6700 v200r003",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "xiv storage system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "281011.3"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"model": "4210g switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "aura application server sip core",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53003.0"
},
{
"model": "aura application server sip core pb25",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.0"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.1.4"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.8"
},
{
"model": "junos r1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "14.1"
},
{
"model": "laserjet enterprise m603 series ce995a 2302963 436082",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "600"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.118"
},
{
"model": "unified series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "79000"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.88"
},
{
"model": "vdi-in-a-box",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.4.3"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.95"
},
{
"model": "tivoli netcool/system service monitor fp3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"model": "aura experience portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "hyperdp v200r001c09spc501",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "ei switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "55000"
},
{
"model": "nsx for multi-hypervisor",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "4.0.3"
},
{
"model": "toolscenter suite",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.52"
},
{
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x355079140"
},
{
"model": "integrated lights out manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.3"
},
{
"model": "utm",
"scope": "ne",
"trust": 0.3,
"vendor": "sophos",
"version": "9.203"
},
{
"model": "data ontap",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "7.3.1.1"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "telepresence",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "13100"
},
{
"model": "project openssl 1.0.1b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.0k",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "laserjet enterprise mfp m725 cf069a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "aura system platform sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "0.9.10"
},
{
"model": "laserjet printer series q7784a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "42408.250.2"
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "59000"
},
{
"model": "project metasploit framework",
"scope": "ne",
"trust": 0.3,
"vendor": "metasploit",
"version": "4.9.3"
},
{
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.3.0"
},
{
"model": "usg2000 v300r001c10spc200",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.86"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "3.1.12"
},
{
"model": "vdi-in-a-box",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.3.3"
},
{
"model": "aura conferencing",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"model": "project metasploit framework",
"scope": "eq",
"trust": 0.3,
"vendor": "metasploit",
"version": "4.9.2"
},
{
"model": "cloudsystem enterprise software",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "8.1"
},
{
"model": "storevirtual 600gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.5"
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "75000"
},
{
"model": "one-x communicator for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "aura system platform sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "watson explorer security",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "6"
},
{
"model": "junos r12",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "11.4"
},
{
"model": "websphere datapower low latency appliance xm70",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.0"
},
{
"model": "fortiweb",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.1.4"
},
{
"model": "9.0-release",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.7"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "laserjet enterprise mfp m725 cf068a 2302963 436078",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.59"
},
{
"model": "laserjet enterprise mfp m725 cf068a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10500"
},
{
"model": "flare experience for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1.3"
},
{
"model": "laserjet enterprise color mfp m575dn cd644a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5000"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "junos os 14.1r1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "8.4-release-p7",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "operations analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "color laserjet cp3505 printer series cb442a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "3.160.2"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.2"
},
{
"model": "clustered data ontap antivirus connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1"
},
{
"model": "rational tau",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.32"
},
{
"model": "junos space",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.42"
},
{
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "aura utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "e-business suite 11i",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.10.2"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.6"
},
{
"model": "laserjet printer series q5400a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "42508.250.2"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.0.1"
},
{
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x357087220"
},
{
"model": "blackberry enterprise service",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.2.0"
},
{
"model": "netscaler",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "9.3"
},
{
"model": "laserjet printer series q7546a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "52008.241"
},
{
"model": "command view for tape libraries",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "3.8"
},
{
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.1"
},
{
"model": "unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"model": "laserjet printer series q7547a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "52008.241"
},
{
"model": "svn5500 v200r001c01hp0001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.01"
},
{
"model": "rox",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "22.6"
},
{
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.0"
},
{
"model": "power ps701",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "color laserjet m651 cz256a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.012"
},
{
"model": "agent desktop for cisco unified contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "5.0.8"
},
{
"model": "vdi communicator",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0.3"
},
{
"model": "oceanstor s5500t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "laserjet enterprise mfp m725 cf066a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "proxysgos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.1"
},
{
"model": "laserjet enterprise mfp m630 series b3g85a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "one-x communicator for mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "x1.0.1"
},
{
"model": "aura messaging sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "telepresence profile series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "5.0.3"
},
{
"model": "espace iad v300r001c07",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "software foundation python",
"scope": "eq",
"trust": 0.3,
"vendor": "python",
"version": "3.4"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "laserjet enterprise color m775 series cf304a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7000"
},
{
"model": "9.2-rc1-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.5"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.119"
},
{
"model": "junos space",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "11.2"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "laserjet printer series q5402a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "42508.250.2"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.7"
},
{
"model": "msr30-1x family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "vcloud networking and security",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.2"
},
{
"model": "color laserjet printer series q7491a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "470046.230.6"
},
{
"model": "4510g switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.0.6"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.5"
},
{
"model": "laserjet m3035 multifunction printer cb414a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "dsr-1000 rev. a1",
"scope": null,
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "operations automation",
"scope": "eq",
"trust": 0.3,
"vendor": "parallels",
"version": "5.0"
},
{
"model": "websphere datapower soa appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.4"
},
{
"model": "aura application server sip core",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.1"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.0.5"
},
{
"model": "linerate",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "1.6.2"
},
{
"model": "one-x communicator for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.9"
},
{
"model": "winscp",
"scope": "eq",
"trust": 0.3,
"vendor": "winscp",
"version": "5.1.1"
},
{
"model": "one-x mobile lite for iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "documentum content server sp2 p16",
"scope": "ne",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "sparc enterprise m5000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1117"
},
{
"model": "project openssl 1.0.0a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "junos 12.1x44-d15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.4"
},
{
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "4.3.2"
},
{
"model": "database and middleware automation",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.20"
},
{
"model": "laserjet enterprise color mfp m575dn cd644a 2302963 436081",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "500"
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "network connect",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.0.0.12875"
},
{
"model": "power system s822",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "network connect 8.0r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.21-21"
},
{
"model": "junos pulse for android",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.22"
},
{
"model": "system x3550m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "79441.42"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.9"
},
{
"model": "storevirtual 1tb mdl china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "proactive network operations center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "algo audit and compliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0.2"
},
{
"model": "project openssl 0.9.8f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.40"
},
{
"model": "airwave",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "7.2.2"
},
{
"model": "vfabric application director",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.2"
},
{
"model": "color laserjet printer series q5981a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "380046.80.8"
},
{
"model": "enterprise virtualization",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "junos 11.2r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "malware analysis appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "4.1"
},
{
"model": "ip video phone e20",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos space",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "1.2.2"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"model": "blackberry enterprise service",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1.2.6"
},
{
"model": "junos 10.2r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "proxysg sgos",
"scope": "ne",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.5.4.4"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.5"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "mate products",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.2"
},
{
"model": "websphere datapower xml accelerator xa35",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.0.8"
},
{
"model": "project openssl 1.0.1a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "laserjet pro m401a/d/dn/dnw/dw/n cz195a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "40020150212"
},
{
"model": "integrity sd2 cb900s i2 and i4 server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "3.7.98"
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.010"
},
{
"model": "flex system p260",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "one-x communicator for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.4"
},
{
"model": "storevirtual 4tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "3.1.9"
},
{
"model": "firepass",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "7.0"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.37"
},
{
"model": "pulse desktop 4.0r11.1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "srg1200\u00262200\u00263200 v100r002c02hp0001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "laserjet p4015 cb510a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.2"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "1.0.2"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6"
},
{
"model": "security network intrusion prevention system gx3002",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.8"
},
{
"model": "sterling connect:enterprise for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4"
},
{
"model": "meeting exchange sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "ive os 7.4r6",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 13.3r3",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "56000"
},
{
"model": "puredata system for hadoop",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.00"
},
{
"model": "utm manager",
"scope": "eq",
"trust": 0.3,
"vendor": "sophos",
"version": "4.1"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.29"
},
{
"model": "laserjet printer series q7699a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "9040/90508.260.3"
},
{
"model": "messaging secure gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "7.5"
},
{
"model": "junos 12.1x44-d35",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "xenclient enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "4.5.5"
},
{
"model": "jabber guest",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.23"
},
{
"model": "m220 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.03"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "77009.7"
},
{
"model": "8.4-release-p9",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "xenclient enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.0.2"
},
{
"model": "s2750\u0026s5700\u0026s6700 v200r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "unified agent",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "4.1"
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "58300"
},
{
"model": "jetdirect 695n eio card j8024a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "41.16"
},
{
"model": "data ontap",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "7.3.2"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.3"
},
{
"model": "laserjet printer series q5410a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "43508.250.2"
},
{
"model": "espace u19** v100r001c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "data recovery",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.3"
},
{
"model": "content security management appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3.1"
},
{
"model": "uma v200r001c00spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "communications policy management",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.9.1"
},
{
"model": "junos space",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "1.0"
},
{
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x350073830"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.3"
},
{
"model": "image construction and composition tool",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.1.0"
},
{
"model": "idatplex dx360 m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "79120"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.21"
},
{
"model": "cms r16",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.4"
},
{
"model": "telepresence content server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "color laserjet m651 cz256a 2302963 436073",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "oceanstor s6800t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "aura system platform sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "project openssl 0.9.8w",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "junos 12.1x47-d10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "fortisandbox",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.12"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.121"
},
{
"model": "digital media players series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44000"
},
{
"model": "vdi communicator",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0.1"
},
{
"model": "color laserjet printer series q7494a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "470046.230.6"
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "119000"
},
{
"model": "secure analytics 2014.2r3",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"model": "power ps704 blade",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7891-74x)0"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.120"
},
{
"model": "flashsystem 9843-ae1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "840"
},
{
"model": "laserjet enterprise mfp m725 cf067a 2302963 436078",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "laserjet enterprise p3015 ce525a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.186.1"
},
{
"model": "nsx for vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.4"
},
{
"model": "junos 13.1r3-s1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.24"
},
{
"model": "project openssl 1.0.1g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "big-ip edge clients for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "7101"
},
{
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.4"
},
{
"model": "netscaler build",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "8.157.3"
},
{
"model": "laserjet cm3530 multifunction printer cc519a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "48.306.1"
},
{
"model": "laserjet enterprise m4555 mfp ce738a 2302963 436064",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.48"
},
{
"model": "horizon workspace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.5"
},
{
"model": "storevirtual 600gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.6"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.9"
},
{
"model": "ips",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "espace usm v100r001 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "idp series",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "laserjet enterprise p3015 ce527a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.186.1"
},
{
"model": "laserjet enterprise p3015 ce526a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.186.1"
},
{
"model": "junos space",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "13.1"
},
{
"model": "storevirtual 1tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "oncommand unified manager core package",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5"
},
{
"model": "tivoli netcool/system service monitor fp12",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "watson explorer",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.4"
},
{
"model": "laserjet enterprise mfp m630 series b3g86a 2303714 233000041",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "system storage ts3400 tape library",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "0042"
},
{
"model": "email security gateway anywhere",
"scope": "eq",
"trust": 0.3,
"vendor": "websense",
"version": "7.8.1"
},
{
"model": "junos 12.3r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.2.143"
},
{
"model": "nexus switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "31640"
},
{
"model": "laserjet m3035 multifunction printer cb415a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "laserjet cm3530 multifunction printer cc520a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "messagesight server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0"
},
{
"model": "ive os 8.0r4.1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 11.4r7",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "fusionsphere v100r003c10spc600",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "msr93x family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.47"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.2"
},
{
"model": "color laserjet multifunction printer series q7520a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "400046.380.3"
},
{
"model": "telepresence advanced media gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"model": "airwave",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "7.7.12"
},
{
"model": "security analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.0"
},
{
"model": "flashsystem 9846-ae1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "840"
},
{
"model": "tivoli workload scheduler distributed fp03",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6.0"
},
{
"model": "smc2.0 v100r002c01b025sp07",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "s2700\u0026s3700 v100r006",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl 0.9.8r",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "espace cc v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "9250c digital sender cb472a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "48.293.1"
},
{
"model": "protection service for email",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "7.1"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.31"
},
{
"model": "laserjet enterprise color mfp m880 d7p71a 2302963 436068",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "800"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.0.8"
},
{
"model": "netezza diagnostic tools",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0"
},
{
"model": "laserjet m4345 multifunction printer cb427a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.21"
},
{
"model": "netscaler",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "8.1.68.7"
},
{
"model": "elan",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "8.2"
},
{
"model": "isoc v200r001c01",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "5000"
},
{
"model": "malware analyzer g2",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "3.5"
},
{
"model": "ds8870",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3"
},
{
"model": "laserjet enterprise color m855 a2w77a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8000"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.81"
},
{
"model": "websphere datapower soa appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.2.15"
},
{
"model": "linerate",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.2.2"
},
{
"model": "dgs-1500-28",
"scope": "eq",
"trust": 0.3,
"vendor": "d link",
"version": "2.51.005"
},
{
"model": "3par service processor sp-4.2.0.ga-29.p003",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "junos 12.1x44-d40",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "s7-1500",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "1.6"
},
{
"model": "project openssl beta4",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.0"
},
{
"model": "esight-ewl v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "hyperdp oceanstor n8500 v200r001c91",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "guardium database activity monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "virtual tape library",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.70"
},
{
"model": "storevirtual hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.0"
},
{
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.11"
},
{
"model": "cloud service automation",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.01"
},
{
"model": "project openssl 1.0.0l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "general parallel file system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.0"
},
{
"model": "color laserjet multifunction printer series q7518a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "400046.380.3"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.13"
},
{
"model": "simatic wincc oa",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "3.8"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "laserjet printer series q7544a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "52008.241"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"model": "laserjet enterprise m4555 mfp ce502a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "oic v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos space 13.1p1.14",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "dgs-1210-20",
"scope": "eq",
"trust": 0.3,
"vendor": "d link",
"version": "4.00.041"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.2"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.3"
},
{
"model": "icewall sso dfw certd",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.0"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.0"
},
{
"model": "spa300 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "laserjet enterprise m603 series ce996a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6000"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.9"
},
{
"model": "cit",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.2"
},
{
"model": "color laserjet cp6015 q3932a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "content analysis system software",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "1.1.53"
},
{
"model": "horizon workspace client for mac",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.5"
},
{
"model": "communicator for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "via for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "2.0.0"
},
{
"model": "upward integration modules for microsoft system center",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5"
},
{
"model": "color laserjet printer series q5983a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "380046.80.8"
},
{
"model": "junos 11.4r9-s1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl 0.9.8p",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.2"
},
{
"model": "telepresence isdn link",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "sbr enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.10"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.23"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.6"
},
{
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "puremessage for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "sophos",
"version": "4.05"
},
{
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "5.0.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.4"
},
{
"model": "storevirtual fc 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.19"
},
{
"model": "tivoli storage productivity center fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.14"
},
{
"model": "sterling connect:enterprise for unix ifix03",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.5.0.3"
},
{
"model": "power express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7300"
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "officejet enterprise color mfp b5l04a 2302963 436066",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "x585"
},
{
"model": "sterling connect:direct for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5.01"
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.5"
},
{
"model": "via for linux",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "2.0.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.17"
},
{
"model": "pulse desktop 5.0r3.1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.06"
},
{
"model": "netscaler",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "9.3.61.5"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.115"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "xenclient enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.1.2"
},
{
"model": "junos 5.0r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.1"
},
{
"model": "fortios build",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2.0589"
},
{
"model": "virtualization experience media engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jetdirect 620n eio card j7934g",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "29.26"
},
{
"model": "junos 10.0s18",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "scanjet enterprise document capture workstation l2719a 2302963 436065",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "8500"
},
{
"model": "xenclient enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.33"
},
{
"model": "jabber im for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.12"
},
{
"model": "small cell factory recovery root filesystem",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.99.4"
},
{
"model": "proxysgos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.4"
},
{
"model": "netezza platform software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.45"
},
{
"model": "cognos tm1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.0.2"
},
{
"model": "service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.31"
},
{
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"model": "flex system enterprise chassis",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8724"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.78"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "cerberus",
"version": "7.0"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "1.9.2"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0"
},
{
"model": "color laserjet flow m680 ca251a 2302963 436072",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x365079150"
},
{
"model": "exalogic",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "x3-22.0.6.2.0"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.4"
},
{
"model": "storevirtual china hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.0"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.6"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.10"
},
{
"model": "espace vtm v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "spa122 ata with router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 10.4r",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.15"
},
{
"model": "web security gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "websense",
"version": "7.8.3"
},
{
"model": "config manager",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.6"
},
{
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.0.3"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"model": "websphere datapower soa appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.0.6"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.00"
},
{
"model": "infosphere guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "ssl vpn 8.0r4.1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.2.1"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.4"
},
{
"model": "proxysg sgos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.5"
},
{
"model": "project openssl 1.0.1c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "32.0"
},
{
"model": "spa525 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "data ontap smi-s agent",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.4.0.15"
},
{
"model": "cp1543-1",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "1.1.25"
},
{
"model": "laserjet m9050 multifunction printer cc395a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "51.256.1"
},
{
"model": "ive os 7.4r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.41"
},
{
"model": "laserjet enterprise color m551 series cf081a 2302963 436083",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "500"
},
{
"model": "advanced settings utility",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.52"
},
{
"model": "msr30 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8v"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.4.0"
},
{
"model": "color laserjet enterprise m750 d3l10a 2302963 436077",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "color laserjet cp3505 printer series cb443a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "3.160.2"
},
{
"model": "laserjet enterprise m601 series ce990a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6000"
},
{
"model": "oncommand workflow automation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"model": "proxysg sgos",
"scope": "ne",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.2.15.6"
},
{
"model": "algo audit and compliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.54"
},
{
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x357087330"
},
{
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.3.1"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.30"
},
{
"model": "utm",
"scope": "ne",
"trust": 0.3,
"vendor": "sophos",
"version": "9.113"
},
{
"model": "espace u2980 v100r001c02",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.9"
},
{
"model": "linerate",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.3"
},
{
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.4"
},
{
"model": "color laserjet printer series q7536a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "300046.80.2"
},
{
"model": "clearpass",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.2.0"
},
{
"model": "identity service engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jsa 2014.2r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.2"
},
{
"model": "9.2-release-p3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.2.177"
},
{
"model": "s12700 v200r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "snapdrive for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.35"
},
{
"model": "8.4-release-p11",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "tivoli workload scheduler distributed fp04",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "oceanstor s2200t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.3.1"
},
{
"model": "system type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3950x571431.43"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.0"
},
{
"model": "hsr6602 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.18"
},
{
"model": "cognos metrics manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "41005.1.1"
},
{
"model": "laserjet enterprise color m775 series cc524a 2302963 436079",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "700"
},
{
"model": "s7-1500",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.23"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5600v39.7"
},
{
"model": "s2900 v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "open source security information management",
"scope": "ne",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.10"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "9.6"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.21"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.32"
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.6"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"model": "datafort common criteria fc-series",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "junos 11.4r7-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.20"
},
{
"model": "pulse desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.38"
},
{
"model": "usg5000 v300r001c10spc200",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.7"
},
{
"model": "ovf tool",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.5.1"
},
{
"model": "storevirtual china hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.0"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "51005.1.1"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.9"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "message networking sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.1.5.1"
},
{
"model": "stunnel",
"scope": "eq",
"trust": 0.3,
"vendor": "stunnel",
"version": "5.00"
},
{
"model": "chargeback manager",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5"
},
{
"model": "web security gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "websense",
"version": "7.7.3"
},
{
"model": "laserjet enterprise flow m830z mfp cf367a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "officejet enterprise color mfp b5l07a 2302963 436066",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "x585"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"model": "one-x communicator for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"model": "power express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7500"
},
{
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.5.0.15"
},
{
"model": "junos 12.1x45-d25",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "laserjet m4345 multifunction printer cb428a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "one-x communicator for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.8"
},
{
"model": "junos 13.2r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.0.4"
},
{
"model": "fortimail build",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.1.3281"
},
{
"model": "color laserjet enterprise m750 d3l08a 2302963 436077",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "s5900 v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "esight v2r3c10spc201",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "laserjet pro m401a/d/dn/dnw/dw/n cf278a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "40020150212"
},
{
"model": "ssl vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.4"
},
{
"model": "web security gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "websense",
"version": "7.8.2"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.0"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.40"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.4"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.78"
},
{
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"model": "project openssl 0.9.8l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.13"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.65"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "28.0.1500.95"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.5"
},
{
"model": "vma",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.11"
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.31"
},
{
"model": "s3900 v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "adaptive security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.8"
},
{
"model": "proxysgos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.1.6.3"
},
{
"model": "proxyav",
"scope": "ne",
"trust": 0.3,
"vendor": "bluecoat",
"version": "3.5.21"
},
{
"model": "anyoffice emm",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "2.6.0601.0090"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.13"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.39"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "0.8"
},
{
"model": "tssc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.12"
},
{
"model": "color laserjet enterprise m750 d3l09a 2302963 436077",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "web security",
"scope": "eq",
"trust": 0.3,
"vendor": "websense",
"version": "7.8.3"
},
{
"model": "service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.33"
},
{
"model": "ssl for openvms",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "1.4-476"
},
{
"model": "system x3400m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "73781.42"
},
{
"model": "strm/jsa 2013.2r8",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl 1.0.0i",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "security network intrusion prevention system gx7412",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.171"
},
{
"model": "vcenter support assistant",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.1"
},
{
"model": "laserjet p4015 cb511a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "msr50-g2 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "i v5r4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "storevirtual 1tb mdl china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "51005.1.21"
},
{
"model": "exalogic",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "x4-22.0.6.2.0"
},
{
"model": "system x3550m2 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "79461.42"
},
{
"model": "usg9500 usg9500 v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "tssc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.156"
},
{
"model": "laserjet cm3530 multifunction printer cc520a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "53.236.1"
},
{
"model": "s2750\u0026s5700\u0026s6700 v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "4.3.4"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.58"
},
{
"model": "one-x communicator for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "rox",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "11.16"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0"
},
{
"model": "jetdirect 690n eio card j8007a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "41.16"
},
{
"model": "ive os",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.4"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.3"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.13"
},
{
"model": "enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "flex system p24l",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "ovf tool",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.17"
},
{
"model": "command view server based management",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "10.3.3"
},
{
"model": "prime network services controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "clearpass",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.2.6"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.18"
},
{
"model": "oic v100r001c00spc402",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "documentum content server",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.0"
},
{
"model": "vdi-in-a-box",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.1"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.14"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.30"
},
{
"model": "algo one",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.7.1"
},
{
"model": "icewall sso dfw",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0"
},
{
"model": "s7700\u0026s9700 v200r005+v200r005hp0",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "data ontap",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "7.3.1"
},
{
"model": "9.2-releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "color laserjet cm6030 multifunction printer ce665a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "business server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "1x8664"
},
{
"model": "vma san gateway g5.5.1.1",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.010"
},
{
"model": "dsr-1000 1.09.b61",
"scope": "ne",
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "laserjet enterprise m603 series ce996a 2302963 436082",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "600"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.10"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "tivoli storage flashcopy manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1.2"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "aura collaboration environment",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "1.0.4"
},
{
"model": "vtm v100r001c30",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos space 13.3r4.4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "2.4.4"
},
{
"model": "oceanstor s5500t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 2tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "xenclient enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "4.1.1"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.4.1"
},
{
"model": "system type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3690x571481.43"
},
{
"model": "fortivoiceos",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "0"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "99510"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "41005.1"
},
{
"model": "imc uam",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.00"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.8"
},
{
"model": "integrated management module ii",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.86"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.12"
},
{
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.24"
},
{
"model": "system x3650m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "79491.42"
},
{
"model": "netezza platform software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.213"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "espace u2980 v100r001 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "intelligent management center",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "cloudburst",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"model": "laserjet enterprise m602 series ce993a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6000"
},
{
"model": "tivoli netcool/system service monitor fp8",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "watson explorer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1"
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.02"
},
{
"model": "vsphere cli",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5"
},
{
"model": "junos 10.4r13",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "laserjet enterprise p3015 ce528a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.71"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.54"
},
{
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.0"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"model": "fusion",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.0"
},
{
"model": "8.4-rc2-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.3"
},
{
"model": "rox",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "22.5"
},
{
"model": "one-x communicator for mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "x2.0.10"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.2"
},
{
"model": "spa500 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos os 13.1r4-s2",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.1r6",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "color laserjet enterprise m750 d3l08a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "8.0"
},
{
"model": "firepass",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.0"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.0"
},
{
"model": "system x3250m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "42521.42"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "20500"
},
{
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.3.2"
},
{
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.112"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.4.1"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.1.5.2"
},
{
"model": "junos d35",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1.0.1880"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.1.15"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.32"
},
{
"model": "ape",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "2.0.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.43"
},
{
"model": "laserjet m4345 multifunction printer cb426a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "8.4-stable",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "telepresence ip vcr series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "msr20-1x russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "telepresence sx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "si switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "55000"
},
{
"model": "aura application server sip core pb26",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.0"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "0.9.99"
},
{
"model": "documentum content server sp1 p26",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.1.3"
},
{
"model": "websphere message broker",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "18.0"
},
{
"model": "bladesystem c-class virtual connect",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.10"
},
{
"model": "9.2-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.1.1"
},
{
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.2.0"
},
{
"model": "junos 12.1x44-d30",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "tivoli netcool/system service monitor fp4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.28"
},
{
"model": "sterling connect:direct for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1"
},
{
"model": "junos 12.1x45-d30",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.0.2"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.2.178"
},
{
"model": "project openssl 1.0.0j",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "eupp v100r001c01spc101",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "proxysg sgos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.5"
},
{
"model": "flex system p460 compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7895-42x)0"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "2.2.7"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.76"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.5"
},
{
"model": "ecns600 v100r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos 13.2r4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "horizon view client",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "4.0"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"model": "proxysgos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.4.6.1"
},
{
"model": "service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.21"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "0.8.11"
},
{
"model": "oceanstor s2600t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ssl for openvms",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.4-471"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.0"
},
{
"model": "color laserjet enterprise cp4025 cc490a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.164.1"
},
{
"model": "communicator for android",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0.1"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.9"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5600v29.7"
},
{
"model": "security information and event management",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.3"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0.9.131.0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3"
},
{
"model": "laserjet printer series q3723a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "9040/90508.260.3"
},
{
"model": "aura presence services sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.06"
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "3par service processor sp-4.3.0.ga-17.p000",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "color laserjet cp6015 q3935a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4.203.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.27"
},
{
"model": "sbr carrier 7.5.0-r11",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "laserjet enterprise m603 series ce994a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6000"
},
{
"model": "junos 12.2r7",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"model": "ave2000 v100r001c00sph001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "fortiweb",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.1.3"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.19"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.21"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.4"
},
{
"model": "laserjet enterprise m4555 mfp ce504a 2302963 436064",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "junos 10.4r7",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.60"
},
{
"model": "digital sender 9200c q5916a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "9.271.3"
},
{
"model": "laserjet m3035 multifunction printer cc477a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "48.306.1"
},
{
"model": "system x3620m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "73761.42"
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3600v20"
},
{
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "tivoli netcool/system service monitor fp5",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "fortiweb",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.2"
},
{
"model": "laserjet p3005 printer series q7812a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.190.3"
},
{
"model": "documentum content server sp2 p15",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "laserjet enterprise color flow mfp m575c cd646a 2302963 436081",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.55"
},
{
"model": "tivoli workload scheduler for applications fp01",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "9.2-release-p5",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.90"
},
{
"model": "laserjet p4515 cb514a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4.203.1"
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.16"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "2.0.3"
},
{
"model": "10.0-rc2-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.4.13"
},
{
"model": "msr4000 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"model": "system x3400m2 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "78371.42"
},
{
"model": "junos 12.2r8",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "31005.1.21"
},
{
"model": "laserjet p4014 cb506a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4.213.1"
},
{
"model": "one-x communicator for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.3"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"model": "laserjet enterprise mfp m525f cf116a 2302963 436069",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "500"
},
{
"model": "puremessage for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "sophos",
"version": "5.5.4"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "463012.5"
},
{
"model": "financial services lending and leasing",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "14.1"
},
{
"model": "flex system p24l compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "nac appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vpn client v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "metro ethernet series access devices",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12000"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"model": "email security gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "websense",
"version": "7.8.1"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "eucalyptus",
"scope": "eq",
"trust": 0.3,
"vendor": "eucalyptus",
"version": "3.4.2"
},
{
"model": "3par service processor sp-4.1.0.ga-97.p011",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.25"
},
{
"model": "3par service processor sp-4.1.0.ga-97.p010",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "prime network",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.20"
},
{
"model": "cloudsystem foundation",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "8.1"
},
{
"model": "database and middleware automation",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.01"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.30"
},
{
"model": "jetdirect 635n eio card j7961g",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "41.16"
},
{
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "5"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.84"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "vdi-in-a-box",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.4.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.3"
},
{
"model": "junos 13.3r2-s3",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.36"
},
{
"model": "prime infrastructure",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "color laserjet multifunction printer series q7517a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "400046.380.3"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "ace application control engine appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "flex system p460",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7895-42x)0"
},
{
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "junos pulse for ios",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "stunnel",
"scope": "eq",
"trust": 0.3,
"vendor": "stunnel",
"version": "5.01"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.18"
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.05"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "41005.2"
},
{
"model": "tivoli network manager ip edition fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.94"
},
{
"model": "laserjet enterprise mfp m630 series b3g86a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "project openssl 1.0.0m",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.0.8"
},
{
"model": "dsr-500n rev. a1",
"scope": null,
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "color laserjet m651 cz257a 2302963 436073",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "security network intrusion prevention system gx5008-v2",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.21"
},
{
"model": "color laserjet cm6040 multifunction printer q3938a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "52.256.1"
},
{
"model": "netiq sslvpn server",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "0"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.45"
},
{
"model": "junos space",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "11.4"
},
{
"model": "ios xr software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.77"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413011.5"
},
{
"model": "color laserjet cp4005 printer series cb503a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "46.230.6"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.18"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.75"
},
{
"model": "sparc m10-1",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "0"
},
{
"model": "nip2000\u00265000 v100r002c10spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.5"
},
{
"model": "sterling b2b integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "laserjet enterprise m603 series ce995a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6000"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.44"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.8.0"
},
{
"model": "laserjet enterprise mfp m630 series j7x28a 2303714 233000041",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "33.0.1750.166"
},
{
"model": "junos 11.4r3.7",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "eupp v100r001c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.0.3"
},
{
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"model": "junos 13.1r4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.52"
},
{
"model": "dsr-500 rev. a1",
"scope": null,
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "guardium database activity monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "dgs-1500.20",
"scope": "eq",
"trust": 0.3,
"vendor": "d link",
"version": "2.51.005"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "laserjet enterprise m602 series ce992a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6000"
},
{
"model": "project openssl 0.9.8o",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "junos d15",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x45-"
},
{
"model": "update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.0"
},
{
"model": "laserjet p2055 printer series ce457a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "20141201"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.1.5"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "idol image server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.87"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.35"
},
{
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x375087520"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.27"
},
{
"model": "oceanstor s5800t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.36"
},
{
"model": "jabber for mac",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.47"
},
{
"model": "itbm standard",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.1"
},
{
"model": "fortigate",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.8"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "mcp",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "66000"
},
{
"model": "color laserjet flow m680 cz250a 2302963 436072",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.32"
},
{
"model": "unified series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "69000"
},
{
"model": "tivoli netcool/system service monitor fp1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "one-x communicator for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.6"
},
{
"model": "host checker",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "junos 12.2r8-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.21-20"
},
{
"model": "oceanstor s5600t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.38"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.11"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "linerate",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.3.1"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "1.0.6"
},
{
"model": "system x3400m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "73791.42"
},
{
"model": "laserjet enterprise color m551 series cf083a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5000"
},
{
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"model": "winscp",
"scope": "eq",
"trust": 0.3,
"vendor": "winscp",
"version": "5.1.6"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.4"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "51005.1.2"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.35"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.97"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.0"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.34"
},
{
"model": "unified communications manager session management edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.22"
},
{
"model": "malware analyzer g2",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "4.1"
},
{
"model": "video surveillance ptz ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "snapdrive for unix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"model": "client applications",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.0.14"
},
{
"model": "laserjet enterprise color mfp m880 d7p71a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8000"
},
{
"model": "security module for cisco network registar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "color laserjet cp3525 cc470a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "6.183.1"
},
{
"model": "sbr carrier",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.11"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.2"
},
{
"model": "laserjet p4014 cb512a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4.213.1"
},
{
"model": "open systems snapvault",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.2.145"
},
{
"model": "project openssl 0.9.8za",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500-320"
},
{
"model": "cloudplatform",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "4.3.0.1"
},
{
"model": "data ontap storage management initiative specification a",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "35.0"
},
{
"model": "aura application server sip core pb16",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.0"
},
{
"model": "security network intrusion prevention system gx5108-v2",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.9"
},
{
"model": "idp series 5.1r4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "s6900 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.2"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0.00"
},
{
"model": "cloudplatform",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "4.2.1"
},
{
"model": "puremessage for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "sophos",
"version": "5.5.5"
},
{
"model": "proventia network security controller 1.0.3350m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "netscaler",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "10.1-122.17"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.5"
},
{
"model": "fortimail build",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.6170"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "1.9.4"
},
{
"model": "junos 10.4r10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "clearpass",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.3.2"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.30"
},
{
"model": "vfabric web server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.3.4"
},
{
"model": "dsm v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "communications policy management",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.4.1"
},
{
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"model": "laserjet enterprise m712 series cf238a 2302963 436080",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "700"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "telepresence mx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"model": "css series content services switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "115000"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500-370"
},
{
"model": "tivoli workload scheduler distributed fp04",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"model": "unified agent",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "1.1"
},
{
"model": "oceanstor s5800t v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.35"
},
{
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.10"
},
{
"model": "web gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2.10"
},
{
"model": "oneview",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.05"
},
{
"model": "security network intrusion prevention system gx7412-05",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "icewall mcrp",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.0.7"
},
{
"model": "rational tau",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.33"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "0.9.5"
},
{
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"model": "web security gateway anywhere",
"scope": "eq",
"trust": 0.3,
"vendor": "websense",
"version": "7.8.3"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "junos space 13.3r1.9",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "laserjet p4515 cb517a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4.213.1"
},
{
"model": "storevirtual 450gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "s7700\u0026s9700 v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"model": "9.3-beta1",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "software foundation python",
"scope": "eq",
"trust": 0.3,
"vendor": "python",
"version": "2.7"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.98"
},
{
"model": "laserjet enterprise color mfp m880 a2w75a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8000"
},
{
"model": "security analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "7.1"
},
{
"model": "horizon workspace server gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.5"
},
{
"model": "laserjet enterprise p3015 ce595a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.186.1"
},
{
"model": "espace usm v100r001c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.1"
}
],
"sources": [
{
"db": "BID",
"id": "67899"
},
{
"db": "CNNVD",
"id": "CNNVD-201406-080"
},
{
"db": "NVD",
"id": "CVE-2014-0224"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.0.0m",
"versionStartIncluding": "1.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.0.1h",
"versionStartIncluding": "1.0.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "0.9.8za",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_web_platform:5.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:storage:2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_web_server:2.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:5.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:filezilla-project:filezilla_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "0.9.45",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:application_processing_engine_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.0.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:application_processing_engine:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:cp1543-1_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.1.25",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:cp1543-1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:s7-1500_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.6",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:s7-1500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:rox_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.16.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:rox:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.0.13",
"versionStartIncluding": "10.0.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.4.2",
"versionStartIncluding": "3.4.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.7.8",
"versionStartIncluding": "2.7.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "0.10.29",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0224"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HP",
"sources": [
{
"db": "PACKETSTORM",
"id": "127936"
},
{
"db": "PACKETSTORM",
"id": "127422"
},
{
"db": "PACKETSTORM",
"id": "127403"
},
{
"db": "PACKETSTORM",
"id": "127190"
},
{
"db": "PACKETSTORM",
"id": "128345"
}
],
"trust": 0.5
},
"cve": "CVE-2014-0224",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2014-0224",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.2,
"impactScore": 5.2,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-0224",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201406-080",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2014-0224",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-0224"
},
{
"db": "CNNVD",
"id": "CNNVD-201406-080"
},
{
"db": "NVD",
"id": "CVE-2014-0224"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL communications, and consequently hijack sessions or obtain sensitive information, via a crafted TLS handshake, aka the \"CCS Injection\" vulnerability. OpenSSL is prone to security-bypass vulnerability. \nSuccessfully exploiting this issue may allow attackers to obtain sensitive information by conducting a man-in-the-middle attack. This may lead to other attacks. \nVersions prior to OpenSSL 1.0.1 and 1.0.2-beta1 are vulnerable. \n\nHP Connect IT / HP SPM CIT - 9.5x\n Please install: HP Connect IT 9.53.P2\n\nFor Windows\n http://support.openview.hp.com/selfsolve/document/LID/HPCIT_00070\n\nFor Linux\n http://support.openview.hp.com/selfsolve/document/LID/HPCIT_00071\n\nFor AIX\n http://support.openview.hp.com/selfsolve/document/LID/HPCIT_00072\n\nFor HPUX\n http://support.openview.hp.com/selfsolve/document/LID/HPCIT_00073\n\nFor Solaris\n http://support.openview.hp.com/selfsolve/document/LID/HPCIT_00074\n\nHP Connect IT / HP SPM CIT - 9.4x\n Please install: HP Connect IT 9.40.P1\n\nFor windows(en)\n http://support.openview.hp.com/selfsolve/document/LID/HPCIT_00075\n\nFor Linux(en)\n http://support.openview.hp.com/selfsolve/document/LID/HPCIT_00076\n\nFor AIX(en)\n http://support.openview.hp.com/selfsolve/document/LID/HPCIT_00077\n\nFor HPUX(en)\n http://support.openview.hp.com/selfsolve/document/LID/HPCIT_00078\n\nFor Solaris(en)\n http://support.openview.hp.com/selfsolve/document/LID/HPCIT_00079\n\nHP Connect IT / HP SPM AM 5.2x\n Please install: HP Connect IT 9.41.P1\n\nHISTORY\nVersion:1 (rev.1) - 19 August 2014 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. ============================================================================\nUbuntu Security Notice USN-2232-3\nJune 23, 2014\n\nopenssl regression\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 14.04 LTS\n- Ubuntu 13.10\n- Ubuntu 12.04 LTS\n- Ubuntu 10.04 LTS\n\nSummary:\n\nUSN-2232-1 introduced a regression in OpenSSL. The upstream fix for\nCVE-2014-0224 caused a regression for certain applications that use\nrenegotiation, such as PostgreSQL. This update fixes the problem. \n\nOriginal advisory details:\n\n J=C3=BCri Aedla discovered that OpenSSL incorrectly handled invalid DTLS\n fragments. This issue only affected Ubuntu 12.04 LTS, Ubuntu 13.10, and\n Ubuntu 14.04 LTS. (CVE-2014-0195)\n Imre Rad discovered that OpenSSL incorrectly handled DTLS recursions. A\n remote attacker could use this issue to cause OpenSSL to crash, resulting\n in a denial of service. (CVE-2014-0221)\n KIKUCHI Masashi discovered that OpenSSL incorrectly handled certain\n handshakes. \n (CVE-2014-0224)\n Felix Gr=C3=B6bert and Ivan Fratri=C4=87 discovered that OpenSSL incorrectly handled\n anonymous ECDH ciphersuites. A remote attacker could use this issue to\n cause OpenSSL to crash, resulting in a denial of service. This issue only\n affected Ubuntu 12.04 LTS, Ubuntu 13.10, and Ubuntu 14.04 LTS. \n (CVE-2014-3470)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 14.04 LTS:\n libssl1.0.0 1.0.1f-1ubuntu2.4\n\nUbuntu 13.10:\n libssl1.0.0 1.0.1e-3ubuntu1.6\n\nUbuntu 12.04 LTS:\n libssl1.0.0 1.0.1-4ubuntu5.16\n\nUbuntu 10.04 LTS:\n libssl0.9.8 0.9.8k-7ubuntu8.19\n\nAfter a standard system update you need to reboot your computer to make all\nthe necessary changes. \n\nReferences:\n http://www.ubuntu.com/usn/usn-2232-3\n http://www.ubuntu.com/usn/usn-2232-1\n https://launchpad.net/bugs/1332643\n\nPackage Information:\n https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu2.4\n https://launchpad.net/ubuntu/+source/openssl/1.0.1e-3ubuntu1.6\n https://launchpad.net/ubuntu/+source/openssl/1.0.1-4ubuntu5.16\n https://launchpad.net/ubuntu/+source/openssl/0.9.8k-7ubuntu8.19\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201407-05\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: OpenSSL: Multiple vulnerabilities\n Date: July 27, 2014\n Bugs: #512506\n ID: 201407-05\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in OpenSSL, possibly allowing\nremote attackers to execute arbitrary code. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 dev-libs/openssl \u003c 1.0.1h-r1 *\u003e= 0.9.8z_p5\n *\u003e= 0.9.8z_p4\n *\u003e= 0.9.8z_p1\n *\u003e= 0.9.8z_p3\n *\u003e= 0.9.8z_p2\n *\u003e= 1.0.0m\n \u003e= 1.0.1h-r1\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in OpenSSL. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll OpenSSL users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-1.0.1h-r1\"\n\nReferences\n==========\n\n[ 1 ] CVE-2010-5298\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-5298\n[ 2 ] CVE-2014-0195\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0195\n[ 3 ] CVE-2014-0198\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0198\n[ 4 ] CVE-2014-0221\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0221\n[ 5 ] CVE-2014-0224\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0224\n[ 6 ] CVE-2014-3470\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3470\n[ 7 ] OpenSSL Security Advisory [05 Jun 2014]\n http://www.openssl.org/news/secadv_20140605.txt\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201407-05.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2014 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. The bulletin does not apply to any other 3rd party application\n(e.g. operating system, web server, or application server) that may be\nrequired to be installed by the customer according instructions in the\nproduct install guide. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/\ndocDisplay?docId=emr_na-c04347622\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c04347622\nVersion: 1\n\nHPSBHF03052 rev.1 - HP Intelligent Management Center (iMC), HP Network\nProducts including H3C and 3COM Routers and Switches running OpenSSL, Remote\nDenial of Service (DoS), Code Execution, Unauthorized Access, Modification or\nDisclosure of Information\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2014-06-20\nLast Updated: 2014-06-20\n\nPotential Security Impact: Remote Denial of Service (DoS), code execution,\nunauthorized access, modification of information, disclosure of information\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with HP Intelligent\nManagement Center (iMC), HP Network Products including 3COM and H3C routers\nand switches running OpenSSL. The vulnerabilities could be exploited remotely\nto create a Denial of Service (DoS), execute code, allow unauthorized access,\nmodify or disclose information. \n\nReferences:\n\nCVE-2010-5298 Remote Denial of Service (DoS) or Modification of Information\nCVE-2014-0198 Remote Unauthorized Access (only iMC impacted)\nCVE-2014-0224 Remote Unauthorized Access or Disclosure of Information\nSSRT101561\nNote: All products listed are impacted by CVE-2014-0224 . iMC is also\nimpacted by CVE-2014-0198 and CVE-2010-5298\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nPlease refer to the RESOLUTION\n section below for a list of impacted products. \n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2010-5298 (AV:N/AC:H/Au:N/C:N/I:P/A:P) 4.0\nCVE-2014-0198 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2014-0224 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\nOn June 5th 2014, OpenSSL.org issued an advisory with several CVE\nvulnerabilities. HP Networking is working to release fixes for these\nvulnerabilities that impact the products in the table below. As fixed\nsoftware is made available, this security bulletin will be updated to show\nthe fixed versions. Until the software fixes are available, HP Networking is\nproviding the following information including possible workarounds to\nmitigate the risks of these vulnerabilities. \n\nDescription\n\nThe most serious issue reported is CVE-2014-0224 and it is the one discussed\nhere. To take advantage CVE-2014-0224, an attacker must:\n\nbe in between the OpenSSL client and OpenSSL server. \nbe capable of intercepting and modifying packets between the OpenSSL client\nand OpenSSL server in real time. \n\nWorkarounds\n\nHP Networking equipment is typically deployed inside firewalls and access to\nmanagement interfaces and other protocols is more tightly controlled than in\npublic environments. This deployment and security restrictions help to reduce\nthe possibility of an attacker being able to intercept both OpenSSL client\nand OpenSSL server traffic. \n\nFollowing the guidelines in the Hardening Comware-based devices can help to\nfurther reduce man-in-the-middle opportunities:\n\nhttp://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=c03536\n920\n\nFor an HP Networking device acting as an OpenSSL Server, using a patched\nOpenSSL client or non-OpenSSL client eliminates the risk. As an example, most\nmodern web browsers do not use the OpenSSL client and the sessions between\nthe HP Networking OpenSSL server and the non-OpenSSL client are not at risk\nfor this attack. For HP Networking Equipment that is using an OpenSSL client,\npatching the OpenSSL server will eliminate the risk of this attack. \n\nProtocol Notes\n\nThe following details the protocols that use OpenSSL in Comware v5 and\nComware v7:\n\nComware V7:\n\nServer:\n\nFIPS/HTTPS/Load Balancing/Session Initiation Protocol\n\nClient:\n\nLoad Balancing/OpenFlow/Session Initiation Protocol/State Machine Based\nAnti-Spoofing/Dynamic DNS\n\nComware V5:\n\nServer:\n\nCAPWAP/EAP/SSLVPN\n\nClient:\n\nDynamic DNS\n\nFamily\n Fixed Version\n HP Branded Products Impacted\n H3C Branded Products Impacted\n 3Com Branded Products Impacted\n\n12900 Switch Series\n Fix in progress\nuse mitigations\n JG619A HP FF 12910 Switch AC Chassis\nJG621A HP FF 12910 Main Processing Unit\nJG632A HP FF 12916 Switch AC Chassis\nJG634A HP FF 12916 Main Processing Unit\n\n12500\n Fix in progress\nuse mitigations\n JC085A HP A12518 Switch Chassis\nJC086A HP A12508 Switch Chassis\nJC652A HP 12508 DC Switch Chassis\nJC653A HP 12518 DC Switch Chassis\nJC654A HP 12504 AC Switch Chassis\nJC655A HP 12504 DC Switch Chassis\nJF430A HP A12518 Switch Chassis\nJF430B HP 12518 Switch Chassis\nJF430C HP 12518 AC Switch Chassis\nJF431A HP A12508 Switch Chassis\nJF431B HP 12508 Switch Chassis\nJF431C HP 12508 AC Switch Chassis\nJC072B HP 12500 Main Processing Unit\nJC808A HP 12500 TAA Main Processing Unit\n H3C S12508 Routing Switch(AC-1) (0235A0GE)\nH3C S12518 Routing Switch(AC-1) (0235A0GF)\nH3C S12508 Chassis (0235A0E6)\nH3C S12508 Chassis (0235A38N)\nH3C S12518 Chassis (0235A0E7)\nH3C S12518 Chassis (0235A38M)\n\n12500 (Comware v7)\n Fix in progress\nuse mitigations\n JC085A HP A12518 Switch Chassis\nJC086A HP A12508 Switch Chassis\nJC652A HP 12508 DC Switch Chassis\nJC653A HP 12518 DC Switch Chassis\nJC654A HP 12504 AC Switch Chassis\nJC655A HP 12504 DC Switch Chassis\nJF430A HP A12518 Switch Chassis\nJF430B HP 12518 Switch Chassis\nJF430C HP 12518 AC Switch Chassis\nJF431A HP A12508 Switch Chassis\nJF431B HP 12508 Switch Chassis\nJF431C HP 12508 AC Switch Chassis\nJC072B HP 12500 Main Processing Unit\nJG497A HP 12500 MPU w/Comware V7 OS\nJG782A HP FF 12508E AC Switch Chassis\nJG783A HP FF 12508E DC Switch Chassis\nJG784A HP FF 12518E AC Switch Chassis\nJG785A HP FF 12518E DC Switch Chassis\nJG802A HP FF 12500E MPU\n H3C S12508 Routing Switch(AC-1) (0235A0GE)\nH3C S12518 Routing Switch(AC-1) (0235A0GF)\nH3C S12508 Chassis (0235A0E6)\nH3C S12508 Chassis (0235A38N)\nH3C S12518 Chassis (0235A0E7)\nH3C S12518 Chassis (0235A38M)\n\n11900 Switch Series\n Fix in progress\nuse mitigations\n JG608A HP FF 11908-V Switch Chassis\nJG609A HP FF 11900 Main Processing Unit\n\n10500 Switch Series (Comware v5)\n Fix in progress\nuse mitigations\n JC611A HP 10508-V Switch Chassis\nJC612A HP 10508 Switch Chassis\nJC613A HP 10504 Switch Chassis\nJC614A HP 10500 Main Processing Unit\nJC748A HP 10512 Switch Chassis\nJG375A HP 10500 TAA Main Processing Unit\nJG820A HP 10504 TAA Switch Chassis\nJG821A HP 10508 TAA Switch Chassis\nJG822A HP 10508-V TAA Switch Chassis\nJG823A HP 10512 TAA Switch Chassis\n\n10500 Switch Series (Comware v7)\n Fix in progress\nuse mitigations\n JC611A HP 10508-V Switch Chassis\nJC612A HP 10508 Switch Chassis\nJC613A HP 10504 Switch Chassis\nJC748A HP 10512 Switch Chassis\nJG820A HP 10504 TAA Switch Chassis\nJG821A HP 10508 TAA Switch Chassis\nJG822A HP 10508-V TAA Switch Chassis\nJG823A HP 10512 TAA Switch Chassis\nJG496A HP 10500 Type A MPU w/Comware v7 OS\n\n9500E\n Fix in progress\nuse mitigations\n JC124A HP A9508 Switch Chassis\nJC124B HP 9505 Switch Chassis\nJC125A HP A9512 Switch Chassis\nJC125B HP 9512 Switch Chassis\nJC474A HP A9508-V Switch Chassis\nJC474B HP 9508-V Switch Chassis\n H3C S9505E Routing-Switch Chassis (0235A0G6)\nH3C S9508E-V Routing-Switch Chassis (0235A38Q)\nH3C S9512E Routing-Switch Chassis (0235A0G7)\nH3C S9508E-V Routing-Switch Chassis (0235A38Q)\nH3C S9505E Chassis w/ Fans (0235A38P)\nH3C S9512E Chassis w/ Fans (0235A38R)\n\nRouter 8800\n Fix in progress\nuse mitigations\n JC147A HP A8802 Router Chassis\nJC147B HP 8802 Router Chassis\nJC148A HP A8805 Router Chassis\nJC148B HP 8805 Router Chassis\nJC149A HP A8808 Router Chassis\nJC149B HP 8808 Router Chassis\nJC150A HP A8812 Router Chassis\nJC150B HP 8812 Router Chassis\nJC141A HP 8802 Main Control Unit Module\nJC138A HP 8805/08/12 (1E) Main Cntrl Unit Mod\nJC137A HP 8805/08/12 (2E) Main Cntrl Unit Mod\n H3C SR8805 10G Core Router Chassis (0235A0G8)\nH3C SR8808 10G Core Router Chassis (0235A0G9)\nH3C SR8812 10G Core Router Chassis (0235A0GA)\nH3C SR8802 10G Core Router Chassis (0235A0GC)\nH3C SR8802 10G Core Router Chassis (0235A31B)\nH3C SR8805 10G Core Router Chassis (0235A31C)\nH3C SR8808 10G Core Router Chassis (0235A31D)\nH3C SR8812 10G Core Router Chassis (0235A31E)\n\n7500 Switch Series\n Fix in progress\nuse mitigations\n JC666A HP A7503-S 144 Gbps Fab/MPU w 24p Gig-T\nJC697A HP A7502 TAA Main Processing Unit\nJC698A HP A7503S 144 Gbps TAA Fab/MPU w 24p GbE\nJC699A HP A7500 384Gbps TAA Fab/MPU w 2p 10-GbE\nJC700A HP A7500 384 Gbps TAA Fabric / MPU\nJC701A HP A7510 768 Gbps TAA Fabric / MPU\nJD193A HP 384 Gbps A7500 Fab Mod w/2 XFP Ports\nJD193B HP 7500 384Gbps Fab Mod w/2 XFP Ports\nJD194A HP 384 Gbps Fabric A7500 Module\nJD194B HP 7500 384Gbps Fabric Module\nJD195A HP 7500 384Gbps Advanced Fabric Module\nJD196A HP 7502 Fabric Module\nJD220A HP 7500 768Gbps Fabric Module\nJD238A HP A7510 Switch Chassis\nJD238B HP 7510 Switch Chassis\nJD239A HP A7506 Switch Chassis\nJD239B HP 7506 Switch Chassis\nJD240A HP A7503 Switch Chassis\nJD240B HP 7503 Switch Chassis\nJD241A HP A7506 Vertical Switch Chassis\nJD241B HP 7506-V Switch Chassis\nJD242A HP A7502 Switch Chassis\nJD242B HP 7502 Switch Chassis\nJD243A HP A7503 Switch Chassis w/1 Fabric Slot\nJD243B HP 7503-S Switch Chassis w/1 Fabric Slot\n H3C S7502E Ethernet Switch Chassis with Fan (0235A0G4)\nH3C S7503E Ethernet Switch Chassis with Fan (0235A0G2)\nH3C S7503E-S Ethernet Switch Chassis with Fan (0235A0G5)\nH3C S7506E Ethernet Switch Chassis with Fan (0235A0G1)\nH3C S7506E-V Ethernet Switch Chassis with Fan (0235A0G3)\nH3C S7510E Ethernet Switch Chassis with Fan (0235A0G0)\nH3C S7502E Chassis w/ fans (0235A29A)\nH3C S7503E Chassis w/ fans (0235A27R)\nH3C S7503E-S Chassis w/ fans (0235A33R)\nH3C S7506E Chassis w/ fans (0235A27Q)\nH3C S7506E-V Chassis w/ fans (0235A27S)\n\nHSR6800\n Fix in progress\nuse mitigations\n JG361A HP HSR6802 Router Chassis\nJG362A HP HSR6804 Router Chassis\nJG363A HP HSR6808 Router Chassis\nJG364A HP HSR6800 RSE-X2 Router MPU\nJG779A HP HSR6800 RSE-X2 Router TAA MPU\n\nHSR6800 Russian Version\n Fix in progress\nuse mitigations\n JG361A HP HSR6802 Router Chassis\nJG362A HP HSR6804 Router Chassis\nJG363A HP HSR6808 Router Chassis\nJG364A HP HSR6800 RSE-X2 Router MPU\nJG779A HP HSR6800 RSE-X2 Router TAA MPU\n\nHSR6602\n Fix in progress\nuse mitigations\n JG353A HP HSR6602-G Router\nJG354A HP HSR6602-XG Router\nJG776A HP HSR6602-G TAA Router\nJG777A HP HSR6602-XG TAA Router\n\nHSR6602 Russian Version\n Fix in progress\nuse mitigations\n JG353A HP HSR6602-G Router\nJG354A HP HSR6602-XG Router\nJG776A HP HSR6602-G TAA Router\nJG777A HP HSR6602-XG TAA Router\n\nA6600\n Fix in progress\nuse mitigations\n JC177A HP 6608 Router\nJC177B HP A6608 Router Chassis\nJC178A HP 6604 Router Chassis\nJC178B HP A6604 Router Chassis\nJC496A HP 6616 Router Chassis\nJC566A HP A6600 RSE-X1 Main Processing Unit\nJG780A HP 6600 RSE-X1 Router TAA MPU\n H3C RT-SR6608-OVS-H3 (0235A32X)\nH3C RT-SR6604-OVS-H3 (0235A37X)\nH3C SR6616 Router Chassis (0235A41D)\n\nA6600 Russian Version\n Fix in progress\nuse mitigations\n JC177A HP 6608 Router\nJC177B HP A6608 Router Chassis\nJC178A HP 6604 Router Chassis\nJC178B HP A6604 Router Chassis\nJC496A HP 6616 Router Chassis\nJC566A HP A6600 RSE-X1 Main Processing Unit\nJG780A HP 6600 RSE-X1 Router TAA MPU\n H3C RT-SR6608-OVS-H3 (0235A32X)\nH3C RT-SR6604-OVS-H3 (0235A37X)\nH3C SR6616 Router Chassis (0235A41D)\n\n6600 MCP\n Fix in progress\nuse mitigations\n JC177A HP 6608 Router\nJC177B HP A6608 Router Chassis\nJC178A HP 6604 Router Chassis\nJC178B HP A6604 Router Chassis\nJC496A HP 6616 Router Chassis\nJG778A HP 6600 MCP-X2 Router TAA MPU. JG355A HP 6600 MCP-X1 Router MPU\nJG356A HP 6600 MCP-X2 Router MPU\n H3C RT-SR6608-OVS-H3 (0235A32X)\nH3C RT-SR6604-OVS-H3 (0235A37X)\nH3C SR6616 Router Chassis (0235A41D)\n\n6600 MCP Russian Version\n Fix in progress\nuse mitigations\n JC177A HP 6608 Router\nJC177B HP A6608 Router Chassis\nJC178A HP 6604 Router Chassis\nJC178B HP A6604 Router Chassis\nJC496A HP 6616 Router Chassis\nJG778A HP 6600 MCP-X2 Router TAA MPU\nJG355A HP 6600 MCP-X1 Router MPU\nJG356A HP 6600 MCP-X2 Router MPU\n H3C RT-SR6608-OVS-H3 (0235A32X)\nH3C RT-SR6604-OVS-H3 (0235A37X)\nH3C SR6616 Router Chassis (0235A41D)\n\n5920 Switch Series\n Fix in progress\nuse mitigations\n JG296A HP 5920AF-24XG Switch\nJG555A HP 5920AF-24XG TAA Switch\n\n5900 Switch Series\n Fix in progress\nuse mitigations\n JC772A HP 5900AF-48XG-4QSFP+ Switch\nJG336A HP 5900AF-48XGT-4QSFP+ Switch\nJG510A HP 5900AF-48G-4XG-2QSFP+ Switch\nJG554A HP 5900AF-48XG-4QSFP+ TAA Switch\nJG838A HP FF 5900CP-48XG-4QSFP+ Switch\n\n5900 Virtual Switch\n Fix in progress\nuse mitigations\n JG814AAE HP Virtual Switch 5900v VMware E-LTU\nJG815AAE HP VSO SW for 5900v VMware E-LTU\n\n5830 Switch Series\n Fix in progress\nuse mitigations\n JC691A HP A5830AF-48G Switch w/1 Interface Slot\nJC694A HP A5830AF-96G Switch\nJG316A HP 5830AF-48G TAA Switch w/1 Intf Slot\nJG374A HP 5830AF-96G TAA Switch\n\n5820 Switch Series\n Fix in progress\nuse mitigations\n JC102A HP 5820-24XG-SFP+ Switch\nJC106A HP 5820-14XG-SFP+ Switch with 2 Slots\nJG219A HP 5820AF-24XG Switch\nJG243A HP 5820-24XG-SFP+ TAA-compliant Switch\nJG259A HP 5820X-14XG-SFP+ TAA Switch w 2 Slots\n H3C S5820X-28C 14 port (SFP Plus ) Plus 4-port BT (RJ45) Plus 2 media\nmodules Plus OSM (0235A37L)\nH3C S5820X-28S 24-port 10GBASE-X (SFP Plus ) Plus 4-port 10/100/1000BASE-T\n(RJ45) (0235A370)\n\n5800 Switch Series\n Fix in progress\nuse mitigations\n JC099A HP 5800-24G-PoE Switch\nJC100A HP 5800-24G Switch\nJC101A HP 5800-48G Switch with 2 Slots\nJC103A HP 5800-24G-SFP Switch\nJC104A HP 5800-48G-PoE Switch\nJC105A HP 5800-48G Switch\nJG225A HP 5800AF-48G Switch\nJG242A HP 5800-48G-PoE+ TAA Switch w 2 Slots\nJG254A HP 5800-24G-PoE+ TAA-compliant Switch\nJG255A HP 5800-24G TAA-compliant Switch\nJG256A HP 5800-24G-SFP TAA Switch w 1 Intf Slt\nJG257A HP 5800-48G-PoE+ TAA Switch with 1 Slot\nJG258A HP 5800-48G TAA Switch w 1 Intf Slot\n H3C S5800-32C - 24-port 1BT Plus 4-port (SFP Plus ) Plus 1 media slot\n(0235A36U)\nH3C S5800-32C-PWR - 24-port 10/100/1000BASE-T (RJ45) Plus 4-port 10GBASE-X\n(SFP Plus ) Plus 1 media module PoE (0235A36S)\nH3C S5800-32F 24-port 1000BASE-X (SFP) Plus 4-port 10GBASE-X (SFP Plus ) Plus\nmedia module (no power) (0235A374)\nH3C S5800-56C 48-port 10/100/1000BASE-T (RJ45) Plus 4port 10GBASE-X (SFP Plus\n) Plus media module (0235A379)\nH3C S5800-56C-PWR 48-port BT Plus 4 port (SFP Plus ) Plus media module\n(0235A378)\nH3C S5800-60C-PWR 48-port BT Plus 4-port SFP Plus 2 media modules Plus OSM\n(0235A36W)\n\n5500 HI Switch Series\n Fix in progress\nuse mitigations\n JG311A HP HI 5500-24G-4SFP w/2 Intf Slts Switch\nJG312A HP HI 5500-48G-4SFP w/2 Intf Slts Switch\nJG541A HP 5500-24G-PoE+-4SFP HI Switch w/2 Slt\nJG542A HP 5500-48G-PoE+-4SFP HI Switch w/2 Slt\nJG543A HP 5500-24G-SFP HI Switch w/2 Intf Slt\nJG679A HP 5500-24G-PoE+-4SFP HI TAA Swch w/2Slt\nJG680A HP 5500-48G-PoE+-4SFP HI TAA Swch w/2Slt\nJG681A HP 5500-24G-SFP HI TAA Swch w/2Slt\n\n5500 EI Switch Series\n Fix in progress\nuse mitigations\n JD373A HP 5500-24G DC EI Switch\nJD374A HP 5500-24G-SFP EI Switch\nJD375A HP 5500-48G EI Switch\nJD376A HP 5500-48G-PoE EI Switch\nJD377A HP 5500-24G EI Switch\nJD378A HP 5500-24G-PoE EI Switch\nJD379A HP 5500-24G-SFP DC EI Switch\nJG240A HP 5500-48G-PoE+ EI Switch w/2 Intf Slts\nJG241A HP 5500-24G-PoE+ EI Switch w/2 Intf Slts\nJG249A HP 5500-24G-SFP EI TAA Switch w 2 Slts\nJG250A HP 5500-24G EI TAA Switch w 2 Intf Slts\nJG251A HP 5500-48G EI TAA Switch w 2 Intf Slts\nJG252A HP 5500-24G-PoE+ EI TAA Switch w/2 Slts\nJG253A HP 5500-48G-PoE+ EI TAA Switch w/2 Slts\n H3C S5500-28C-EI Ethernet Switch (0235A253)\nH3C S5500-28F-EI Eth Switch AC Single (0235A24U)\nH3C S5500-52C-EI Ethernet Switch (0235A24X)\nH3C S5500-28C-EI-DC Ethernet Switch (0235A24S)\nH3C S5500-28C-PWR-EI Ethernet Switch (0235A255)\nH3C S5500-28F-EI Eth Swtch DC Single Pwr (0235A259)\nH3C S5500-52C-PWR-EI Ethernet Switch (0235A251)\n\n5500 SI Switch Series\n Fix in progress\nuse mitigations\n JD369A HP 5500-24G SI Switch\nJD370A HP 5500-48G SI Switch\nJD371A HP 5500-24G-PoE SI Switch\nJD372A HP 5500-48G-PoE SI Switch\nJG238A HP 5500-24G-PoE+ SI Switch w/2 Intf Slts\nJG239A HP 5500-48G-PoE+ SI Switch w/2 Intf Slts\n H3C S5500-28C-SI Ethernet Switch (0235A04U)\nH3C S5500-52C-SI Ethernet Switch (0235A04V)\nH3C S5500-28C-PWR-SI Ethernet Switch (0235A05H)\nH3C S5500-52C-PWR-SI Ethernet Switch (0235A05J)\n\n5120 EI Switch Series\n Fix in progress\nuse mitigations\n JE066A HP 5120-24G EI Switch\nJE067A HP 5120-48G EI Switch\nJE068A HP 5120-24G EI Switch with 2 Slots\nJE069A HP 5120-48G EI Switch with 2 Slots\nJE070A HP 5120-24G-PoE EI Switch with 2 Slots\nJE071A HP 5120-48G-PoE EI Switch with 2 Slots\nJG236A HP 5120-24G-PoE+ EI Switch w/2 Intf Slts\nJG237A HP 5120-48G-PoE+ EI Switch w/2 Intf Slts\nJG245A HP 5120-24G EI TAA Switch w 2 Intf Slts\nJG246A HP 5120-48G EI TAA Switch w 2 Intf Slts\nJG247A HP 5120-24G-PoE+ EI TAA Switch w 2 Slts\nJG248A HP 5120-48G-PoE+ EI TAA Switch w 2 Slts\n H3C S5120-24P-EI 24GE Plus 4ComboSFP (0235A0BQ)\nH3C S5120-28C-EI 24GE Plus 4Combo Plus 2Slt (0235A0BS)\nH3C S5120-48P-EI 48GE Plus 4ComboSFP (0235A0BR)\nH3C S5120-52C-EI 48GE Plus 4Combo Plus 2Slt (0235A0BT)\nH3C S5120-28C-PWR-EI 24G Plus 4C Plus 2S Plus POE (0235A0BU)\nH3C S5120-52C-PWR-EI 48G Plus 4C Plus 2S Plus POE (0235A0BV)\n\n5120 SI switch Series\n Fix in progress\nuse mitigations\n JE072A HP 5120-48G SI Switch\nJE073A HP 5120-16G SI Switch\nJE074A HP 5120-24G SI Switch\nJG091A HP 5120-24G-PoE+ (370W) SI Switch\nJG092A HP 5120-24G-PoE+ (170W) SI Switch\n H3C S5120-52P-SI 48GE Plus 4 SFP (0235A41W)\nH3C S5120-20P-SI L2\n16GE Plus 4SFP (0235A42B)\nH3C S5120-28P-SI 24GE Plus 4 SFP (0235A42D)\nH3C S5120-28P-HPWR-SI (0235A0E5)\nH3C S5120-28P-PWR-SI (0235A0E3)\n\n4800 G Switch Series\n Fix in progress\nuse mitigations\n JD007A HP 4800-24G Switch\nJD008A HP 4800-24G-PoE Switch\nJD009A HP 4800-24G-SFP Switch\nJD010A HP 4800-48G Switch\nJD011A HP 4800-48G-PoE Switch\n\n 3Com Switch 4800G 24-Port (3CRS48G-24-91)\n3Com Switch 4800G 24-Port SFP (3CRS48G-24S-91)\n3Com Switch 4800G 48-Port (3CRS48G-48-91)\n3Com Switch 4800G PWR 24-Port (3CRS48G-24P-91)\n3Com Switch 4800G PWR 48-Port (3CRS48G-48P-91)\n\n4510G Switch Series\n Fix in progress\nuse mitigations\n JF428A HP 4510-48G Switch\nJF847A HP 4510-24G Switch\n\n 3Com Switch 4510G 48 Port (3CRS45G-48-91)\n3Com Switch 4510G PWR 24-Port (3CRS45G-24P-91)\n3Com Switch E4510-24G (3CRS45G-24-91)\n\n4210G Switch Series\n Fix in progress\nuse mitigations\n JF844A HP 4210-24G Switch\nJF845A HP 4210-48G Switch\nJF846A HP 4210-24G-PoE Switch\n\n 3Com Switch 4210-24G (3CRS42G-24-91)\n3Com Switch 4210-48G (3CRS42G-48-91)\n3Com Switch E4210-24G-PoE (3CRS42G-24P-91)\n\n3610 Switch Series\n Fix in progress\nuse mitigations\n JD335A HP 3610-48 Switch\nJD336A HP 3610-24-4G-SFP Switch\nJD337A HP 3610-24-2G-2G-SFP Switch\nJD338A HP 3610-24-SFP Switch\n H3C S3610-52P - model LS-3610-52P-OVS (0235A22C)\nH3C S3610-28P - model LS-3610-28P-OVS (0235A22D)\nH3C S3610-28TP - model LS-3610-28TP-OVS (0235A22E)\nH3C S3610-28F - model LS-3610-28F-OVS (0235A22F)\n\n3600 V2 Switch Series\n Fix in progress\nuse mitigations\n JG299A HP 3600-24 v2 EI Switch\nJG300A HP 3600-48 v2 EI Switch\nJG301A HP 3600-24-PoE+ v2 EI Switch\nJG301B HP 3600-24-PoE+ v2 EI Switch\nJG302A HP 3600-48-PoE+ v2 EI Switch\nJG302B HP 3600-48-PoE+ v2 EI Switch\nJG303A HP 3600-24-SFP v2 EI Switch\nJG304A HP 3600-24 v2 SI Switch\nJG305A HP 3600-48 v2 SI Switch\nJG306A HP 3600-24-PoE+ v2 SI Switch\nJG306B HP 3600-24-PoE+ v2 SI Switch\nJG307A HP 3600-48-PoE+ v2 SI Switch\nJG307B HP 3600-48-PoE+ v2 SI Switch\n\n3100V2\n Fix in progress\nuse mitigations\n JD313B HP 3100-24-PoE v2 EI Switch\nJD318B HP 3100-8 v2 EI Switch\nJD319B HP 3100-16 v2 EI Switch\nJD320B HP 3100-24 v2 EI Switch\nJG221A HP 3100-8 v2 SI Switch\nJG222A HP 3100-16 v2 SI Switch\nJG223A HP 3100-24 v2 SI Switch\n\n3100V2-48\n Fix in progress\nuse mitigations\n JG315A HP 3100-48 v2 Switch\n\n1910\n Fix in progress\nuse mitigations\n JE005A HP 1910-16G Switch\nJE006A HP 1910-24G Switch\nJE007A HP 1910-24G-PoE (365W) Switch\nJE008A HP 1910-24G-PoE(170W) Switch\nJE009A HP 1910-48G Switch\nJG348A HP 1910-8G Switch\nJG349A HP 1910-8G-PoE+ (65W) Switch\nJG350A HP 1910-8G-PoE+ (180W) Switch\n 3Com Baseline Plus Switch 2900 Gigabit Family - 52 port (3CRBSG5293)\n3Com Baseline Plus Switch 2900G - 20 port (3CRBSG2093)\n3Com Baseline Plus Switch 2900G - 28 port (3CRBSG2893)\n3Com Baseline Plus Switch 2900G - 28HPWR (3CRBSG28HPWR93)\n3Com Baseline Plus Switch 2900G - 28PWR (3CRBSG28PWR93)\n\n1810v1 P2\n Fix in progress\nuse mitigations\n J9449A HP 1810-8G Switch\nJ9450A HP 1810-24G Switch\n\n1810v1 PK\n Fix in progress\nuse mitigations\n J9660A HP 1810-48G Switch\n\nMSR20\n Fix in progress\nuse mitigations\n JD432A HP A-MSR20-21 Multi-Service Router\nJD662A HP MSR20-20 Multi-Service Router\nJD663A HP MSR20-21 Multi-Service Router\nJD663B HP MSR20-21 Router\nJD664A HP MSR20-40 Multi-Service Router\nJF228A HP MSR20-40 Router\nJF283A HP MSR20-20 Router\n H3C RT-MSR2020-AC-OVS-H3C (0235A324)\nH3C RT-MSR2040-AC-OVS-H3 (0235A326)\nH3C MSR 20-20 (0235A19H)\nH3C MSR 20-21 (0235A325)\nH3C MSR 20-40 (0235A19K)\nH3C MSR-20-21 Router (0235A19J)\n\nMSR20-1X\n Fix in progress\nuse mitigations\n JD431A HP MSR20-10 Router\nJD667A HP MSR20-15 IW Multi-Service Router\nJD668A HP MSR20-13 Multi-Service Router\nJD669A HP MSR20-13 W Multi-Service Router\nJD670A HP MSR20-15 A Multi-Service Router\nJD671A HP MSR20-15 AW Multi-Service Router\nJD672A HP MSR20-15 I Multi-Service Router\nJD673A HP MSR20-11 Multi-Service Router\nJD674A HP MSR20-12 Multi-Service Router\nJD675A HP MSR20-12 W Multi-Service Router\nJD676A HP MSR20-12 T1 Multi-Service Router\nJF236A HP MSR20-15-I Router\nJF237A HP MSR20-15-A Router\nJF238A HP MSR20-15-I-W Router\nJF239A HP MSR20-11 Router\nJF240A HP MSR20-13 Router\nJF241A HP MSR20-12 Router\nJF806A HP MSR20-12-T Router\nJF807A HP MSR20-12-W Router\nJF808A HP MSR20-13-W Router\nJF809A HP MSR20-15-A-W Router\nJF817A HP MSR20-15 Router\nJG209A HP MSR20-12-T-W Router (NA)\nJG210A HP MSR20-13-W Router (NA)\n H3C MSR 20-15 Router Host(AC) 1 FE 4 LSW 1 ADSLoPOTS 1 DSIC (0235A0A8)\nH3C MSR 20-10 (0235A0A7)\nH3C RT-MSR2011-AC-OVS-H3 (0235A395)\nH3C RT-MSR2012-AC-OVS-H3 (0235A396)\nH3C RT-MSR2012-AC-OVS-W-H3 (0235A397)\nH3C RT-MSR2012-T-AC-OVS-H3 (0235A398)\nH3C RT-MSR2013-AC-OVS-H3 (0235A390)\nH3C RT-MSR2013-AC-OVS-W-H3 (0235A391)\nH3C RT-MSR2015-AC-OVS-A-H3 (0235A392)\nH3C RT-MSR2015-AC-OVS-AW-H3 (0235A393)\nH3C RT-MSR2015-AC-OVS-I-H3 (0235A394)\nH3C RT-MSR2015-AC-OVS-IW-H3 (0235A38V)\nH3C MSR 20-11 (0235A31V)\nH3C MSR 20-12 (0235A32E)\nH3C MSR 20-12 T1 (0235A32B)\nH3C MSR 20-13 (0235A31W)\nH3C MSR 20-13 W (0235A31X)\nH3C MSR 20-15 A (0235A31Q)\nH3C MSR 20-15 A W (0235A31R)\nH3C MSR 20-15 I (0235A31N)\nH3C MSR 20-15 IW (0235A31P)\nH3C MSR20-12 W (0235A32G)\n\nMSR30\n Fix in progress\nuse mitigations\n JD654A HP MSR30-60 POE Multi-Service Router\nJD657A HP MSR30-40 Multi-Service Router\nJD658A HP MSR30-60 Multi-Service Router\nJD660A HP MSR30-20 POE Multi-Service Router\nJD661A HP MSR30-40 POE Multi-Service Router\nJD666A HP MSR30-20 Multi-Service Router\nJF229A HP MSR30-40 Router\nJF230A HP MSR30-60 Router\nJF232A HP RT-MSR3040-AC-OVS-AS-H3\nJF235A HP MSR30-20 DC Router\nJF284A HP MSR30-20 Router\nJF287A HP MSR30-40 DC Router\nJF801A HP MSR30-60 DC Router\nJF802A HP MSR30-20 PoE Router\nJF803A HP MSR30-40 PoE Router\nJF804A HP MSR30-60 PoE Router\n H3C MSR 30-20 Router (0235A328)\nH3C MSR 30-40 Router Host(DC) (0235A268)\nH3C RT-MSR3020-AC-POE-OVS-H3 (0235A322)\nH3C RT-MSR3020-DC-OVS-H3 (0235A267)\nH3C RT-MSR3040-AC-OVS-H (0235A299)\nH3C RT-MSR3040-AC-POE-OVS-H3 (0235A323)\nH3C RT-MSR3060-AC-OVS-H3 (0235A320)\nH3C RT-MSR3060-AC-POE-OVS-H3 (0235A296)\nH3C RT-MSR3060-DC-OVS-H3 (0235A269)\nH3C MSR 30-20 RTVZ33020AS Router Host(AC) (0235A20S)\nH3C MSR 30-20 (0235A19L)\nH3C MSR 30-20 POE (0235A239)\nH3C MSR 30-40 (0235A20J)\nH3C MSR 30-40 POE (0235A25R)\nH3C MSR 30-60 (0235A20K)\nH3C MSR 30-60 POE (0235A25S)\nH3C RT-MSR3040-AC-OVS-AS-H3 (0235A20V)\n\nMSR30-16\n Fix in progress\nuse mitigations\n JD659A HP MSR30-16 POE Multi-Service Router\nJD665A HP MSR30-16 Multi-Service Router\nJF233A HP MSR30-16 Router\nJF234A HP MSR30-16 PoE Router\n H3C RT-MSR3016-AC-OVS-H3 (0235A327)\nH3C RT-MSR3016-AC-POE-OVS-H3 (0235A321)\nH3C MSR 30-16 (0235A237)\nH3C MSR 30-16 POE (0235A238)\n\nMSR30-1X\n Fix in progress\nuse mitigations\n JF800A HP MSR30-11 Router\nJF816A HP MSR30-10 2 FE /2 SIC /1 MIM MS Rtr\nJG182A HP MSR30-11E Router\nJG183A HP MSR30-11F Router\nJG184A HP MSR30-10 DC Router\n H3C MSR 30-10 Router Host(AC) 2FE 2SIC 1XMIM 256DDR (0235A39H)\nH3C RT-MSR3011-AC-OVS-H3 (0235A29L)\n\nMSR50\n Fix in progress\nuse mitigations\n JD433A HP MSR50-40 Router\nJD653A HP MSR50 Processor Module\nJD655A HP MSR50-40 Multi-Service Router\nJD656A HP MSR50-60 Multi-Service Router\nJF231A HP MSR50-60 Router\nJF285A HP MSR50-40 DC Router\nJF640A HP MSR50-60 Rtr Chassis w DC PwrSupply\n H3C MSR 50-40 Router (0235A297)\nH3C MSR5040-DC-OVS-H3C (0235A20P)\nH3C RT-MSR5060-AC-OVS-H3 (0235A298)\nH3C MSR 50-40 Chassis (0235A20N)\nH3C MSR 50-60 Chassis (0235A20L)\n\nMSR50-G2\n Fix in progress\nuse mitigations\n JD429A HP MSR50 G2 Processor Module\nJD429B HP MSR50 G2 Processor Module\n H3C H3C MSR 50 Processor Module-G2 (0231A84Q)\nH3C MSR 50 High Performance Main Processing Unit 3GE (Combo)\n256F/1GD(0231A0KL)\n\nMSR20 Russian version\n Fix in progress\nuse mitigations\n JD663B HP MSR20-21 Router\nJF228A HP MSR20-40 Router\nJF283A HP MSR20-20 Router\n H3C RT-MSR2020-AC-OVS-H3C (0235A324)\nH3C RT-MSR2040-AC-OVS-H3 (0235A326)\n\nMSR20-1X Russian version\n Fix in progress\nuse mitigations\n JD431A HP MSR20-10 Router\nJF236A HP MSR20-15-I Router\nJF237A HP MSR20-15-A Router\nJF238A HP MSR20-15-I-W Router\nJF239A HP MSR20-11 Router\nJF240A HP MSR20-13 Router\nJF241A HP MSR20-12 Router\nJF806A HP MSR20-12-T Router\nJF807A HP MSR20-12-W Router\nJF808A HP MSR20-13-W Router\nJF809A HP MSR20-15-A-W Router\nJF817A HP MSR20-15 Router\n H3C MSR 20-10 (0235A0A7)\nH3C RT-MSR2015-AC-OVS-I-H3 (0235A394)\nH3C RT-MSR2015-AC-OVS-A-H3 (0235A392)\nH3C RT-MSR2015-AC-OVS-AW-H3 (0235A393)\nH3C RT-MSR2011-AC-OVS-H3 (0235A395)\nH3C RT-MSR2013-AC-OVS-H3 (0235A390)\nH3C RT-MSR2012-AC-OVS-H3 (0235A396)\nH3C RT-MSR2012-T-AC-OVS-H3 (0235A398)\nH3C RT-MSR2012-AC-OVS-W-H3 (0235A397)\nH3C RT-MSR2013-AC-OVS-W-H3 (0235A391)\nH3C RT-MSR2015-AC-OVS-IW-H3 (0235A38V)\nH3C MSR 20-15 Router Host(AC) 1 FE 4 LSW 1 ADSLoPOTS 1 DSIC (0235A0A8)\n\nMSR30 Russian version\n Fix in progress\nuse mitigations\n JF229A HP MSR30-40 Router\nJF230A HP MSR30-60 Router\nJF235A HP MSR30-20 DC Router\nJF284A HP MSR30-20 Router\nJF287A HP MSR30-40 DC Router\nJF801A HP MSR30-60 DC Router\nJF802A HP MSR30-20 PoE Router\nJF803A HP MSR30-40 PoE Router\nJF804A HP MSR30-60 PoE Router\n H3C RT-MSR3040-AC-OVS-H (0235A299)\nH3C RT-MSR3060-AC-OVS-H3 (0235A320)\nH3C RT-MSR3020-DC-OVS-H3 (0235A267)\nH3C MSR 30-20 Router (0235A328)\nH3C MSR 30-40 Router Host(DC) (0235A268)\nH3C RT-MSR3060-DC-OVS-H3 (0235A269)\nH3C RT-MSR3020-AC-POE-OVS-H3 (0235A322)\nH3C RT-MSR3040-AC-POE-OVS-H3 (0235A323)\nH3C RT-MSR3060-AC-POE-OVS-H3 (0235A296)\n\nMSR30-1X Russian version\n Fix in progress\nuse mitigations\n JF800A HP MSR30-11 Router\nJF816A HP MSR30-10 2 FE /2 SIC /1 MIM MS Rtr\nJG182A HP MSR30-11E Router\nJG183A HP MSR30-11F Router\nJG184A HP MSR30-10 DC Router\n H3C RT-MSR3011-AC-OVS-H3 (0235A29L)\nH3C MSR 30-10 Router Host(AC) 2FE 2SIC 1XMIM 256DDR (0235A39H)\n\nMSR30-16 Russian version\n Fix in progress\nuse mitigations\n JF233A HP MSR30-16 Router\nJF234A HP MSR30-16 PoE Router\n H3C RT-MSR3016-AC-OVS-H3 (0235A327)\nH3C RT-MSR3016-AC-POE-OVS-H3 (0235A321)\n\nMSR50 Russian version\n Fix in progress\nuse mitigations\n JD433A HP MSR50-40 Router\nJD653A HP MSR50 Processor Module\nJD655A HP MSR50-40 Multi-Service Router\nJD656A HP MSR50-60 Multi-Service Router\nJF231A HP MSR50-60 Router\nJF285A HP MSR50-40 DC Router\nJF640A HP MSR50-60 Rtr Chassis w DC PwrSupply\n H3C MSR 50-40 Router (0235A297)\nH3C MSR 50 Processor Module (0231A791)\nH3C MSR 50-40 Chassis (0235A20N)\nH3C MSR 50-60 Chassis (0235A20L)\nH3C RT-MSR5060-AC-OVS-H3 (0235A298)\nH3C MSR5040-DC-OVS-H3C (0235A20P)\n\nMSR50 G2 Russian version\n Fix in progress\nuse mitigations\n JD429B HP MSR50 G2 Processor Module\n H3C MSR 50 High Performance Main Processing Unit 3GE (Combo) 256F/1GD\n(0231A0KL)\n\nMSR9XX\n Fix in progress\nuse mitigations\n JF812A HP MSR900 Router\nJF813A HP MSR920 Router\nJF814A HP MSR900-W Router\nJF815A HP MSR920 2FEWAN/8FELAN/.11b/g Rtr\nJG207A HP MSR900-W Router (NA)\nJG208A HP MSR920-W Router (NA)\n H3C MSR 900 Router with 802.11b/g 2 FE WAN 4 FE LAN 256DDR 802.11b\n(0235A0C2)\nH3C MSR 900 Router 2 FE WAN 4 FE LAN 256DDR (0235A0BX)\nH3C MSR 920 Router with 802.11b/g 2 FE WAN 8 FE LAN 256DDR (0235A0C4)\nH3C MSR 920 Router 2 FE WAN 8 FE LAN 256DDR (0235A0C0)\n\nMSR9XX Russian version\n Fix in progress\nuse mitigations\n JF812A HP MSR900 Router\nJF813A HP MSR920 Router\nJF814A HP MSR900-W Router\nJF815A HP MSR920 2FEWAN/8FELAN/.11b/g Rtr\n H3C MSR 900 Router 2 FE WAN 4 FE LAN 256DDR (0235A0BX)\nH3C MSR 920 Router 2 FE WAN 8 FE LAN 256DDR (0235A0C0)\nH3C MSR 900 Router with 802.11b/g 2 FE WAN 4 FE LAN 256DDR 802.11b (0235A0C2)\nH3C MSR 920 Router with 802.11b/g 2 FE WAN 8 FE LAN 256DDR (0235A0C4)\n\nMSR93X\n Fix in progress\nuse mitigations\n JG511A HP MSR930 Router\nJG512A HP MSR930 Wireless Router\nJG513A HP MSR930 3G Router\nJG514A HP MSR931 Router\nJG515A HP MSR931 3G Router\nJG516A HP MSR933 Router\nJG517A HP MSR933 3G Router\nJG518A HP MSR935 Router\nJG519A HP MSR935 Wireless Router\nJG520A HP MSR935 3G Router\nJG531A HP MSR931 Dual 3G Router\nJG596A HP MSR930 4G LTE/3G CDMA Router\nJG597A HP MSR936 Wireless Router\nJG665A HP MSR930 4G LTE/3G WCDMA Global Router\nJG704A HP MSR930 4G LTE/3G WCDMA ATT Router\n\nMSR93X Russian version\n Fix in progress\nuse mitigations\n JG511A HP MSR930 Router\nJG512A HP MSR930 Wireless Router\nJG513A HP MSR930 3G Router\nJG514A HP MSR931 Router\nJG515A HP MSR931 3G Router\nJG516A HP MSR933 Router\nJG517A HP MSR933 3G Router\nJG518A HP MSR935 Router\nJG519A HP MSR935 Wireless Router\nJG520A HP MSR935 3G Router\nJG531A HP MSR931 Dual 3G Router\nJG596A HP MSR930 4G LTE/3G CDMA Router\nJG597A HP MSR936 Wireless Router\nJG665A HP MSR930 4G LTE/3G WCDMA Global Router\nJG704A HP MSR930 4G LTE/3G WCDMA ATT Router\n\nMSR1000\n Fix in progress\nuse mitigations\n JG732A HP MSR1003-8 AC Router\n\nMSR2000\n Fix in progress\nuse mitigations\n JG411A HP MSR2003 AC Router\n\nMSR3000\n Fix in progress\nuse mitigations\n JG404A HP MSR3064 Router\nJG405A HP MSR3044 Router\nJG406A HP MSR3024 AC Router\nJG409A HP MSR3012 AC Router\nJG861A HP MSR3024 TAA-compliant AC Router\n\nMSR4000\n Fix in progress\nuse mitigations\n JG402A HP MSR4080 Router Chassis\nJG403A HP MSR4060 Router Chassis\nJG412A HP MSR4000 MPU-100 Main Processing Unit\n\nF5000\n Fix in progress\nuse mitigations\n JG216A HP F5000 Firewall Standalone Chassis\nJD259A HP A5000-A5 VPN Firewall Chassis\n H3C SecPath F5000-A5 Host System (0150A0AG)\n\nU200S and CS\n Fix in progress\nuse mitigations\n JD268A HP 200-CS UTM Appliance\nJD273A HP U200-S UTM Appliance\n H3C SecPath U200-S (0235A36N)\n\nU200A and M\n Fix in progress\nuse mitigations\n JD274A HP 200-M UTM Appliance\nJD275A HP U200-A UTM Appliance\n H3C SecPath U200-A (0235A36Q)\n\nF1000A and S\n Fix in progress\nuse mitigations\n JD270A HP S1000-S VPN Firewall Appliance\nJD271A HP S1000-A VPN Firewall Appliance\nJG213A HP F1000-S-EI VPN Firewall Appliance\nJG214A HP F1000-A-EI VPN Firewall Appliance\n\nSecBlade FW\n Fix in progress\nuse mitigations\n JC635A HP 12500 VPN Firewall Module\nJD245A HP 9500 VPN Firewall Module\nJD249A HP 10500/7500 Advanced VPN Firewall Mod\nJD250A HP 6600 Firewall Processing Rtr Module\nJD251A HP 8800 Firewall Processing Module\nJD255A HP 5820 VPN Firewall Module\n H3C S9500E SecBlade VPN Firewall Module (0231A0AV)\nH3C S7500E SecBlade VPN Firewall Module (0231A832)\nH3C SR66 Gigabit Firewall Module (0231A88A)\nH3C SR88 Firewall Processing Module (0231A88L)\nH3C S5820 SecBlade VPN Firewall Module (0231A94J)\n\nF1000E\n Fix in progress\nuse mitigations\n JD272A HP S1000-E VPN Firewall Appliance\n\nVSR1000\n Fix in progress\nuse mitigations\n JG810AAE HP VSR1001 Virtual Services Router\nJG811AAE HP VSR1001 Virtual Services Router\nJG812AAE HP VSR1004 Virtual Services Router\nJG813AAE HP VSR1008 Virtual Services Router\n\nWX5002/5004\n Fix in progress\nuse mitigations\n JD441A HP 5800 ACM for 64-256 APs\nJD447B HP WX5002 Access Controller\nJD448A HP A-WX5004 Access Controller\nJD448B HP WX5004 Access Controller\nJD469A HP A-WX5004 (3Com) Access Controller\nJG261A HP 5800 Access Controller OAA TAA Mod\n\nHP 850/870\n Fix in progress\nuse mitigations\n JG723A HP 870 Unified Wired-WLAN Appliance\nJG725A HP 870 Unifd Wrd-WLAN TAA Applnc\n\nHP 830\n Fix in progress\nuse mitigations\n JG640A HP 830 24P PoE+ Unifd Wired-WLAN Swch\nJG641A HP 830 8P PoE+ Unifd Wired-WLAN Swch\nJG646A HP 830 24-Port PoE+ Wrd-WLAN TAA Switch\nJG647A HP 830 8-Port PoE+ Wrd-WLAN TAA Switch\n\nHP 6000\n Fix in progress\nuse mitigations\n JG639A HP 10500/7500 20G Unified Wired-WLAN Mod\nJG645A HP 10500/7500 20G Unifd Wrd-WLAN TAA Mod\n\nM220\n Fix in progress\nuse mitigations\n J9798A HP M220 802.11n AM Access Point\nJ9799A HP M220 802.11n WW Access Point\n\nNGFW\n Fix in progress\nuse mitigations\n JC882A HP S1050F NGFW Aplnc w/DVLabs 1-yr Lic\nJC883A HP S3010F NGFW Aplnc w/DVLabs 1-yr Lic\nJC884A HP S3020F NGFW Aplnc w/DVLabs 1-yr Lic\nJC885A HP S8005F NGFW Aplnc w/DVLabs 1-yr Lic\nJC886A HP S8010F NGFW Aplnc w/DVLabs 1-yr Lic\n\niMC UAM 7.0\n Fix in progress\nuse mitigations\n JD144A HP IMC UAM S/W Module w/200-User License\nJF388A HP IMC UAM S/W Module w/200-user License\nJD435A HP IMC EAD Client Software\nJF388AAE HP IMC UAM S/W Module w/200-user E-LTU\nJG752AAE HP IMC UAM SW Mod w/ 50-user E-LTU\n\niMC EAD 7.0\n Fix in progress\nuse mitigations\n JF391AAE HP IMC EAD S/W Module w/200-user E-LTU\nJG754AAE HP IMC EAD SW Module w/ 50-user E-LTU\nJD147A HP IMC Endpoint Admission Defense Software Module with 200-user\nLicense\nJF391A HP IMC EAD S/W Module w/200-user License\n\niMC PLAT 7.0\n Fix in progress\nuse mitigations\n JF377AAE HP IMC Standard Edition Software Platform with 100-node E-LTU\nJG549AAE HP PCM+ to IMC Std Upgr w/200-node E-LTU\nJG747AAE HP IMC Standard Software Platform with 50-node E-LTU\nJG768AAE HP PCM+ to IMC Std Upg w/ 200-node E-LTU\nJD125A HP IMC Standard Edition Software Platform with 100-node License\nJD815A HP IMC Standard Edition Software Platform with 100-node License\nJD816A HP A-IMC Standard Edition Software DVD Media\nJF377A HP IMC Standard Edition Software Platform with 100-node License\nJF288AAE HP Network Director to Intelligent Management Center Upgrade E-LTU\nJF289AAE HP Enterprise Management System to Intelligent Management Center\nUpgrade E-LTU\nTJ635AAE HP IMC for ANM 50 node pack SW E-LTU (On HP Softwares CPL\nnot HPNs)\nJF378AAE HP IMC Enterprise Edition Software Platform with 200-Node E-LTU\nJG748AAE HP IMC Enterprise Software Platform with 50-node E-LTU\nJD126A HP A-IMC Enterprise Software Platform with 200-node License\nJD808A HP A-IMC Enterprise Software Platform with 200-node License\nJD814A HP A-IMC Enterprise Edition Software DVD Media\nJF378A HP IMC Enterprise Edition Software Platform with 200-node License\nJG546AAE HP IMC Basic SW Platform w/50-node E-LTU\nJG548AAE HP PCM+ to IMC Bsc Upgr w/50-node E-LTU\nJG550AAE HP PMM to IMC Bsc WLM Upgr w/150 AP E-LTU\nJG590AAE HP IMC Bsc WLAN Mgr SW Pltfm 50 AP E-LTU\nJG659AAE HP IMC Smart Connect Virtual Appliance Edition E-LTU\nJG766AAE HP IMC Smart Connect Virtual Appliance Edition E-LTU\nJG660AAE HP IMC Smart Connect w / WLAN Manager Virtual Appliance Edition\nE-LTU\nJG767AAE HP IMC Smart Connect with Wireless Service Manager Virtual Appliance\nSoftware E-LTU\n\nHISTORY\nVersion:1 (rev.1) - 20 June 2014 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2014 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.13 (GNU/Linux)\n\niEYEARECAAYFAlOkrM4ACgkQ4B86/C0qfVn7/QCeK5T1H9dXfVQgIKSr5USqLmvq\nCtMAnjujH7e5aXfIOvxyyuB0FcSwIWCM\n=CEL7\n-----END PGP SIGNATURE-----\n. \nOpenSSL is a 3rd party product that is embedded with some HP printer\nproducts. This bulletin notifies HP Printer customers about impacted\nproducts. To obtain the updated firmware, go to www.hp.com and follow\nthese steps:\n\nSelect \"Drivers \u0026 Software\". \nEnter the appropriate product name listed in the table below into the search\nfield. \nClick on \"Search\". \nClick on the appropriate product. \nUnder \"Select operating system\" click on \"Cross operating system (BIOS,\nFirmware, Diagnostics, etc.)\"\nNote: If the \"Cross operating system ...\" link is not present, select\napplicable Windows operating system from the list. \nSelect the appropriate firmware update under \"Firmware\". \n\nFirmware Updates Table\n\nProduct Name\n Model Number\n Firmware Revision\n\nHP Color LaserJet CM4540 MFP\n CC419A, CC420A, CC421A\n v 2302963_436067 (or higher)\n\nHP Color LaserJet CP5525\n CE707A,CE708A,CE709A\n v 2302963_436070 (or higher)\n\nHP Color LaserJet Enterprise M750\n D3L08A, D3L09A, D3L10A\n v 2302963_436077 (or higher)\n\nHP Color LaserJet M651\n CZ255A, CZ256A, CZ257A, CZ258A\n v 2302963_436073 (or higher)\n\nHP Color LaserJet M680\n CZ248A, CZ249A\n v 2302963_436072 (or higher)\n\nHP Color LaserJet Flow M680\n CZ250A, CA251A\n v 2302963_436072 (or higher)\n\nHP LaserJet Enterprise 500 color MFP M575dn\n CD644A, CD645A\n v 2302963_436081 (or higher)\n\nHP LaserJet Enterprise 500 MFP M525f\n CF116A, CF117A\n v 2302963_436069 (or higher)\n\nHP LaserJet Enterprise 600 M601 Series\n CE989A, CE990A\n v 2302963_436082 (or higher)\n\nHP LaserJet Enterprise 600 M602 Series\n CE991A, CE992A, CE993A\n v 2302963_436082 (or higher)\n\nHP LaserJet Enterprise 600 M603 Series\n CE994A, CE995A, CE996A\n v 2302963_436082 (or higher)\n\nHP LaserJet Enterprise MFP M630 series\n B3G84A, B3G85A, B3G86A, J7X28A\n v 2303714_233000041 (or higher)\n\nHP LaserJet Enterprise 700 color M775 series\n CC522A, CC523A, CC524A, CF304A\n v 2302963_436079 (or higher)\n\nHP LaserJet Enterprise 700 M712 series\n CF235A, CF236A, CF238A\n v 2302963_436080 (or higher)\n\nHP LaserJet Enterprise 800 color M855\n A2W77A, A2W78A, A2W79A\n v 2302963_436076 (or higher)\n\nHP LaserJet Enterprise 800 color MFP M880\n A2W76A, A2W75A, D7P70A, D7P71A\n v 2302963_436068 (or higher)\n\nHP LaserJet Enterprise Color 500 M551 Series\n CF081A,CF082A,CF083A\n v 2302963_436083 (or higher)\n\nHP LaserJet Enterprise color flow MFP M575c\n CD646A\n v 2302963_436081 (or higher)\n\nHP LaserJet Enterprise flow M830z MFP\n CF367A\n v 2302963_436071 (or higher)\n\nHP LaserJet Enterprise flow MFP M525c\n CF118A\n v 2302963_436069 (or higher)\n\nHP LaserJet Enterprise M4555 MFP\n CE502A,CE503A, CE504A, CE738A\n v 2302963_436064 (or higher)\n\nHP LaserJet Enterprise M806\n CZ244A, CZ245A\n v 2302963_436075 (or higher)\n\nHP LaserJet Enterprise MFP M725\n CF066A, CF067A, CF068A, CF069A\n v 2302963_436078 (or higher)\n\nHP Scanjet Enterprise 8500 Document Capture Workstation\n L2717A, L2719A\n v 2302963_436065 (or higher)\n\nOfficeJet Enterprise Color MFP X585\n B5L04A, B5L05A,B5L07A\n v 2302963_436066 (or higher)\n\nOfficeJet Enterprise Color X555\n C2S11A, C2S12A\n v 2302963_436074 (or higher)\n\nHP Color LaserJet CP3525\n CC468A, CC469A, CC470A, CC471A\n v 06.183.1 (or higher)\n\nHP LaserJet M4345 Multifunction Printer\n CB425A, CB426A, CB427A, CB428A\n v 48.306.1 (or higher)\n\nHP LaserJet M5025 Multifunction Printer\n Q7840A\n v 48.306.1 (or higher)\n\nHP Color LaserJet CM6040 Multifunction Printer\n Q3938A, Q3939A\n v 52.256.1 (or higher)\n\nHP Color LaserJet Enterprise CP4525\n CC493A, CC494A, CC495A\n v 07.164.1 (or higher)\n\nHP Color LaserJet Enterprise CP4025\n CC489A, CC490A\n v 07.164.1 (or higher)\n\nHP LaserJet M5035 Multifunction Printer\n Q7829A, Q7830A, Q7831A\n v 48.306.1 (or higher)\n\nHP LaserJet M9050 Multifunction Printer\n CC395A\n v 51.256.1 (or higher)\n\nHP LaserJet M9040 Multifunction Printer\n CC394A\n v 51.256.1 (or higher)\n\nHP Color LaserJet CM4730 Multifunction Printer\n CB480A, CB481A, CB482A, CB483A\n v 50.286.1 (or higher)\n\nHP LaserJet M3035 Multifunction Printer\n CB414A, CB415A, CC476A, CC477A\n v 48.306.1 (or higher)\n\nHP 9250c Digital Sender\n CB472A\n v 48.293.1 (or higher)\n\nHP LaserJet Enterprise P3015\n CE525A,CE526A,CE527A,CE528A,CE595A\n v 07.186.1 (or higher)\n\nHP LaserJet M3027 Multifunction Printer\n CB416A, CC479A\n v 48.306.1 (or higher)\n\nHP LaserJet CM3530 Multifunction Printer\n CC519A, CC520A\n v 53.236.1 (or higher)\n\nHP Color LaserJet CP6015\n Q3931A, Q3932A, Q3933A, Q3934A, Q3935A\n v 04.203.1 (or higher)\n\nHP LaserJet P4515\n CB514A,CB515A, CB516A, CB517A\n v 04.213.1 (or higher)\n\nHP Color LaserJet CM6030 Multifunction Printer\n CE664A, CE665A\n v 52.256.1 (or higher)\n\nHP LaserJet P4015\n CB509A, CB526A, CB511A, CB510A\n v 04.213.1 (or higher)\n\nHP LaserJet P4014\n CB507A, CB506A, CB512A\n v 04.213.1 (or higher)\n\nHISTORY\nVersion:1 (rev.1) - 22 September 2014 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0224"
},
{
"db": "BID",
"id": "67899"
},
{
"db": "VULMON",
"id": "CVE-2014-0224"
},
{
"db": "PACKETSTORM",
"id": "127936"
},
{
"db": "PACKETSTORM",
"id": "127166"
},
{
"db": "PACKETSTORM",
"id": "127630"
},
{
"db": "PACKETSTORM",
"id": "127422"
},
{
"db": "PACKETSTORM",
"id": "127403"
},
{
"db": "PACKETSTORM",
"id": "127190"
},
{
"db": "PACKETSTORM",
"id": "128345"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-0224",
"trust": 2.7
},
{
"db": "JUNIPER",
"id": "JSA10629",
"trust": 1.9
},
{
"db": "CERT/CC",
"id": "VU#978508",
"trust": 1.9
},
{
"db": "MCAFEE",
"id": "SB10075",
"trust": 1.9
},
{
"db": "SECUNIA",
"id": "59824",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59310",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59380",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59661",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59162",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59666",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59191",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59188",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "60176",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59375",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59101",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59441",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59163",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59142",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59126",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59186",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "60567",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59189",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59437",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59445",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "58639",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59282",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59132",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59506",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59383",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59135",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59342",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59659",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59364",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "58492",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "60066",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "58337",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "60571",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59192",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "58667",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59223",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59004",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59459",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59990",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59214",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59338",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59438",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59429",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59287",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "60577",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59530",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59448",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "58759",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59012",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59894",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59175",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59055",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59669",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59368",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59518",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "58714",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "58716",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "60049",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59043",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59655",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59878",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59370",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59449",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59435",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59491",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59495",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59514",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59120",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "58579",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59721",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59529",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59284",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59389",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "58745",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59167",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "58128",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "58977",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59442",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59040",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "58939",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59784",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59093",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59454",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59885",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "58660",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59460",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59354",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "58743",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59362",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "58945",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59446",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59602",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59305",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "58433",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59502",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59374",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59264",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59528",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "58713",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59325",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59450",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "58385",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "60819",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59525",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59490",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59231",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59365",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "61254",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59301",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59440",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59202",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59451",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59190",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59447",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59589",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "60522",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "58742",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59677",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59300",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59306",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "61815",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59413",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59483",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59063",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "58719",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59444",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59211",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59827",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59215",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59347",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "58930",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "59916",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "58615",
"trust": 1.6
},
{
"db": "SIEMENS",
"id": "SSA-234763",
"trust": 1.6
},
{
"db": "SECTRACK",
"id": "1031594",
"trust": 1.6
},
{
"db": "SECTRACK",
"id": "1031032",
"trust": 1.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4645",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.0696",
"trust": 0.6
},
{
"db": "LENOVO",
"id": "LEN-24443",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201406-080",
"trust": 0.6
},
{
"db": "DLINK",
"id": "SAP10045",
"trust": 0.3
},
{
"db": "DLINK",
"id": "SAP10046",
"trust": 0.3
},
{
"db": "JUNIPER",
"id": "JSA10643",
"trust": 0.3
},
{
"db": "JUNIPER",
"id": "JSA10659",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-17-094-04",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-14-198-03F",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-14-198-03G",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-14-198-03B",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-14-198-03C",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-14-198-03",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-14-198-03D",
"trust": 0.3
},
{
"db": "JVN",
"id": "JVN61247051",
"trust": 0.3
},
{
"db": "BID",
"id": "67899",
"trust": 0.3
},
{
"db": "VULMON",
"id": "CVE-2014-0224",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127936",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127166",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127630",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127422",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127403",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127190",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128345",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-0224"
},
{
"db": "BID",
"id": "67899"
},
{
"db": "PACKETSTORM",
"id": "127936"
},
{
"db": "PACKETSTORM",
"id": "127166"
},
{
"db": "PACKETSTORM",
"id": "127630"
},
{
"db": "PACKETSTORM",
"id": "127422"
},
{
"db": "PACKETSTORM",
"id": "127403"
},
{
"db": "PACKETSTORM",
"id": "127190"
},
{
"db": "PACKETSTORM",
"id": "128345"
},
{
"db": "CNNVD",
"id": "CNNVD-201406-080"
},
{
"db": "NVD",
"id": "CVE-2014-0224"
}
]
},
"id": "VAR-201406-0445",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.4594171644
},
"last_update_date": "2024-07-23T21:30:24.345000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "openssl-1.0.1h",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=51081"
},
{
"title": "openssl-1.0.0m",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=51080"
},
{
"title": "openssl-0.9.8za",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=51079"
},
{
"title": "Amazon Linux AMI: ALAS-2014-351",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2014-351"
},
{
"title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBPI03107 rev.3 - Certain HP LaserJet Printers, MFPs and Certain HP OfficeJet Enterprise Printers using OpenSSL, Remote Unauthorized Access",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=d0eef6c81e529a1b8e4ea4b72eaef4d0"
},
{
"title": "Amazon Linux AMI: ALAS-2014-350",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2014-350"
},
{
"title": "Siemens Security Advisories: Siemens Security Advisory",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=b92b65104373bc8476811ff1b99cd369"
},
{
"title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBPI03107 rev.3 - Certain HP LaserJet Printers, MFPs and Certain HP OfficeJet Enterprise Printers using OpenSSL, Remote Unauthorized Access",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=a7d1e620ea07a6fd4d3ec24012763337"
},
{
"title": "Red Hat: CVE-2014-0224",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2014-0224"
},
{
"title": "Ubuntu Security Notice: openssl regression",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-2232-3"
},
{
"title": "HP: HPSBPI03107 rev.3 - Certain HP LaserJet Printers, MFPs and Certain HP OfficeJet Enterprise Printers using OpenSSL, Remote Unauthorized Access",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=hpsbpi03107"
},
{
"title": "Ubuntu Security Notice: openssl vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-2232-4"
},
{
"title": "Ubuntu Security Notice: openssl vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-2232-1"
},
{
"title": "Ubuntu Security Notice: openssl regression",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-2232-2"
},
{
"title": "Debian Security Advisories: DSA-2950-1 openssl -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=909292f2afe623fbec51f7ab6b32f790"
},
{
"title": "Debian CVElist Bug Report Logs: openssl: CVE-2014-0224, CVE-2014-0221, CVE-2014-0195, CVE-2014-0198, CVE-2010-5298, CVE-2014-3470",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=07d14df4883f21063a053cea8d2239c6"
},
{
"title": "Tenable Security Advisories: [R8] Tenable Products Affected by OpenSSL \u0027CCS Injection\u0027 Vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=tns-2014-03"
},
{
"title": "Amazon Linux AMI: ALAS-2014-349",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2014-349"
},
{
"title": "Debian CVElist Bug Report Logs: virtualbox: CVE-2014-6588 CVE-2014-6589 CVE-2014-6590 CVE-2014-6595 CVE-2015-0418 CVE-2015-0427",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=eee4d8c3e2b11de5b15ee65d96af6c60"
},
{
"title": "Symantec Security Advisories: SA80 : OpenSSL Security Advisory 05-Jun-2014",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=dd4667746d163d08265dfdd4c98e4201"
},
{
"title": "Citrix Security Bulletins: Citrix Security Advisory for OpenSSL Vulnerabilities (June 2014)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins\u0026qid=afbd3a710e98424e558b1b21482abad6"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2014-0224 "
},
{
"title": "crochet-technologies",
"trust": 0.1,
"url": "https://github.com/crochet-technology/crochet-technologies "
},
{
"title": "openssl-ccs-cve-2014-0224",
"trust": 0.1,
"url": "https://github.com/ssllabs/openssl-ccs-cve-2014-0224 "
},
{
"title": "android-development-best-practices",
"trust": 0.1,
"url": "https://github.com/niharika2810/android-development-best-practices "
},
{
"title": "ssl-grader",
"trust": 0.1,
"url": "https://github.com/sslyze410-sslgrader-wciphersuite-info/ssl-grader "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/dtarnawsky/capacitor-plugin-security-provider "
},
{
"title": "qualysparser",
"trust": 0.1,
"url": "https://github.com/pr4jwal/qualysparser "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/wanderwille/13.01 "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-0224"
},
{
"db": "CNNVD",
"id": "CNNVD-201406-080"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-326",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0224"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://support.citrix.com/article/ctx140876"
},
{
"trust": 2.5,
"url": "http://www.vmware.com/security/advisories/vmsa-2014-0006.html"
},
{
"trust": 2.2,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676615"
},
{
"trust": 2.2,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21676793"
},
{
"trust": 2.2,
"url": "http://www.ibm.com/support/docview.wss?uid=isg3t1020948"
},
{
"trust": 2.2,
"url": "http://www.ibm.com/support/docview.wss?uid=swg1it02314"
},
{
"trust": 2.2,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21676877"
},
{
"trust": 2.2,
"url": "http://www.vmware.com/security/advisories/vmsa-2014-0012.html"
},
{
"trust": 2.2,
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm"
},
{
"trust": 2.2,
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1s1004678"
},
{
"trust": 2.2,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21676356"
},
{
"trust": 2.2,
"url": "http://www.ibm.com/support/docview.wss?uid=swg24037783"
},
{
"trust": 2.0,
"url": "http://www.openssl.org/news/secadv_20140605.txt"
},
{
"trust": 1.9,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=kb29217"
},
{
"trust": 1.9,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10629"
},
{
"trust": 1.9,
"url": "https://blogs.oracle.com/sunsecurity/entry/cve_2014_0224_cryptographic_issues1"
},
{
"trust": 1.9,
"url": "https://blogs.oracle.com/sunsecurity/entry/cve_2014_0224_cryptographic_issues"
},
{
"trust": 1.9,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678167"
},
{
"trust": 1.9,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678233"
},
{
"trust": 1.9,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=kb29195"
},
{
"trust": 1.9,
"url": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15325.html"
},
{
"trust": 1.9,
"url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc"
},
{
"trust": 1.9,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"trust": 1.9,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"trust": 1.9,
"url": "http://www.f-secure.com/en/web/labs_global/fsc-2014-6"
},
{
"trust": 1.9,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037730"
},
{
"trust": 1.9,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037727"
},
{
"trust": 1.9,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676655"
},
{
"trust": 1.9,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21675821"
},
{
"trust": 1.9,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676071"
},
{
"trust": 1.9,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095757"
},
{
"trust": 1.9,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095756"
},
{
"trust": 1.9,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676833"
},
{
"trust": 1.9,
"url": "https://kb.bluecoat.com/index?page=content\u0026id=sa80"
},
{
"trust": 1.9,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10075"
},
{
"trust": 1.9,
"url": "http://www.fortiguard.com/advisory/fg-ir-14-018/"
},
{
"trust": 1.9,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20140605-openssl"
},
{
"trust": 1.9,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"trust": 1.9,
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
},
{
"trust": 1.9,
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
},
{
"trust": 1.9,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"trust": 1.9,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1020172"
},
{
"trust": 1.9,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21675626"
},
{
"trust": 1.9,
"url": "http://rhn.redhat.com/errata/rhsa-2014-0630.html"
},
{
"trust": 1.9,
"url": "http://rhn.redhat.com/errata/rhsa-2014-0631.html"
},
{
"trust": 1.9,
"url": "http://rhn.redhat.com/errata/rhsa-2014-0633.html"
},
{
"trust": 1.9,
"url": "http://rhn.redhat.com/errata/rhsa-2014-0632.html"
},
{
"trust": 1.9,
"url": "http://rhn.redhat.com/errata/rhsa-2014-0627.html"
},
{
"trust": 1.9,
"url": "http://rhn.redhat.com/errata/rhsa-2014-0680.html"
},
{
"trust": 1.9,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095755"
},
{
"trust": 1.9,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095754"
},
{
"trust": 1.9,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683332"
},
{
"trust": 1.9,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677695"
},
{
"trust": 1.9,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676644"
},
{
"trust": 1.9,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676879"
},
{
"trust": 1.9,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676529"
},
{
"trust": 1.9,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677836"
},
{
"trust": 1.9,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095740"
},
{
"trust": 1.9,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676501"
},
{
"trust": 1.9,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676035"
},
{
"trust": 1.9,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677828"
},
{
"trust": 1.9,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21673137"
},
{
"trust": 1.9,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676419"
},
{
"trust": 1.9,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677131"
},
{
"trust": 1.9,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676496"
},
{
"trust": 1.9,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676478"
},
{
"trust": 1.9,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676062"
},
{
"trust": 1.9,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037731"
},
{
"trust": 1.9,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037732"
},
{
"trust": 1.9,
"url": "http://www.kb.cert.org/vuls/id/978508"
},
{
"trust": 1.7,
"url": "http://security.gentoo.org/glsa/glsa-201407-05.xml"
},
{
"trust": 1.6,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05301946"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59661"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59301"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59300"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59784"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59413"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59655"
},
{
"trust": 1.6,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/60522"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59659"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=140317760000786\u0026w=2"
},
{
"trust": 1.6,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-234763.pdf"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=141383465822787\u0026w=2"
},
{
"trust": 1.6,
"url": "https://access.redhat.com/site/blogs/766093/posts/908133"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=140784085708882\u0026w=2"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59310"
},
{
"trust": 1.6,
"url": "http://linux.oracle.com/errata/elsa-2014-1053.html"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59666"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/58337"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/58579"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59305"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59306"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59669"
},
{
"trust": 1.6,
"url": "http://dev.mysql.com/doc/relnotes/workbench/en/wb-news-6-1-7.html"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59429"
},
{
"trust": 1.6,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676333"
},
{
"trust": 1.6,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676334"
},
{
"trust": 1.6,
"url": "http://ccsinjection.lepidum.co.jp"
},
{
"trust": 1.6,
"url": "http://support.apple.com/kb/ht6443"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=140266410314613\u0026w=2"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=140852757108392\u0026w=2"
},
{
"trust": 1.6,
"url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026id=6061\u0026myns=phmc\u0026mync=e"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/58667"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59514"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59878"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59518"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=140870499402361\u0026w=2"
},
{
"trust": 1.6,
"url": "http://www.blackberry.com/btsc/kb36051"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/60066"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=141025641601169\u0026w=2"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=140386311427810\u0026w=2"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59093"
},
{
"trust": 1.6,
"url": "http://www.websense.com/support/article/kbarticle/vulnerabilities-resolved-in-triton-apx-version-8-0"
},
{
"trust": 1.6,
"url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00030.html"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=140369637402535\u0026w=2"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59530"
},
{
"trust": 1.6,
"url": "http://www.novell.com/support/kb/doc.php?id=7015264"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59894"
},
{
"trust": 1.6,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-august/136470.html"
},
{
"trust": 1.6,
"url": "http://seclists.org/fulldisclosure/2014/jun/38"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/58433"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59885"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59525"
},
{
"trust": 1.6,
"url": "https://filezilla-project.org/versions.php?type=server"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=141147110427269\u0026w=2"
},
{
"trust": 1.6,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677567"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59529"
},
{
"trust": 1.6,
"url": "https://www.intersectalliance.com/wp-content/uploads/release_notes/releasenotes_for_snare_for_mssql.pdf"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59528"
},
{
"trust": 1.6,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2014:105"
},
{
"trust": 1.6,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2014:106"
},
{
"trust": 1.6,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59063"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=141383410222440\u0026w=2"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59186"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59189"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/61815"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=140604261522465\u0026w=2"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59188"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/60049"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=140544599631400\u0026w=2"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/61254"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59190"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=140431828824371\u0026w=2"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59192"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59191"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59990"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/58660"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59502"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59506"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/60176"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59040"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59282"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59163"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59284"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59162"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59043"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59167"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59287"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/58742"
},
{
"trust": 1.6,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676845"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/58743"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/58745"
},
{
"trust": 1.6,
"url": "http://rhn.redhat.com/errata/rhsa-2014-0624.html"
},
{
"trust": 1.6,
"url": "https://www.imperialviolet.org/2014/06/05/earlyccs.html"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59055"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59175"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=140794476212181\u0026w=2"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59721"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=140482916501310\u0026w=2"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59602"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/58759"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/58639"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=140621259019789\u0026w=2"
},
{
"trust": 1.6,
"url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026id=6060\u0026myns=phmc\u0026mync=e"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=142350350616251\u0026w=2"
},
{
"trust": 1.6,
"url": "http://www.securitytracker.com/id/1031032"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59380"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59383"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59264"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59142"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=141658880509699\u0026w=2"
},
{
"trust": 1.6,
"url": "http://rhn.redhat.com/errata/rhsa-2014-0626.html"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59389"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=140983229106599\u0026w=2"
},
{
"trust": 1.6,
"url": "http://www.splunk.com/view/sp-caaam2d"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=140491231331543\u0026w=2"
},
{
"trust": 1.6,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677390"
},
{
"trust": 1.6,
"url": "http://www.kerio.com/support/kerio-control/release-history"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/60819"
},
{
"trust": 1.6,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037729"
},
{
"trust": 1.6,
"url": "http://seclists.org/fulldisclosure/2014/dec/23"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=140904544427729\u0026w=2"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/58977"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59824"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/58615"
},
{
"trust": 1.6,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1103586"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59827"
},
{
"trust": 1.6,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001843"
},
{
"trust": 1.6,
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/941-security-advisory-0005"
},
{
"trust": 1.6,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001841"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59120"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59362"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59483"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59365"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59364"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59004"
},
{
"trust": 1.6,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"
},
{
"trust": 1.6,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676889"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=140448122410568\u0026w=2"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/58945"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59916"
},
{
"trust": 1.6,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html"
},
{
"trust": 1.6,
"url": "http://esupport.trendmicro.com/solution/en-us/1103813.aspx"
},
{
"trust": 1.6,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1iv61506"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59370"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59491"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59490"
},
{
"trust": 1.6,
"url": "http://puppetlabs.com/security/cve/cve-2014-0224"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59132"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59374"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59495"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59012"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59375"
},
{
"trust": 1.6,
"url": "http://www.novell.com/support/kb/doc.php?id=7015300"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=140499864129699\u0026w=2"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59135"
},
{
"trust": 1.6,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-august/136473.html"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59126"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59368"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/58713"
},
{
"trust": 1.6,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1020163"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/58714"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/58716"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/58719"
},
{
"trust": 1.6,
"url": "http://www.securitytracker.com/id/1031594"
},
{
"trust": 1.6,
"url": "http://www.tenable.com/blog/nessus-527-and-pvs-403-are-available-for-download"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
},
{
"trust": 1.6,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677080"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/58492"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59460"
},
{
"trust": 1.6,
"url": "https://www.intersectalliance.com/wp-content/uploads/release_notes/releasenotes_for_snare_for_windows.pdf"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59101"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59342"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59223"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59215"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/60567"
},
{
"trust": 1.6,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1004690"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59214"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/58128"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59338"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59459"
},
{
"trust": 1.6,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676786"
},
{
"trust": 1.6,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678289"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=142546741516006\u0026w=2"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59231"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59354"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/58385"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59347"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59589"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/60577"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=140852826008699\u0026w=2"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/58930"
},
{
"trust": 1.6,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037761"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=141164638606214\u0026w=2"
},
{
"trust": 1.6,
"url": "http://www.innominate.com/data/downloads/manuals/mdm_1.5.2.1_release_notes.pdf"
},
{
"trust": 1.6,
"url": "https://discussions.nessus.org/thread/7517"
},
{
"trust": 1.6,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676536"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/58939"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/60571"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=140752315422991\u0026w=2"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59440"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59442"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59441"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59202"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59444"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59435"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59677"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=140389355508263\u0026w=2"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59437"
},
{
"trust": 1.6,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037870"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59438"
},
{
"trust": 1.6,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095737"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=140389274407904\u0026w=2"
},
{
"trust": 1.6,
"url": "https://www.novell.com/support/kb/doc.php?id=7015271"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59451"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59450"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59211"
},
{
"trust": 1.6,
"url": "https://www.ibm.com/support/docview.wss?uid=ssg1s1004670"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=140672208601650\u0026w=2"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59454"
},
{
"trust": 1.6,
"url": "https://www.ibm.com/support/docview.wss?uid=ssg1s1004671"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59325"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59446"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59445"
},
{
"trust": 1.6,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677527"
},
{
"trust": 1.6,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2015:062"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59448"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59447"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/59449"
},
{
"trust": 1.0,
"url": "https://git.openssl.org/gitweb/?p=openssl.git%3ba=commit%3bh=bc8923b1ec9c467755cd86f7848c50ee8812e441"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0224"
},
{
"trust": 0.6,
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=bc8923b1ec9c467755cd86f7848c50ee8812e441"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-201914246-1.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4645/"
},
{
"trust": 0.6,
"url": "https://support.lenovo.com/us/en/solutions/len-24443"
},
{
"trust": 0.5,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/"
},
{
"trust": 0.5,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
},
{
"trust": 0.5,
"url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
},
{
"trust": 0.3,
"url": "http://securityadvisories.dlink.com/security/publication.aspx?name=sap10045"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24032618"
},
{
"trust": 0.3,
"url": "http://www.sophos.com/en-us/support/knowledgebase/121112.aspx"
},
{
"trust": 0.3,
"url": "http://sylpheed.sraoss.jp/en/news.html"
},
{
"trust": 0.3,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10629\u0026cat=sirt_1\u0026actp=list\u0026showdraft=false"
},
{
"trust": 0.3,
"url": "http://www.arubanetworks.com/support/alerts/aid-06062014.txt"
},
{
"trust": 0.3,
"url": "http://googlechromereleases.blogspot.com/2014/06/chrome-for-android-update.html"
},
{
"trust": 0.3,
"url": "http://blogs.citrix.com/2014/06/06/citrix-security-advisory-for-openssl-vulnerabilities-june-2014/"
},
{
"trust": 0.3,
"url": "http://bugs.python.org/issue21671"
},
{
"trust": 0.3,
"url": "http://securityadvisories.dlink.com/security/publication.aspx?name=sap10046"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1004805"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2014/aug/att-93/esa-2014-079.txt"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04438404"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687640"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21682840"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21678123"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21678073"
},
{
"trust": 0.3,
"url": "http://www.websense.com/support/article/kbarticle/july-2014-hotfix-summary-for-websense-solutions"
},
{
"trust": 0.3,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10643\u0026cat=sirt_1\u0026actp=list"
},
{
"trust": 0.3,
"url": "http://jvn.jp/en/jp/jvn61247051/index.html"
},
{
"trust": 0.3,
"url": "http://openssl.org/"
},
{
"trust": 0.3,
"url": "http://blogs.sophos.com/2014/06/10/openssl-man-in-the-middle-vulnerability-sophos-product-status-2/"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100181245"
},
{
"trust": 0.3,
"url": "http://www.innominate.com/data/downloads/software/innominate_security_advisory_20140606_001_en.pdf"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=ssg1s1004758"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=ssg1s1004747"
},
{
"trust": 0.3,
"url": "http://openvpn.net/index.php/open-source/downloads.html"
},
{
"trust": 0.3,
"url": "http://www8.hp.com/us/en/software-solutions/operations-analytics-operations-analysis/"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21686583"
},
{
"trust": 0.3,
"url": "https://community.rapid7.com/community/metasploit/blog/2014/06/05/security-advisory-openssl-vulnerabilities-cve-2014-0224-cve-2014-0221-in-metasploit"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685551"
},
{
"trust": 0.3,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5096059"
},
{
"trust": 0.3,
"url": "http://blogs.splunk.com/2014/06/09/splunk-and-the-latest-openssl-vulnerabilities/"
},
{
"trust": 0.3,
"url": "http://www.marshut.com/ixwnpv/stunnel-5-02-released.html"
},
{
"trust": 0.3,
"url": "http://blogs.sophos.com/2014/06/16/utm-up2date-9-113-released/"
},
{
"trust": 0.3,
"url": "http://blogs.sophos.com/2014/06/18/utm-up2date-9-203-released/"
},
{
"trust": 0.3,
"url": " https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04404764"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04385138"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100181099"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/101007404"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100180978"
},
{
"trust": 0.3,
"url": "http://ics-cert.us-cert.gov/advisories/icsa-14-198-03"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2015/mar/21"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2015/mar/9"
},
{
"trust": 0.3,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10659"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-198-03d"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-198-03g"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-094-04"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100181096"
},
{
"trust": 0.3,
"url": "http://btsc.webapps.blackberry.com/btsc/viewdocument.do;jsessionid=98ec479ee69ccb916d2ea4b09943faf5?nocount=true\u0026externalid=kb36051\u0026sliceid=1\u0026cmd=\u0026forward=nonthreadedkc\u0026command=show\u0026kcid=kb36051\u0026viewe"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21678040"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1it02314"
},
{
"trust": 0.3,
"url": "http://kb.parallels.com/en/121916"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24036409"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24032650#5.0.0.15"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24032651"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24034955"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1020948"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04401858"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04355095"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04397114"
},
{
"trust": 0.3,
"url": " https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04479505"
},
{
"trust": 0.3,
"url": "http://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04512909"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04343424"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04368264"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04347622"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04345210"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04347711"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04349175"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04349789"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04349897"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docdisplay?docid=emr_na-c04351097"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04363613"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04368546"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04370307"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04378799"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04379485"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04392919"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04398968"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04401666"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04337774"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04451722"
},
{
"trust": 0.3,
"url": "https://h20565.www2.hp.com/portal/site/hpsc/template.page/public/kb/docdisplay/?spf_p.tpst=kbdocdisplay\u0026spf_p.prp_kbdocdisplay=wsrp-navigationalstate%3ddocid%253demr_na-c04406535-1%257cdoclocale%253d%"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docdisplay?docid=emr_na-c04425253"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04595094"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05301946"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04336637"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001840"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100181215"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21678356"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680546"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21680511,swg21680439,swg21680673,swg21680546"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg24037729"
},
{
"trust": 0.3,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095940"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678413"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680706,swg21680707,nas8n1020200,swg21680511,swg21680439,swg21680673,swg21680546"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21680673,swg21680546"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680707,nas8n1020200,swg21680511,swg21680439,swg21680673,swg21680546"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1004830"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21676889"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676673"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21678660"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676041"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21680439,swg21680673,swg21680546"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676128"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677891"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21676536"
},
{
"trust": 0.3,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095910"
},
{
"trust": 0.3,
"url": "https://www.xerox.com/download/security/security-bulletin/33a01-5228bdf5d027e/cert_security_mini-_bulletin_xrx15ao_for_cq8570-cq8870_v1-0.pdf"
},
{
"trust": 0.3,
"url": "http://www.novell.com/support/kb/doc.php?id=7015158"
},
{
"trust": 0.3,
"url": "http://securityadvisories.paloaltonetworks.com/home/detail/23?aspxautodetectcookiesupport=1"
},
{
"trust": 0.3,
"url": "http://www.freebsd.org/security/advisories/freebsd-sa-14:14.openssl.asc"
},
{
"trust": 0.3,
"url": "https://bto.bluecoat.com/security-advisory/sa80"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100181079"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100181566"
},
{
"trust": 0.3,
"url": "https://library.netapp.com/ecm/ecm_get_file/ecmp1636026"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=nas8n1020200"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676356"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676276"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21676786"
},
{
"trust": 0.3,
"url": "https://rhn.redhat.com/errata/rhsa-2014-0625.html"
},
{
"trust": 0.3,
"url": "https://rhn.redhat.com/errata/rhsa-2014-0629.html"
},
{
"trust": 0.3,
"url": "http://forums.alienvault.com/discussion/3054/security-advisory-alienvault-v4-10-0-addresses-several-vulnerabilities"
},
{
"trust": 0.3,
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/archive/hw-345106.htm"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676793"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1021009"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676840"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21677225"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682398"
},
{
"trust": 0.3,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095738"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=nas8n1020163"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21683336"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678104"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682023"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1021064"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682026"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682025"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682024"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21677080"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676877"
},
{
"trust": 0.3,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095841"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21690128"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1004678"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1004824"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=ssg1s1004690"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676542"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676543"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=ssg1s1004744"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21676333"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21678289"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=ssg1s1004695"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676708"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21676505"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-198-03b"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-198-03c"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-198-03f"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1020976"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1020952"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1007987"
},
{
"trust": 0.3,
"url": "http://googlechromereleases.blogspot.com/2014/06/stable-channel-update-for-chrome-os.html"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001842"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001839"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=ssg1s1004821"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1004670"
},
{
"trust": 0.3,
"url": "www-01.ibm.com/support/docview.wss?uid=ssg1s1004671"
},
{
"trust": 0.3,
"url": "http://www.ubuntu.com/usn/usn-2232-4/"
},
{
"trust": 0.3,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10629\u0026cat=sirt_1\u0026actp=list"
},
{
"trust": 0.3,
"url": "http://winscp.net/eng/docs/history#5.5.4"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0221"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3470"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0195"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0198"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-5298"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/hpcit_00073"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/hpcit_00074"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/hpcit_00070"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/hpcit_00076"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/hpcit_00079"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/hpcit_00071"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/hpcit_00075"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/hpcit_00078"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/hpcit_00072"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/hpcit_00077"
},
{
"trust": 0.1,
"url": "http://www.ubuntu.com/usn/usn-2232-3"
},
{
"trust": 0.1,
"url": "http://www.ubuntu.com/usn/usn-2232-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1e-3ubuntu1.6"
},
{
"trust": 0.1,
"url": "https://launchpad.net/bugs/1332643"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu2.4"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1-4ubuntu5.16"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/0.9.8k-7ubuntu8.19"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3470"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-5298"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0221"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0198"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0224"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0195"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/km01028458"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/km01020441"
},
{
"trust": 0.1,
"url": "http://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=c03536"
},
{
"trust": 0.1,
"url": "https://www.hp.com"
}
],
"sources": [
{
"db": "BID",
"id": "67899"
},
{
"db": "PACKETSTORM",
"id": "127936"
},
{
"db": "PACKETSTORM",
"id": "127166"
},
{
"db": "PACKETSTORM",
"id": "127630"
},
{
"db": "PACKETSTORM",
"id": "127422"
},
{
"db": "PACKETSTORM",
"id": "127403"
},
{
"db": "PACKETSTORM",
"id": "127190"
},
{
"db": "PACKETSTORM",
"id": "128345"
},
{
"db": "CNNVD",
"id": "CNNVD-201406-080"
},
{
"db": "NVD",
"id": "CVE-2014-0224"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2014-0224"
},
{
"db": "BID",
"id": "67899"
},
{
"db": "PACKETSTORM",
"id": "127936"
},
{
"db": "PACKETSTORM",
"id": "127166"
},
{
"db": "PACKETSTORM",
"id": "127630"
},
{
"db": "PACKETSTORM",
"id": "127422"
},
{
"db": "PACKETSTORM",
"id": "127403"
},
{
"db": "PACKETSTORM",
"id": "127190"
},
{
"db": "PACKETSTORM",
"id": "128345"
},
{
"db": "CNNVD",
"id": "CNNVD-201406-080"
},
{
"db": "NVD",
"id": "CVE-2014-0224"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-06-05T00:00:00",
"db": "VULMON",
"id": "CVE-2014-0224"
},
{
"date": "2014-06-05T00:00:00",
"db": "BID",
"id": "67899"
},
{
"date": "2014-08-20T15:18:26",
"db": "PACKETSTORM",
"id": "127936"
},
{
"date": "2014-06-24T00:52:51",
"db": "PACKETSTORM",
"id": "127166"
},
{
"date": "2014-07-28T20:36:25",
"db": "PACKETSTORM",
"id": "127630"
},
{
"date": "2014-07-11T21:05:34",
"db": "PACKETSTORM",
"id": "127422"
},
{
"date": "2014-07-09T17:11:19",
"db": "PACKETSTORM",
"id": "127403"
},
{
"date": "2014-06-24T01:45:14",
"db": "PACKETSTORM",
"id": "127190"
},
{
"date": "2014-09-22T16:56:00",
"db": "PACKETSTORM",
"id": "128345"
},
{
"date": "2014-06-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201406-080"
},
{
"date": "2014-06-05T21:55:07.817000",
"db": "NVD",
"id": "CVE-2014-0224"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2014-0224"
},
{
"date": "2017-10-19T03:03:00",
"db": "BID",
"id": "67899"
},
{
"date": "2022-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201406-080"
},
{
"date": "2023-11-07T02:18:13.190000",
"db": "NVD",
"id": "CVE-2014-0224"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "127630"
},
{
"db": "PACKETSTORM",
"id": "127403"
},
{
"db": "PACKETSTORM",
"id": "128345"
},
{
"db": "CNNVD",
"id": "CNNVD-201406-080"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL Encryption problem vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201406-080"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "encryption problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201406-080"
}
],
"trust": 0.6
}
}
VAR-201406-0137
Vulnerability from variot - Updated: 2024-07-23 21:11The dtls1_reassemble_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly validate fragment lengths in DTLS ClientHello messages, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a long non-initial fragment. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of DTLS packets. The issue lies in the assumption that all fragments specify the same message size. An attacker could leverage this vulnerability to execute code in the context of the process using OpenSSL. The following are vulnerable: OpenSSL 0.9.8 prior to 0.9.8za OpenSSL 1.0.0 prior to 1.0.0m OpenSSL 1.0.1 prior to 1.0.1h. One of the patch backports for Ubuntu 10.04 LTS caused a regression for certain applications.
We apologize for the inconvenience. This issue only affected Ubuntu 12.04 LTS, Ubuntu 13.10, and Ubuntu 14.04 LTS. (CVE-2014-0195) Imre Rad discovered that OpenSSL incorrectly handled DTLS recursions. (CVE-2014-0224) Felix Gr=C3=B6bert and Ivan Fratri=C4=87 discovered that OpenSSL incorrectly handled anonymous ECDH ciphersuites. This issue only affected Ubuntu 12.04 LTS, Ubuntu 13.10, and Ubuntu 14.04 LTS. (CVE-2014-3470)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 10.04 LTS: libssl0.9.8 0.9.8k-7ubuntu8.21
After a standard system update you need to reboot your computer to make all the necessary changes.
OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL communications, and consequently hijack sessions or obtain sensitive information, via a crafted TLS handshake, aka the CCS Injection vulnerability (CVE-2014-0224).
The updated packages have been upgraded to the 1.0.0m version where these security flaws has been fixed.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0221 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470 http://www.openssl.org/news/secadv_20140605.txt
Updated Packages:
Mandriva Business Server 1/X86_64: 857d06ddc6423ad124b23eb760459033 mbs1/x86_64/lib64openssl1.0.0-1.0.0m-1.mbs1.x86_64.rpm d7436f2f95df5c1d64d44a745f125bd8 mbs1/x86_64/lib64openssl-devel-1.0.0m-1.mbs1.x86_64.rpm 67f6cd6da42f01fb2f6054a2f96872af mbs1/x86_64/lib64openssl-engines1.0.0-1.0.0m-1.mbs1.x86_64.rpm 5d7c5712c1ce70a2dd2596e803bc7004 mbs1/x86_64/lib64openssl-static-devel-1.0.0m-1.mbs1.x86_64.rpm 9866e03e1c112b0c4cb5587b142cfa63 mbs1/x86_64/openssl-1.0.0m-1.mbs1.x86_64.rpm 9ac714afa9a9b30419f2f1f5c9ec4e48 mbs1/SRPMS/openssl-1.0.0m-1.mbs1.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/en/support/security/advisories/
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux)
iD8DBQFTlcuxmqjQ0CJFipgRAtEQAJsEeYwuETVPTeadp+pdK9wJfQqgOgCfXDif 30xyBHFmHJa6MS/00iqN2aY= =9sdw -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04355095
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c04355095 Version: 1
HPSBMU03062 rev.1 - HP Insight Control server deployment on Linux and Windows running OpenSSL, Multiple Vulnerabilities
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2014-08-08 Last Updated: 2014-08-08
Potential Security Impact: Remote denial of service (DoS), code execution, unauthorized access, disclosure of information
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP System Management Homepage (SMH), HP Smart Update Manager (SUM), and HP Version Control Agent (VCA) running on Linux and Windows. These components of HP Insight Control server deployment could be exploited remotely resulting in denial of service (DoS), code execution, unauthorized access, or disclosure of information.
HP Insight Control server deployment packages HP System Management Homepage (SMH) and HP Version Control Agent (VCA), and HP Smart Update Manager (SUM) and deploys them through the following components. This bulletin provides the information needed to update the HP Insight Control server deployment solution.
Install HP Management Agents for Windows x86/x64 Install HP Management Agents for RHEL 5 x64 Install HP Management Agents for RHEL 6 x64 Install HP Management Agents for SLES 10 x64 Install HP Management Agents for SLES 11 x64 Upgrade Proliant Firmware
References:
CVE-2010-5298 Remote Denial of Service CVE-2014-0076 Unauthorized Disclosure of Information CVE-2014-0195 Remote Unauthorized Access CVE-2014-0198 Remote Denial of Service CVE-2014-0221 Remote Denial of Service (DoS) CVE-2014-0224 Remote Unauthorized Access or Disclosure of Information CVE-2014-3470 Remote Code Execution or Unauthorized Access SSRT101628
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP Insight Control server deployment v7.1.2, v7.2.0, v7.2.1, v7.2.2, v7.3.1
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2010-5298 (AV:N/AC:H/Au:N/C:N/I:P/A:P) 4.0 CVE-2014-0076 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2014-0195 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2014-0198 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2014-0221 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2014-0224 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2014-3470 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has provided the following updates to v7.3.1 of HP Insight Control server deployment to resolve this vulnerability. HP has provided manual update steps if a version upgrade is not possible; if users wish to remain at v7.1.2, v7.2.0, or v7.2.1.
Note: It is important to check your current running version of HP Insight Control server deployment and to follow the correct steps listed below. For HP Insight Control server deployment v7.2.2, users must upgrade to v7.3.1 and follow the steps below to remove the vulnerability. The vulnerability known as Heartbleed (CVE-2014-0160) was fixed in HP Insight Control server deployment v7.3.1. That Security Bulletin with instructions on how to upgrade to v7.3.1 can be found here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_n a-c04267749
HP Insight Control server deployment users of v7.1.2, v7.2.0, v7.2.1 should take the following steps to remove this vulnerability.
Delete the files smhamd64-.exe/smhx86-.exe" from Component Copy Location listed in the following table, rows 1 and 2. Delete the files "vcax86-.exe/vcaamd64-.exe from Component Copy Location listed in the following table, rows 3 and 4. Delete the files hpsmh-7.*.rpm" from Component Copy Location listed in row 5. In sequence, perform the steps from left to right in the following table. First, download components from Download Link; Second, rename the component as suggested in Rename to. Third, copy the component to the location specified in Component Copy Location. Table Row Number Download Link Rename to Component Copy Location
1 http://www.hp.com/swpublishing/MTX-e8076c2a35804685ad65b2b1ba smhamd64-ccp023716.exe \express\hpfeatures\hpagents-ws\components\Win2008
2 http://www.hp.com/swpublishing/MTX-3395d737d98f42149125b9bb05 smhx86-cp023715.exe \express\hpfeatures\hpagents-ws\components\Win2008
3 http://www.hp.com/swpublishing/MTX-8aefeaf490284a7691eca97d13 vcax86-cp023742.exe \express\hpfeatures\hpagents-ws\components\Win2008
4 http://www.hp.com/swpublishing/MTX-c0d32bac154a4d93839d8cd1f2 vcaamd64-cp023743.exe \express\hpfeatures\hpagents-ws\components\Win2008
5 http://www.hp.com/swpublishing/MTX-bd9a1cf60e344c549c4888db93 Do not rename the downloaded component for this step. \express\hpfeatures\hpagents-sles11-x64\components \express\hpfeatures\hpagents-sles10-x64\components \express\hpfeatures\hpagents-rhel5-x64\components \express\hpfeatures\hpagents-rhel6-x64\components
Download and extract the HPSUM 5.3.6 component from ftp://ftp.hp.com/pub/softlib2/software1/pubsw-windows/p750586112/v99793
Copy all content from extracted ZIP folder and paste into \eXpress\hpfeatures\fw-proLiant\components Initiate Install HP Management Agents for SLES 11 x64 on targets running SLES11 x64. Initiate Install HP Management Agents for SLES 10 x64 on targets running SLES10 x64. Initiate Install HP Management Agents for RHEL 6 x64 on targets running RHEL 6 x64. Initiate Install HP Management Agents for RHEL 5 x64 on targets running RHEL 5 x64. Initiate Install HP Management Agents for Windows x86/x64 on targets running Windows.
HP Insight Control server deployment users with v7.2.2:
Please upgrade to Insight Control server deployment v7.3.1 and follow the steps below for v7.3.1.
HP Insight Control server deployment users with v7.3.1:
Perform steps 1 - 4 as outlined above for users with HP Insight Control server deployment v7.1.2, v7.2.0, and v7.2.1. Download the HP SUM ZIP file from http://www.hp.com/swpublishing/MTX-f6c141a7feeb4a358bbb28300f
Extract the contents from the HP SUM ZIP file to \eXpress\hpfeatures\fw-proLiant\components location on the Insight Control server deployment server
Related security bulletins:
For System Management Homepage please see Security bulletin HPSBMU03051 https ://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c04 345210
For HP Version Control Agent please see Security bulletin HPSBMU03057 https:/ /h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c0434 9897
HISTORY Version:1 (rev.1) - 8 August 2014 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2014 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux)
iEYEARECAAYFAlPk9ewACgkQ4B86/C0qfVn1/gCfR2U/mZZXYwPms9ptZcBTua/5 MoQAn1qlQ3kmLRs7YFN5GzwBTRfSK5Go =r0qe -----END PGP SIGNATURE----- .
Workaround
There is no known workaround at this time.
Resolution
All OpenSSL users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/openssl-1.0.1h-r1"
References
[ 1 ] CVE-2010-5298 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-5298 [ 2 ] CVE-2014-0195 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0195 [ 3 ] CVE-2014-0198 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0198 [ 4 ] CVE-2014-0221 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0221 [ 5 ] CVE-2014-0224 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0224 [ 6 ] CVE-2014-3470 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3470 [ 7 ] OpenSSL Security Advisory [05 Jun 2014] http://www.openssl.org/news/secadv_20140605.txt
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201407-05.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . Summary
VMware product updates address OpenSSL security vulnerabilities.
- Problem Description
a.
OpenSSL libraries have been updated in multiple products to
versions 0.9.8za and 1.0.1h in order to resolve multiple security
issues.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2014-0224, CVE-2014-0198,
CVE-2010-5298, CVE-2014-3470, CVE-2014-0221 and CVE-2014-0195 to
these issues. The most important of these issues is
CVE-2014-0224.
CVE-2014-0198, CVE-2010-5298 and CVE-2014-3470 are considered to
be of moderate severity. Exploitation is highly unlikely or is
mitigated due to the application configuration.
CVE-2014-0221 and CVE-2014-0195, which are listed in the OpenSSL
Security Advisory (see Reference section below), do not affect
any VMware products. For readability
the affected products have been split into 3 tables below,
based on the different client-server configurations and
deployment scenarios. Applying these patches to
affected servers will mitigate the affected clients (See Table 1
below).
Clients that communicate over untrusted networks such as public
Wi-Fi and communicate to a server running a vulnerable version of
OpenSSL 1.0.1. can be mitigated by using a secure network such as
VPN (see Table 2 below).
Clients and servers that are deployed on an isolated network are
less exposed to CVE-2014-0224 (see Table 3 below). The affected
products are typically deployed to communicate over the
management network.
RECOMMENDATIONS
VMware recommends customers evaluate and deploy patches for
affected Servers in Table 1 below as these patches become
available. Patching these servers will remove the ability to
exploit the vulnerability described in CVE-2014-0224 on both
clients and servers. VMware recommends customers consider
applying patches to products listed in Table 2 & 3 as required.
Column 4 of the following tables lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============== ======= ======= =============
ESXi 5.5 ESXi ESXi550-
201406401-SG
Big Data Extensions 1.1 patch pending
Charge Back Manager 2.6 patch pending
Horizon Workspace Server
GATEWAY 1.8.1 patch pending
Horizon Workspace Server
GATEWAY 1.5 patch pending
Horizon Workspace Server
DATA 1.8.1 patch pending
Horizon Mirage Edge Gateway 4.4.2 patch pending
Horizon View 5.3.1 patch pending
Horizon View Feature Pack 5.3 SP2 patch pending
NSX for Multi-Hypervisor 4.1.2 patch pending
NSX for Multi-Hypervisor 4.0.3 patch pending
NSX for vSphere 6.0.4 patch pending
NVP 3.2.2 patch pending
vCAC 6.0.1 patch pending
vCloud Networking and Security 5.5.2 patch pending
vCloud Networking and Security 5.1.2 patch pending
vFabric Web Server 5.3.4 patch pending
vCHS - DPS-Data Protection 2.0 patch pending
Service
Table 2
========
Affected clients running a vulnerable version of OpenSSL 0.9.8
or 1.0.1 and communicating over an untrusted network.
VMware Product Running Replace with/
Product Version on Apply Patch
============== ======= ======= =============
vCSA 5.5 patch pending
vCSA 5.1 patch pending
vCSA 5.0 patch pending
ESXi 5.1 ESXi patch pending
ESXi 5.0 ESXi patch pending
Workstation 10.0.2 any patch pending
Workstation 9.0.3 any patch pending
Fusion 6.x OSX patch pending
Fusion 5.x OSX patch pending
Player 10.0.2 any patch pending
Player 9.0.3 any patch pending
Chargeback Manager 2.5.x patch pending
Horizon Workspace Client for 1.8.1 OSX patch pending
Mac
Horizon Workspace Client for 1.5 OSX patch pending
Mac
Horizon Workspace Client for 1.8.1 Windows patch pending
Windows
Horizon Workspace Client for 1.5 Windows patch pending
OVF Tool 3.5.1 patch pending
OVF Tool 3.0.1 patch pending
vCenter Operations Manager 5.8.1 patch pending
vCenter Support Assistant 5.5.0 patch pending
vCenter Support Assistant 5.5.1 patch pending
vCD 5.1.2 patch pending
vCD 5.1.3 patch pending
vCD 5.5.1.1 patch pending
vCenter Site Recovery Manager 5.0.3.1 patch pending
Table 3
=======
The following table lists all affected clients running a
vulnerable version of OpenSSL 0.9.8 or 1.0.1 and communicating
over an untrusted network.
VMware Product Running Replace with/
Product Version on Apply Patch
============== ======= ======= =============
vCenter Server 5.5 any patch pending
vCenter Server 5.1 any patch pending
vCenter Server 5.0 any patch pending
Update Manager 5.5 Windows patch pending
Update Manager 5.1 Windows patch pending
Update Manager 5.0 Windows patch pending
Config Manager (VCM) 5.6 patch pending
Horizon View Client 5.3.1 patch pending
Horizon View Client 4.x patch pending
Horizon Workspace 1.8.1 patch pending
Horizon Workspace 1.5 patch pending
ITBM Standard 1.0.1 patch pending
ITBM Standard 1.0 patch pending
Studio 2.6.0.0 patch pending
Usage Meter 3.3 patch pending
vCenter Chargeback Manager 2.6 patch pending
vCenter Converter Standalone 5.5 patch pending
vCenter Converter Standalone 5.1 patch pending
vCD (VCHS) 5.6.2 patch pending
vCenter Site Recovery Manager 5.5.1 patch pending
vCenter Site Recovery Manager 5.1.1 patch pending
vFabric Application Director 5.2.0 patch pending
vFabric Application Director 5.0.0 patch pending
View Client 5.3.1 patch pending
View Client 4.x patch pending
VIX API 5.5 patch pending
VIX API 1.12 patch pending
vMA (Management Assistant) 5.1.0.1 patch pending
VMware Data Recovery 2.0.3 patch pending
VMware vSphere CLI 5.5 patch pending
vSphere Replication 5.5.1 patch pending
vSphere Replication 5.6 patch pending
vSphere SDK for Perl 5.5 patch pending
vSphere Storage Appliance 5.5.1 patch pending
vSphere Storage Appliance 5.1.3 patch pending
vSphere Support Assistant 5.5.1 patch pending
vSphere Support Assistant 5.5.0 patch pending
vSphere Virtual Disk 5.5 patch pending
Development Kit
vSphere Virtual Disk 5.1 patch pending
Development Kit
vSphere Virtual Disk 5.0 patch pending
Development Kit
- Solution
ESXi 5.5
Download: https://www.vmware.com/patchmgr/download.portal
Release Notes and Remediation Instructions: http://kb.vmware.com/kb/2077359
- References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0198 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5298 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470
https://www.openssl.org/news/secadv_20140605.txt
- Change Log
2014-06-10 VMSA-2014-0006 Initial security advisory in conjunction with the release of ESXi 5.5 updates on 2014-06-10
- Contact
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
security-announce at lists.vmware.com
bugtraq at securityfocus.com
fulldisclosure at seclists.org
E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055
VMware Security Advisories http://www.vmware.com/security/advisories
VMware Security Response Policy https://www.vmware.com/support/policies/security_response.html
VMware Lifecycle Support Phases https://www.vmware.com/support/policies/lifecycle.html
Twitter https://twitter.com/VMwareSRC
Copyright 2014 VMware Inc. All rights reserved. The updates are available from the following location using ftp:
ftp://srt03046:Secure12@ftp.usa.hp.com
User name: srt03046 Password: Secure12 ( NOTE: Case sensitive)
HP-UX Release HP-UX OpenSSL version
B.11.11 (11i v1) A.00.09.08za.001_HP-UX_B.11.11_32+64.depot
B.11.23 (11i v2) A.00.09.08za.002_HP-UX_B.11.23_IA-PA.depot
B.11.31 (11i v3) A.00.09.08za.003_HP-UX_B.11.31_IA-PA.depot
MANUAL ACTIONS: Yes - Update
Install OpenSSL A.00.09.08za or subsequent
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant. OpenSSL Security Advisory [05 Jun 2014]
SSL/TLS MITM vulnerability (CVE-2014-0224)
An attacker using a carefully crafted handshake can force the use of weak keying material in OpenSSL SSL/TLS clients and servers. This can be exploited by a Man-in-the-middle (MITM) attack where the attacker can decrypt and modify traffic from the attacked client and server.
The attack can only be performed between a vulnerable client and server. Users of OpenSSL servers earlier than 1.0.1 are advised to upgrade as a precaution.
OpenSSL 0.9.8 SSL/TLS users (client and/or server) should upgrade to 0.9.8za. OpenSSL 1.0.0 SSL/TLS users (client and/or server) should upgrade to 1.0.0m. OpenSSL 1.0.1 SSL/TLS users (client and/or server) should upgrade to 1.0.1h.
Thanks to KIKUCHI Masashi (Lepidum Co. Ltd.) for discovering and researching this issue. This issue was reported to OpenSSL on 1st May 2014 via JPCERT/CC.
The fix was developed by Stephen Henson of the OpenSSL core team partly based on an original patch from KIKUCHI Masashi.
DTLS recursion flaw (CVE-2014-0221)
By sending an invalid DTLS handshake to an OpenSSL DTLS client the code can be made to recurse eventually crashing in a DoS attack.
Only applications using OpenSSL as a DTLS client are affected.
OpenSSL 0.9.8 DTLS users should upgrade to 0.9.8za OpenSSL 1.0.0 DTLS users should upgrade to 1.0.0m. OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1h.
Thanks to Imre Rad (Search-Lab Ltd.) for discovering this issue. This issue was reported to OpenSSL on 9th May 2014.
The fix was developed by Stephen Henson of the OpenSSL core team.
DTLS invalid fragment vulnerability (CVE-2014-0195)
A buffer overrun attack can be triggered by sending invalid DTLS fragments to an OpenSSL DTLS client or server.
Only applications using OpenSSL as a DTLS client or server affected.
OpenSSL 0.9.8 DTLS users should upgrade to 0.9.8za OpenSSL 1.0.0 DTLS users should upgrade to 1.0.0m. OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1h.
Thanks to Jüri Aedla for reporting this issue. This issue was reported to OpenSSL on 23rd April 2014 via HP ZDI.
The fix was developed by Stephen Henson of the OpenSSL core team.
SSL_MODE_RELEASE_BUFFERS NULL pointer dereference (CVE-2014-0198)
A flaw in the do_ssl3_write function can allow remote attackers to cause a denial of service via a NULL pointer dereference. This flaw only affects OpenSSL 1.0.0 and 1.0.1 where SSL_MODE_RELEASE_BUFFERS is enabled, which is not the default and not common.
OpenSSL 1.0.0 users should upgrade to 1.0.0m. OpenSSL 1.0.1 users should upgrade to 1.0.1h.
This issue was reported in public. The fix was developed by Matt Caswell of the OpenSSL development team.
SSL_MODE_RELEASE_BUFFERS session injection or denial of service (CVE-2010-5298)
A race condition in the ssl3_read_bytes function can allow remote attackers to inject data across sessions or cause a denial of service. This flaw only affects multithreaded applications using OpenSSL 1.0.0 and 1.0.1, where SSL_MODE_RELEASE_BUFFERS is enabled, which is not the default and not common.
OpenSSL 1.0.0 users should upgrade to 1.0.0m. OpenSSL 1.0.1 users should upgrade to 1.0.1h.
This issue was reported in public.
Anonymous ECDH denial of service (CVE-2014-3470)
OpenSSL TLS clients enabling anonymous ECDH ciphersuites are subject to a denial of service attack.
OpenSSL 0.9.8 users should upgrade to 0.9.8za OpenSSL 1.0.0 users should upgrade to 1.0.0m. OpenSSL 1.0.1 users should upgrade to 1.0.1h.
Thanks to Felix Gröbert and Ivan Fratrić at Google for discovering this issue. This issue was reported to OpenSSL on 28th May 2014.
The fix was developed by Stephen Henson of the OpenSSL core team.
Other issues
OpenSSL 1.0.0m and OpenSSL 0.9.8za also contain a fix for CVE-2014-0076: Fix for the attack described in the paper "Recovering OpenSSL ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack" Reported by Yuval Yarom and Naomi Benger. This issue was previously fixed in OpenSSL 1.0.1g.
References
URL for this Security Advisory: http://www.openssl.org/news/secadv_20140605.txt
Note: the online version of the advisory may be updated with additional details over time.
The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Relevant releases/architectures:
Red Hat Storage Server 2.1 - x86_64
- Description:
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library. (CVE-2014-0195)
Multiple flaws were found in the way OpenSSL handled read and write buffers when the SSL_MODE_RELEASE_BUFFERS mode was enabled. A specially crafted DTLS handshake packet could cause a DTLS client using OpenSSL to crash. A specially crafted handshake packet could cause a TLS/SSL client that has the anonymous ECDH cipher suite enabled to crash. (CVE-2014-3470)
Red Hat would like to thank the OpenSSL project for reporting these issues. Upstream acknowledges KIKUCHI Masashi of Lepidum as the original reporter of CVE-2014-0224, Jüri Aedla as the original reporter of CVE-2014-0195, Imre Rad of Search-Lab as the original reporter of CVE-2014-0221, and Felix Gröbert and Ivan Fratrić of Google as the original reporters of CVE-2014-3470. For the update to take effect, all services linked to the OpenSSL library (such as httpd and other SSL-enabled services) must be restarted or the system rebooted. Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258
- Package List:
Red Hat Storage Server 2.1:
Source: openssl-1.0.1e-16.el6_5.14.src.rpm
x86_64: openssl-1.0.1e-16.el6_5.14.x86_64.rpm openssl-debuginfo-1.0.1e-16.el6_5.14.x86_64.rpm openssl-devel-1.0.1e-16.el6_5.14.x86_64.rpm openssl-perl-1.0.1e-16.el6_5.14.x86_64.rpm openssl-static-1.0.1e-16.el6_5.14.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2014 Red Hat, Inc
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201406-0137",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "2.3"
},
{
"model": "openssl",
"scope": "lt",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8za"
},
{
"model": "openssl",
"scope": "lt",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0m"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "19"
},
{
"model": "openssl",
"scope": "gte",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0"
},
{
"model": "openssl",
"scope": "gte",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "openssl",
"scope": "gte",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "mariadb",
"scope": "lt",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.0.13"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "20"
},
{
"model": "openssl",
"scope": "lt",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1h"
},
{
"model": "mariadb",
"scope": "gte",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.0.0"
},
{
"model": "leap",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "42.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "13.2"
},
{
"model": "bladecenter advanced management module 3.66e",
"scope": null,
"trust": 0.9,
"vendor": "ibm",
"version": null
},
{
"model": "fedora",
"scope": null,
"trust": 0.8,
"vendor": "fedora",
"version": null
},
{
"model": "api management",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "3.0 (ibm pureapplication system and xen)"
},
{
"model": "api management",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "3.0 (vmware)"
},
{
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "patient hub 10.0"
},
{
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "provider hub 10.0"
},
{
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "standard/advanced edition 11.0"
},
{
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "standard/advanced edition 11.3"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "10.0"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "9.2"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "9.5"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "9.7"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "patient hub 9.5"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "patient hub 9.7"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "provider hub 9.5"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "provider hub 9.7"
},
{
"model": "sdk,",
"scope": "lte",
"trust": 0.8,
"vendor": "ibm",
"version": "for node.js 1.1.0.3"
},
{
"model": "smartcloud orchestrator",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "2.3"
},
{
"model": "smartcloud orchestrator",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "2.3 fp1"
},
{
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "2.1 for ibm provided software virtual appliance"
},
{
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "2.3 fp1"
},
{
"model": "tivoli management framework",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "4.1.1 (linux-ix86 and linux-s390)"
},
{
"model": "tivoli workload scheduler",
"scope": "lte",
"trust": 0.8,
"vendor": "ibm",
"version": "distributed 8.4.0 fp07"
},
{
"model": "tivoli workload scheduler",
"scope": "lte",
"trust": 0.8,
"vendor": "ibm",
"version": "distributed 8.5.0 fp04"
},
{
"model": "tivoli workload scheduler",
"scope": "lte",
"trust": 0.8,
"vendor": "ibm",
"version": "distributed 8.5.1 fp05"
},
{
"model": "tivoli workload scheduler",
"scope": "lte",
"trust": 0.8,
"vendor": "ibm",
"version": "distributed 8.6.0 fp03"
},
{
"model": "tivoli workload scheduler",
"scope": "lte",
"trust": 0.8,
"vendor": "ibm",
"version": "distributed 9.1.0 fp01"
},
{
"model": "tivoli workload scheduler",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "distributed 9.2.0 ga level"
},
{
"model": "tivoli composite application manager",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "for transactions 7.2"
},
{
"model": "tivoli composite application manager",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "for transactions 7.3"
},
{
"model": "tivoli composite application manager",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "for transactions 7.4"
},
{
"model": "openssl",
"scope": "lt",
"trust": 0.8,
"vendor": "openssl",
"version": "0.9.8 thats all 0.9.8za"
},
{
"model": "openssl",
"scope": "lt",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.0 thats all 1.0.0m"
},
{
"model": "openssl",
"scope": "lt",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.1 thats all 1.0.1h"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "10.7.5"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "10.8.5"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "10.9 to 10.9.4"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "10.7.5"
},
{
"model": "virtualization",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "of oracle secure global desktop 4.63"
},
{
"model": "virtualization",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "of oracle secure global desktop 4.71"
},
{
"model": "virtualization",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "of oracle secure global desktop 5.0"
},
{
"model": "virtualization",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "of oracle secure global desktop 5.1"
},
{
"model": "vm virtualbox",
"scope": "lt",
"trust": 0.8,
"vendor": "oracle",
"version": "3.2.24"
},
{
"model": "vm virtualbox",
"scope": "lt",
"trust": 0.8,
"vendor": "oracle",
"version": "4.0.26"
},
{
"model": "vm virtualbox",
"scope": "lt",
"trust": 0.8,
"vendor": "oracle",
"version": "4.1.34"
},
{
"model": "vm virtualbox",
"scope": "lt",
"trust": 0.8,
"vendor": "oracle",
"version": "4.2.26"
},
{
"model": "vm virtualbox",
"scope": "lt",
"trust": 0.8,
"vendor": "oracle",
"version": "4.3.14"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "storage",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1"
},
{
"model": "l20/300",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "lto6 drive",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "lx/30a",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "integrated system ha database ready",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "symfoware",
"scope": "eq",
"trust": 0.8,
"vendor": "fujitsu",
"version": "analytics server"
},
{
"model": "symfoware",
"scope": "eq",
"trust": 0.8,
"vendor": "fujitsu",
"version": "server"
},
{
"model": "openssl",
"scope": null,
"trust": 0.7,
"vendor": "openssl",
"version": null
},
{
"model": "storevirtual 1tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.14"
},
{
"model": "security enterprise scanner",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3"
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3.3"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3.1"
},
{
"model": "spa232d multi-line dect ata",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "policy center v100r003c00spc305",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "10.0-beta",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "solaris",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1.20.5.0"
},
{
"model": "proactive network operations center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 1tb mdl china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "infosphere guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"model": "virtual connect 8gb 24-port fc module",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "3.0"
},
{
"model": "algo audit and compliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0.2"
},
{
"model": "project openssl 0.9.8f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "documentum content server p06",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"model": "chrome for android",
"scope": "ne",
"trust": 0.3,
"vendor": "google",
"version": "35.0.1916.141"
},
{
"model": "tandberg mxp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8800"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "big-ip pem",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "9.1-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "project openssl 1.0.0d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "prime network analysis module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6"
},
{
"model": "project openssl 1.0.1e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"model": "ip video phone e20",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "blackberry enterprise service",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1.2.6"
},
{
"model": "storevirtual 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "ios software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "i v5r4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "ios xe software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "mate products",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32400"
},
{
"model": "project openssl 1.0.1a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.6.1"
},
{
"model": "computer telephony integration object server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 4tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "isoc v200r001c00spc202",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "3000"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "3.1.9"
},
{
"model": "10.0-release-p5",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "small business isa500 series integrated security appliances",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "srg1200\u00262200\u00263200 v100r002c02hp0001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "security network intrusion prevention system gx3002",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "ace application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "oncommand unified manager core package",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "storevirtual 600gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413011.5"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "storevirtual 2tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "i v5r3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.28"
},
{
"model": "proventia network security controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.470"
},
{
"model": "systems insight manager 7.3.0a",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "storevirtual hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433511.5"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "project openssl 1.0.0g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "56000"
},
{
"model": "anyconnect secure mobility client for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "virtual connect 8gb 24-port fc module",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.1.3"
},
{
"model": "dsr-500n 1.09.b61",
"scope": "ne",
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "clustered data ontap antivirus connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3"
},
{
"model": "unified contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"model": "big-ip analytics",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "9.1-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "messaging secure gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "7.5"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "video surveillance series ip camera",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40000"
},
{
"model": "anyconnect secure mobility client for desktop platforms",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip link controller",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "idp 4.1r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "fortios b0537",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.8"
},
{
"model": "jabber guest",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "8.4-release-p9",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "77009.7"
},
{
"model": "9.1-release-p15",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "usg9500 usg9500 v300r001c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "s2750\u0026s5700\u0026s6700 v200r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "upward integration modules for vmware vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"model": "filenet system monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "spa510 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "espace u19** v100r001c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "content security management appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3.1"
},
{
"model": "uma v200r001c00spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "idp 4.1r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual vsa software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.5"
},
{
"model": "storevirtual 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "usg9500 v200r001c01sph902",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "vpn client v100r001c02spc702",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "data ontap smi-s agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "telepresence content server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tandberg codian mse model",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83200"
},
{
"model": "big-ip pem",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "uma v200r001c00spc200",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip ltm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "api management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "oceanstor s6800t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl 0.9.8w",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "digital media players series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44000"
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "34.0"
},
{
"model": "isoc v200r001c00",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "3000"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.1"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "enterprise linux server eus 6.5.z",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "release-p4",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.1"
},
{
"model": "manageone v100r002c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "business server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "1"
},
{
"model": "eupp v100r001c10spc002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "prime performance manager for sps",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 1.0.1g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "big-ip psm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "tivoli workload scheduler distributed ga level",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.2.0"
},
{
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.4"
},
{
"model": "storevirtual 4tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "project openssl 0.9.8m",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "10.0-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "5.0"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"model": "9.1-rc2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "updatexpress system packs installer",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.61"
},
{
"model": "s7700\u0026s9700 v200r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "clustered data ontap antivirus connector",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.2"
},
{
"model": "rational application developer for websphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "storevirtual vsa software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "12.6"
},
{
"model": "prime access registrar appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "87100"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"model": "stunnel",
"scope": "ne",
"trust": 0.3,
"vendor": "stunnel",
"version": "5.02"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "big-ip analytics",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "tivoli netcool/system service monitor fp11",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "flex system fc5022",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "sterling file gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.0"
},
{
"model": "s3900 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 600gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.6"
},
{
"model": "ips",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual china hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433511.5"
},
{
"model": "unified communications widgets click to call",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "agile controller v100r001c00spc200",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "espace usm v100r001 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "softco v100r003",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "oceanstor s5500t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "videoscape anyres live",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence t series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 1tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "oncommand unified manager core package",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5"
},
{
"model": "tivoli netcool/system service monitor fp12",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "unified attendant console advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 1.0.0h",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "9.1--releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "smart update manager for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.3.5"
},
{
"model": "mds switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip gtm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "cerberus",
"version": "7.0.0.1"
},
{
"model": "storevirtual 450gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "proventia network security controller 1.0.3352m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "documentum content server p07",
"scope": "ne",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"model": "wag310g wireless-g adsl2+ gateway with voip",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.4"
},
{
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.10"
},
{
"model": "telepresence tx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10000"
},
{
"model": "director",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.5.2"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.2.2"
},
{
"model": "nexus switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "31640"
},
{
"model": "jabber for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "cerberus",
"version": "7.0.0.2"
},
{
"model": "fastsetup",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.11"
},
{
"model": "unified wireless ip phone series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "29200"
},
{
"model": "messagesight server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.1"
},
{
"model": "fusionsphere v100r003c10spc600",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip asm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "telepresence advanced media gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.40"
},
{
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32100"
},
{
"model": "tivoli workload scheduler distributed fp03",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6.0"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1"
},
{
"model": "smc2.0 v100r002c01b025sp07",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 1tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "s2700\u0026s3700 v100r006",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl 0.9.8r",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "espace cc v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ida pro",
"scope": "eq",
"trust": 0.3,
"vendor": "hex ray",
"version": "6.5"
},
{
"model": "tivoli workload scheduler distributed",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "31.0"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "protection service for email",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "7.1"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"model": "jabber for ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.5-3"
},
{
"model": "usg5000 v300r001c10sph201",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "upward integration modules for vmware vsphere",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5"
},
{
"model": "security information and event management",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.4"
},
{
"model": "project openssl 0.9.8n",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "security network intrusion prevention system gx5208",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.14"
},
{
"model": "prime optical for sps",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.2"
},
{
"model": "9.2-rc2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "big-ip psm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "isoc v200r001c01",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "5000"
},
{
"model": "malware analyzer g2",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "3.5"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"model": "virtual connect 8gb 24-port fc module",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.0"
},
{
"model": "operations analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "project openssl 0.9.8y",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "icewall sso agent option",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.02007"
},
{
"model": "project openssl beta4",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.0"
},
{
"model": "esight-ewl v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "hyperdp oceanstor n8500 v200r001c91",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "open systems snapvault",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2.4"
},
{
"model": "guardium database activity monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "security network intrusion prevention system gx4004-v2",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "asg2000 v100r001c10sph001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.0"
},
{
"model": "documentum content server",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.11"
},
{
"model": "upward integration modules for microsoft system center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "manageone v100r001c02",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 1.0.0l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "9.1-release-p12",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "oncommand unified manager core package",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "smart call home",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 1tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "project openssl beta5",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.0"
},
{
"model": "tivoli netcool/system service monitor fp2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "s7700\u0026s9700 v100r006",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.0"
},
{
"model": "oic v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 3tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.0"
},
{
"model": "s6900 v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.3"
},
{
"model": "icewall sso dfw certd",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.0"
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"model": "spa300 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip afm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "vsm v200r002c00spc503",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "upward integration modules for microsoft system center",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5"
},
{
"model": "ecns610 v100r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "ucs b-series servers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.3"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"model": "project openssl 0.9.8p",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"model": "documentum content server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "18.0.1025308"
},
{
"model": "big-ip gtm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "telepresence isdn link",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "3.1.4"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "storevirtual china hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433511.5"
},
{
"model": "storevirtual hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.6"
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "32.0.1700.99"
},
{
"model": "big-ip asm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "universal small cell series software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50003.4.2.0"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.13"
},
{
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32200"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.4"
},
{
"model": "hardware management console release",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v77.9"
},
{
"model": "cloudburst",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "storevirtual fc 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"model": "8.4-release-p8",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "s5900 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "documentum content server p05",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"model": "oceanstor s6800t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.2"
},
{
"model": "jabber video for telepresence",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.5"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9"
},
{
"model": "fortios build",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2.0589"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.5"
},
{
"model": "snapdrive for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "33.0"
},
{
"model": "documentum content server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "virtualization experience media engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tivoli workload scheduler distributed fp05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"model": "tivoli workload scheduler distributed fp01",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.0"
},
{
"model": "data ontap smi-s agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1"
},
{
"model": "storevirtual 4tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "jabber im for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "snapdrive for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "77109.7"
},
{
"model": "project openssl 0.9.8m beta1",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"model": "small cell factory recovery root filesystem",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.99.4"
},
{
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"model": "guardium database activity monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "quantum policy suite",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 0.9.8q",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "10.0-rc3-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "cerberus",
"version": "7.0"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "manageone v100r002c10 spc320",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "svn2200 v200r001c01spc600",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.4"
},
{
"model": "rational application developer for websphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.0.1"
},
{
"model": "s2750\u0026s5700\u0026s6700 v100r006",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual china hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.0"
},
{
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3200"
},
{
"model": "director",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.5.2.3"
},
{
"model": "messagesight server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"model": "storevirtual 3tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "safe profile",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "0"
},
{
"model": "espace vtm v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "jabber software development kit",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ssl for openvms",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.4-453"
},
{
"model": "spa122 ata with router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "9.2-rc2-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "security network intrusion prevention system gx5208-v2",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"model": "blackberry enterprise service",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1.1"
},
{
"model": "tivoli netcool/system service monitor fp10",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.0"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.00"
},
{
"model": "infosphere guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "9.2-release-p7",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "project openssl 1.0.1c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "advanced settings utility",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.60"
},
{
"model": "9.1-release-p11",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "ssl for openvms",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.4-467"
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "32.0"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0.0"
},
{
"model": "spa525 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "data ontap smi-s agent",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"model": "automation stratix",
"scope": "ne",
"trust": 0.3,
"vendor": "rockwell",
"version": "590015.6.3"
},
{
"model": "tssc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"model": "advanced settings utility",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.52"
},
{
"model": "eupp v100r001c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "nexus series fabric extenders",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "20000"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8v"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.4.0"
},
{
"model": "security network intrusion prevention system gx6116",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "project openssl 1.0.1f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "463012.0"
},
{
"model": "storevirtual china hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.6"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "intelligencecenter",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "3.2"
},
{
"model": "storevirtual 600gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.0"
},
{
"model": "blackberry enterprise service",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1.2"
},
{
"model": "oncommand workflow automation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "algo audit and compliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "telepresence mxp series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "upward integration modules for vmware vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.2"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3.2"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "13000"
},
{
"model": "documentum content server p02",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"model": "espace u2980 v100r001c02",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "uma-db v2r1coospc101",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "security information and event management hf6",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.2.2"
},
{
"model": "upward integration modules for microsoft system center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.4"
},
{
"model": "identity service engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 0.9.8g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "9.2-release-p3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "telepresence exchange system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "usg9300 usg9300 v100r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "s12700 v200r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "smart update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.4"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "7"
},
{
"model": "oncommand workflow automation",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "big-ip link controller",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "sterling file gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.12"
},
{
"model": "desktop collaboration experience dx650",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "8.4-release-p11",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "automation stratix",
"scope": "eq",
"trust": 0.3,
"vendor": "rockwell",
"version": "59000"
},
{
"model": "oncommand unified manager core package 5.2.1p1",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "tivoli workload scheduler distributed fp04",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "oceanstor s2200t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.00"
},
{
"model": "storevirtual hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433511.5"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.0"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7600-"
},
{
"model": "blackberry enterprise service",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1.3"
},
{
"model": "espace u2990 v200r001c02",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.1"
},
{
"model": "telepresence system series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "storevirtual 3tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "9.1-release-p7",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "tivoli workload scheduler for applications fp02",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4"
},
{
"model": "srg1200\u00262200\u00263200 v100r002c02spc800",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "s2900 v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "dsr-1000n rev. a1",
"scope": null,
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "telepresence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70100"
},
{
"model": "open source security information management",
"scope": "ne",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.10"
},
{
"model": "storevirtual hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.5"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"model": "storevirtual vsa software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "12.0"
},
{
"model": "svn5500 v200r001c01spc600",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.6"
},
{
"model": "telepresence ip gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1"
},
{
"model": "open systems snapvault 3.0.1p6",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.2.0.1055"
},
{
"model": "smart update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3.0"
},
{
"model": "key",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "0"
},
{
"model": "tivoli netcool/system service monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "snapdrive for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.2"
},
{
"model": "jabber voice for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "onepk all-in-one vm",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.7"
},
{
"model": "usg5000 v300r001c10spc200",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "big-ip ltm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "storevirtual china hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.0"
},
{
"model": "idp 4.2r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.9"
},
{
"model": "big-ip apm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "tivoli netcool/system service monitor fp13",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "infosphere guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "9.3-beta1-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.1.5.1"
},
{
"model": "stunnel",
"scope": "eq",
"trust": 0.3,
"vendor": "stunnel",
"version": "5.00"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.5"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.8.0"
},
{
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.2"
},
{
"model": "tandberg mxp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7700"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "prime data center network manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 1tb mdl china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.0.4"
},
{
"model": "cc v200r001c31",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"model": "tivoli netcool/system service monitor fp6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "s12700 v200r005+v200r005hp0",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "s5900 v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "xenmobile app controller",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "2.10"
},
{
"model": "8.4-rc1-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.0.10648"
},
{
"model": "cloudburst",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2"
},
{
"model": "xenmobile app controller",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "2.9"
},
{
"model": "esight v2r3c10spc201",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "oceanstor s5500t v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.0"
},
{
"model": "software development kit",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "isoc v200r001c02",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "9000"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.1"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.0"
},
{
"model": "storevirtual china hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.6"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.4"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.3"
},
{
"model": "security information and event management hf3",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.1.4"
},
{
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"model": "project openssl 0.9.8l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "security information and event management",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.1"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50000"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.6"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "10.0-release-p4",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "icewall sso dfw r2",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0"
},
{
"model": "documentum content server sp2 p13",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "agent desktop for cisco unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.1"
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"model": "big-ip afm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "messaging secure gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "7.1"
},
{
"model": "s3900 v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "adaptive security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "i v5r4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "ddos secure",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "anyoffice emm",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "2.6.0601.0090"
},
{
"model": "smart update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0.0"
},
{
"model": "ddos secure",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "5.14.1-1"
},
{
"model": "9.3-beta1-p2",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.1"
},
{
"model": "s2750\u0026s5700\u0026s6700 v200r005+v200r005hp0",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.7.0"
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "tssc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.12"
},
{
"model": "vsm v200r002c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "ssl for openvms",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "1.4-476"
},
{
"model": "project openssl 1.0.0i",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "security network intrusion prevention system gx7412",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "powervu d9190 comditional access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 3tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "i v5r3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "security network intrusion prevention system gx5108",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "malware analysis appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "4.1.1"
},
{
"model": "10.0-release-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "anyconnect secure mobility client",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"model": "i v5r4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "storevirtual 1tb mdl china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "storevirtual fc 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.3"
},
{
"model": "security network intrusion prevention system gx5008",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "usg9500 usg9500 v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual china hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.5"
},
{
"model": "tssc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3"
},
{
"model": "softco v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "documentum content server sp2 p14",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.1"
},
{
"model": "s2750\u0026s5700\u0026s6700 v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "s2700\u0026s3700 v100r006c05+v100r06h",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "oceanstor s6800t v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "fortiap",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "0"
},
{
"model": "tivoli workload scheduler for applications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"model": "storevirtual 4tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "big-ip psm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "ecns600 v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"model": "telepresence mcu series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "web gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.4.2.1"
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.3"
},
{
"model": "storevirtual 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "jabber voice for iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime network services controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "asg2000 v100r001c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "idp 5.1r4",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "9.3-prerelease",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "i v5r3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "unified ip conference phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"model": "project openssl 1.0.0e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "oic v100r001c00spc402",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "documentum content server",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.0"
},
{
"model": "security network intrusion prevention system gx4004",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "security network intrusion prevention system gv1000",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"model": "icewall sso dfw",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0"
},
{
"model": "s7700\u0026s9700 v200r005+v200r005hp0",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "nac manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smc2.0 v100r002c01b017sp17",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "463012.6"
},
{
"model": "storevirtual 450gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "9.2-releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "hardware management console release",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v77.8"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.5"
},
{
"model": "business server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "1x8664"
},
{
"model": "hardware management console release",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v77.7"
},
{
"model": "8.4-releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "dsr-1000 1.09.b61",
"scope": "ne",
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.10"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.13"
},
{
"model": "aura collaboration environment",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "security network intrusion prevention system gx7800",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1.2"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "security manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "1.0.4"
},
{
"model": "big-ip afm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8x"
},
{
"model": "vtm v100r001c30",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "logcenter v200r003c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "oceanstor s5500t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"model": "storevirtual 2tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "dynamic system analysis",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.61"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.4.1"
},
{
"model": "tivoli workload scheduler distributed",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "storevirtual 1tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "99510"
},
{
"model": "storevirtual hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.0"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89450"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.8"
},
{
"model": "telepresence supervisor mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "80500"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.2.0.9"
},
{
"model": "puredata system for operational analytics a1791",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "usg2000 v300r001c10sph201",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "dsm v100r002c05spc615",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "icewall sso dfw",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.0"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"model": "espace u2980 v100r001 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3"
},
{
"model": "project openssl 0.9.8t",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "cloudburst",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "big-ip apm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.0"
},
{
"model": "tivoli netcool/system service monitor fp8",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "big-ip asm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.5"
},
{
"model": "storevirtual 3tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.00"
},
{
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.2"
},
{
"model": "enterprise content management system monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "storevirtual 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2.6"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"model": "hosted collaboration mediation fulfillment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "s7700\u0026s9700 v200r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ecns600 v100r002c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "application networking manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "8.4-rc2-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "icewall sso certd r3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0"
},
{
"model": "oceanstor s2600t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "espace u19** v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl 1.0.0c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "spa112 2-port phone adapter",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.2"
},
{
"model": "spa500 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tivoli workload scheduler distributed fp03",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "universal small cell series software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70003.4.20"
},
{
"model": "project openssl 1.0.1h",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "storevirtual vsa software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "12.5"
},
{
"model": "paging server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "oceanstor s5600t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "data ontap smi-s agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.2"
},
{
"model": "9.2-rc1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"model": "ace application control engine module ace20",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jabber for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.4.1"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.1.5.2"
},
{
"model": "storevirtual china hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.5"
},
{
"model": "psb email and server security",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "10.00"
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1.0.1880"
},
{
"model": "hyperdp oceanstor n8500 v200r001c09",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.3"
},
{
"model": "telepresence video communication server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "3.1.10"
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.2"
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1.0.2354"
},
{
"model": "agent desktop for cisco unified contact center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"model": "toolscenter suite",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.53"
},
{
"model": "8.4-stable",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "telepresence ip vcr series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11000"
},
{
"model": "unified communications series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"model": "telepresence sx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "8.4-release-p12",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "14.04"
},
{
"model": "netcool/system service monitor fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.014"
},
{
"model": "hyperdp v200r001c91spc201",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.1"
},
{
"model": "unified attendant console",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 1.0.0f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "dsr-500 1.09.b61",
"scope": "ne",
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "99710"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "s3900 v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "oceanstor s5600t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"model": "documentum content server sp1 p26",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "tivoli management framework",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.1"
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "18.0"
},
{
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.3"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"model": "9.2-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.6"
},
{
"model": "security information and event management hf11",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.3.2"
},
{
"model": "tivoli netcool/system service monitor fp4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "snapdrive for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "ftp server",
"scope": "ne",
"trust": 0.3,
"vendor": "cerberus",
"version": "7.0.0.3"
},
{
"model": "storevirtual 2tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.12"
},
{
"model": "ata analog telephone adaptor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1870"
},
{
"model": "project openssl 1.0.0j",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "eupp v100r001c01spc101",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ace application control engine module ace10",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 1.0.0b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.1"
},
{
"model": "ecns600 v100r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "expressway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"model": "storevirtual 1tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "aura experience portal sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "proventia network security controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1209"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "oceanstor s2600t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "ssl for openvms",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.4-471"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6.5"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3"
},
{
"model": "security information and event management",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.3"
},
{
"model": "storevirtual 3tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.1.2"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "3.1.12"
},
{
"model": "tivoli netcool/system service monitor fp9",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "tivoli workload scheduler distributed fp07",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "smart update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3.1"
},
{
"model": "manageone v100r002c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "clustered data ontap antivirus connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "463011.5"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "ave2000 v100r001c00sph001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "security information and event management ga",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.4.0"
},
{
"model": "svn2200 v200r001c01hp0001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "8.4-beta1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "storevirtual fc 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "esight-ewl v300r001c10spc300",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ave2000 v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "tsm v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "usg9500 v300r001c01spc300",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "tivoli netcool/system service monitor fp5",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1"
},
{
"model": "fortios b064",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.5-1"
},
{
"model": "documentum content server sp2 p15",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "usg9500 v300r001c20sph102",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "tivoli workload scheduler for applications fp01",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "9.2-release-p5",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "big-ip link controller",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "storevirtual 1tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"model": "fortios",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.8"
},
{
"model": "asa cx context-aware security",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 450gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "10.0-rc2-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "tivoli workload scheduler distributed fp02",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"model": "telepresence integrator c series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.4.13"
},
{
"model": "project openssl 1.0.1d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"model": "unified im and presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "8.4-prerelease",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"model": "usg9300 v200r001c01sph902",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "security network intrusion prevention system gv200",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"model": "open systems snapvault",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.6"
},
{
"model": "elog v100r003c01spc503",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "8.4-release-p4",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "anyoffice v200r002c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "463012.5"
},
{
"model": "nac appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"model": "digital media players series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "43000"
},
{
"model": "hardware management console release",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v77.6"
},
{
"model": "vpn client v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3100"
},
{
"model": "metro ethernet series access devices",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12000"
},
{
"model": "storevirtual 1tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "s5900 v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "13.10"
},
{
"model": "prime network",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "s6900 v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ecns610 v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.0.0"
},
{
"model": "storevirtual hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.5"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "storevirtual 3tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "snapdrive for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"model": "storevirtual fc 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "blackberry enterprise service",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1.0"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "9.2-release-p8",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "fusionsphere v100r003",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.1"
},
{
"model": "usg9500 usg9500 v300r001c20",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "tsm v100r002c07spc219",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "espace u2990 v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip pem",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "prime infrastructure",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "protection service for email",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "7.5"
},
{
"model": "espace iad v300r002c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "proventia network security controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.913"
},
{
"model": "ace application control engine appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "9.1-rc1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "documentum content server sp1 p28",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "telepresence isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32410"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.2.3"
},
{
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "prime collaboration provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5"
},
{
"model": "stunnel",
"scope": "eq",
"trust": 0.3,
"vendor": "stunnel",
"version": "5.01"
},
{
"model": "oceanstor s5600t v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "espace iad v300r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "security network intrusion prevention system gx7412-10",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "telepresence ex series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"model": "telepresence server on virtual machine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1"
},
{
"model": "oceanstor s6800t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "manageone v100r001c02 spc901",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "security information and event management",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.2"
},
{
"model": "9.2-rc3-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.5"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.5-2"
},
{
"model": "tivoli network manager ip edition fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.94"
},
{
"model": "project openssl 1.0.0m",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "big-ip apm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.0"
},
{
"model": "open systems snapvault",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.6.1"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"model": "oceanstor s2600t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "security network intrusion prevention system gx5008-v2",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "dsr-500n rev. a1",
"scope": null,
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "s2750\u0026s5700\u0026s6700 v200r003",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "oceanstor s5800t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "security network intrusion prevention system gx4002",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"model": "email and server security",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "11.00"
},
{
"model": "oceanstor s5800t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip analytics",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "psb email and server security",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "9.20"
},
{
"model": "isoc v200r001c02spc202",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "9000"
},
{
"model": "ios xr software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 2tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "9.2-release-p4",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "big-ip apm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413011.5"
},
{
"model": "unified series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "79000"
},
{
"model": "ons series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154000"
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"model": "aura experience portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "tivoli netcool/system service monitor fp3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "unified intelligent contact management enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nip2000\u00265000 v100r002c10spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "hyperdp v200r001c09spc501",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "sterling b2b integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "icewall sso dfw r3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0"
},
{
"model": "release-p5",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.1"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"model": "anyconnect secure mobility client for ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "9.1-release-p14",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.1-release-p3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "33.0.1750.166"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "eupp v100r001c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0"
},
{
"model": "toolscenter suite",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.52"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3"
},
{
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"model": "dsr-500 rev. a1",
"scope": null,
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.0.3"
},
{
"model": "guardium database activity monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.2"
},
{
"model": "policy center v100r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "project openssl 0.9.8o",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.2"
},
{
"model": "telepresence",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "13100"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl 1.0.1b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.0k",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "director",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.4"
},
{
"model": "storevirtual 3tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1"
},
{
"model": "tandberg mxp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9900"
},
{
"model": "updatexpress system packs installer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.60"
},
{
"model": "oceanstor s5800t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1"
},
{
"model": "jabber for mac",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "usg2000 v300r001c10spc200",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "d9036 modular encoding platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance 4300e/4500e high-definition ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smart update manager",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "6.4.1"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "10.0-rc1-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "storevirtual 600gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.5"
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.0.92743"
},
{
"model": "unified series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "69000"
},
{
"model": "tivoli netcool/system service monitor fp1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "6"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "oceanstor s5600t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "10.0-stable",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "tivoli netcool/system service monitor fp7",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.7"
},
{
"model": "sterling b2b integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"model": "jabber video for ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tssc",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.15"
},
{
"model": "icewall mcrp",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.0"
},
{
"model": "guardium database activity monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2.2"
},
{
"model": "unified communications manager session management edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.5"
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "31.0.1650.59"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "operations analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "8.4-release-p7",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "video surveillance ptz ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"model": "project openssl 0.9.8s",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "webex connect client for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "snapdrive for unix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"model": "telepresence serial gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "clustered data ontap antivirus connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1"
},
{
"model": "9.1-release-p10",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "elog v100r003c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "security module for cisco network registar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ata series analog telephone adaptor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1900"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.5"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.6"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89610"
},
{
"model": "cognos planning fp3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"model": "open systems snapvault",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "project openssl 0.9.8za",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "blackberry enterprise service",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.2.0"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500-320"
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "35.0"
},
{
"model": "storevirtual hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.6"
},
{
"model": "email and server security",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "10.00"
},
{
"model": "unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network intrusion prevention system gx5108-v2",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "softco v200r001c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "9.2-prerelease",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.5"
},
{
"model": "big-ip gtm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "s6900 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0.00"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "svn5500 v200r001c01hp0001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.6"
},
{
"model": "prime lan management solution",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "5.1"
},
{
"model": "proventia network security controller 1.0.3350m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.0"
},
{
"model": "9.1-releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "8.4-release-p3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "agent desktop for cisco unified contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "dsm v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "cms r17ac.h",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "agile controller v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "nip2000\u00265000 v100r002c10hp0001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "telepresence mx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tapi service provider",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "storevirtual 1tb mdl china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "tivoli workload scheduler distributed fp04",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500-370"
},
{
"model": "oceanstor s5800t v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "oceanstor s5500t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "css series content services switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "115000"
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.0.10"
},
{
"model": "telepresence isdn gw mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83210"
},
{
"model": "ucs central",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence profile series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smc2.0 v100r002c01b017sp16",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "web gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2.10"
},
{
"model": "espace iad v300r001c07",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "security network intrusion prevention system gx7412-05",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "dynamic system analysis",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.60"
},
{
"model": "icewall mcrp",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0"
},
{
"model": "s7700\u0026s9700 v200r003",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "9.2-rc1-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.5"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.3"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "1.0.6"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "freedome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "0"
},
{
"model": "fortios b0630",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.8"
},
{
"model": "proventia network security controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1768"
},
{
"model": "physical access gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 450gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "dsr-1000 rev. a1",
"scope": null,
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "nac guest server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "session border controller enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "s7700\u0026s9700 v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.4"
},
{
"model": "dsr-1000n 1.09.b61",
"scope": "ne",
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89410"
},
{
"model": "9.3-beta1",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "unity connection",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 0.9.8u",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "isoc v200r001c01spc101",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "5000"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.1"
},
{
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.1"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1"
},
{
"model": "documentum content server sp2 p16",
"scope": "ne",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "oceanstor s2200t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "prime network registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "espace usm v100r001c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl 1.0.0a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "icewall sso dfw r1",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-173"
},
{
"db": "BID",
"id": "67900"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002765"
},
{
"db": "NVD",
"id": "CVE-2014-0195"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.0.0m",
"versionStartIncluding": "1.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.0.1h",
"versionStartIncluding": "1.0.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "0.9.8za",
"versionStartIncluding": "0.9.8",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.0.13",
"versionStartIncluding": "10.0.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0195"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "J\u00fcri Aedla",
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-173"
}
],
"trust": 0.7
},
"cve": "CVE-2014-0195",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2014-0195",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2014-0195",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-0195",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "ZDI",
"id": "CVE-2014-0195",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2014-0195",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-173"
},
{
"db": "VULMON",
"id": "CVE-2014-0195"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002765"
},
{
"db": "NVD",
"id": "CVE-2014-0195"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The dtls1_reassemble_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly validate fragment lengths in DTLS ClientHello messages, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a long non-initial fragment. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of DTLS packets. The issue lies in the assumption that all fragments specify the same message size. An attacker could leverage this vulnerability to execute code in the context of the process using OpenSSL. \nThe following are vulnerable:\nOpenSSL 0.9.8 prior to 0.9.8za\nOpenSSL 1.0.0 prior to 1.0.0m\nOpenSSL 1.0.1 prior to 1.0.1h. One of the patch backports for\nUbuntu 10.04 LTS caused a regression for certain applications. \n\nWe apologize for the inconvenience. This issue only affected Ubuntu 12.04 LTS, Ubuntu 13.10, and\n Ubuntu 14.04 LTS. (CVE-2014-0195)\n Imre Rad discovered that OpenSSL incorrectly handled DTLS recursions. \n (CVE-2014-0224)\n Felix Gr=C3=B6bert and Ivan Fratri=C4=87 discovered that OpenSSL incorrectly handled\n anonymous ECDH ciphersuites. This issue only\n affected Ubuntu 12.04 LTS, Ubuntu 13.10, and Ubuntu 14.04 LTS. \n (CVE-2014-3470)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 10.04 LTS:\n libssl0.9.8 0.9.8k-7ubuntu8.21\n\nAfter a standard system update you need to reboot your computer to make all\nthe necessary changes. \n \n OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before\n 1.0.1h does not properly restrict processing of ChangeCipherSpec\n messages, which allows man-in-the-middle attackers to trigger use of a\n zero-length master key in certain OpenSSL-to-OpenSSL communications,\n and consequently hijack sessions or obtain sensitive information,\n via a crafted TLS handshake, aka the CCS Injection vulnerability\n (CVE-2014-0224). \n \n The updated packages have been upgraded to the 1.0.0m version where\n these security flaws has been fixed. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0195\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0221\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470\n http://www.openssl.org/news/secadv_20140605.txt\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Business Server 1/X86_64:\n 857d06ddc6423ad124b23eb760459033 mbs1/x86_64/lib64openssl1.0.0-1.0.0m-1.mbs1.x86_64.rpm\n d7436f2f95df5c1d64d44a745f125bd8 mbs1/x86_64/lib64openssl-devel-1.0.0m-1.mbs1.x86_64.rpm\n 67f6cd6da42f01fb2f6054a2f96872af mbs1/x86_64/lib64openssl-engines1.0.0-1.0.0m-1.mbs1.x86_64.rpm\n 5d7c5712c1ce70a2dd2596e803bc7004 mbs1/x86_64/lib64openssl-static-devel-1.0.0m-1.mbs1.x86_64.rpm\n 9866e03e1c112b0c4cb5587b142cfa63 mbs1/x86_64/openssl-1.0.0m-1.mbs1.x86_64.rpm \n 9ac714afa9a9b30419f2f1f5c9ec4e48 mbs1/SRPMS/openssl-1.0.0m-1.mbs1.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/en/support/security/advisories/\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.12 (GNU/Linux)\n\niD8DBQFTlcuxmqjQ0CJFipgRAtEQAJsEeYwuETVPTeadp+pdK9wJfQqgOgCfXDif\n30xyBHFmHJa6MS/00iqN2aY=\n=9sdw\n-----END PGP SIGNATURE-----\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/\ndocDisplay?docId=emr_na-c04355095\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c04355095\nVersion: 1\n\nHPSBMU03062 rev.1 - HP Insight Control server deployment on Linux and Windows\nrunning OpenSSL, Multiple Vulnerabilities\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2014-08-08\nLast Updated: 2014-08-08\n\nPotential Security Impact: Remote denial of service (DoS), code execution,\nunauthorized access, disclosure of information\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with HP System\nManagement Homepage (SMH), HP Smart Update Manager (SUM), and HP Version\nControl Agent (VCA) running on Linux and Windows. These components of HP\nInsight Control server deployment could be exploited remotely resulting in\ndenial of service (DoS), code execution, unauthorized access, or disclosure\nof information. \n\nHP Insight Control server deployment packages HP System Management Homepage\n(SMH) and HP Version Control Agent (VCA), and HP Smart Update Manager (SUM)\nand deploys them through the following components. This bulletin provides the\ninformation needed to update the HP Insight Control server deployment\nsolution. \n\nInstall HP Management Agents for Windows x86/x64\nInstall HP Management Agents for RHEL 5 x64\nInstall HP Management Agents for RHEL 6 x64\nInstall HP Management Agents for SLES 10 x64\nInstall HP Management Agents for SLES 11 x64\nUpgrade Proliant Firmware\n\nReferences:\n\nCVE-2010-5298 Remote Denial of Service\nCVE-2014-0076 Unauthorized Disclosure of Information\nCVE-2014-0195 Remote Unauthorized Access\nCVE-2014-0198 Remote Denial of Service\nCVE-2014-0221 Remote Denial of Service (DoS)\nCVE-2014-0224 Remote Unauthorized Access or Disclosure of Information\nCVE-2014-3470 Remote Code Execution or Unauthorized Access\nSSRT101628\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP Insight Control server deployment v7.1.2, v7.2.0, v7.2.1, v7.2.2, v7.3.1\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2010-5298 (AV:N/AC:H/Au:N/C:N/I:P/A:P) 4.0\nCVE-2014-0076 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\nCVE-2014-0195 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2014-0198 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2014-0221 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2014-0224 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2014-3470 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has provided the following updates to v7.3.1 of HP Insight Control server\ndeployment to resolve this vulnerability. HP has provided manual update steps\nif a version upgrade is not possible; if users wish to remain at v7.1.2,\nv7.2.0, or v7.2.1. \n\nNote: It is important to check your current running version of HP Insight\nControl server deployment and to follow the correct steps listed below. For\nHP Insight Control server deployment v7.2.2, users must upgrade to v7.3.1 and\nfollow the steps below to remove the vulnerability. The vulnerability known\nas Heartbleed (CVE-2014-0160) was fixed in HP Insight Control server\ndeployment v7.3.1. That Security Bulletin with instructions on how to upgrade\nto v7.3.1 can be found here:\n\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_n\na-c04267749\n\nHP Insight Control server deployment users of v7.1.2, v7.2.0, v7.2.1 should\ntake the following steps to remove this vulnerability. \n\nDelete the files smhamd64-*.exe/smhx86-*.exe\" from Component Copy Location\nlisted in the following table, rows 1 and 2. \nDelete the files \"vcax86-*.exe/vcaamd64-*.exe from Component Copy Location\nlisted in the following table, rows 3 and 4. \nDelete the files hpsmh-7.*.rpm\" from Component Copy Location listed in row 5. \nIn sequence, perform the steps from left to right in the following table. \nFirst, download components from Download Link; Second, rename the component\nas suggested in Rename to. Third, copy the component to the location\nspecified in Component Copy Location. \nTable Row Number\n Download Link\n Rename to\n Component Copy Location\n\n1\n http://www.hp.com/swpublishing/MTX-e8076c2a35804685ad65b2b1ba\n smhamd64-ccp023716.exe\n \\\\express\\hpfeatures\\hpagents-ws\\components\\Win2008\n\n2\n http://www.hp.com/swpublishing/MTX-3395d737d98f42149125b9bb05\n smhx86-cp023715.exe\n \\\\express\\hpfeatures\\hpagents-ws\\components\\Win2008\n\n3\n http://www.hp.com/swpublishing/MTX-8aefeaf490284a7691eca97d13\n vcax86-cp023742.exe\n \\\\express\\hpfeatures\\hpagents-ws\\components\\Win2008\n\n4\n http://www.hp.com/swpublishing/MTX-c0d32bac154a4d93839d8cd1f2\n vcaamd64-cp023743.exe\n \\\\express\\hpfeatures\\hpagents-ws\\components\\Win2008\n\n5\n http://www.hp.com/swpublishing/MTX-bd9a1cf60e344c549c4888db93\n Do not rename the downloaded component for this step. \n \\\\express\\hpfeatures\\hpagents-sles11-x64\\components\n\\\\express\\hpfeatures\\hpagents-sles10-x64\\components\n\\\\express\\hpfeatures\\hpagents-rhel5-x64\\components\n\\\\express\\hpfeatures\\hpagents-rhel6-x64\\components\n\nDownload and extract the HPSUM 5.3.6 component from\nftp://ftp.hp.com/pub/softlib2/software1/pubsw-windows/p750586112/v99793\n\nCopy all content from extracted ZIP folder and paste into\n\\\\eXpress\\hpfeatures\\fw-proLiant\\components\nInitiate Install HP Management Agents for SLES 11 x64 on targets running\nSLES11 x64. \nInitiate Install HP Management Agents for SLES 10 x64 on targets running\nSLES10 x64. \nInitiate Install HP Management Agents for RHEL 6 x64 on targets running RHEL\n6 x64. \nInitiate Install HP Management Agents for RHEL 5 x64 on targets running RHEL\n5 x64. \nInitiate Install HP Management Agents for Windows x86/x64 on targets running\nWindows. \n\nHP Insight Control server deployment users with v7.2.2:\n\nPlease upgrade to Insight Control server deployment v7.3.1 and follow the\nsteps below for v7.3.1. \n\nHP Insight Control server deployment users with v7.3.1:\n\nPerform steps 1 - 4 as outlined above for users with HP Insight Control\nserver deployment v7.1.2, v7.2.0, and v7.2.1. \nDownload the HP SUM ZIP file from\nhttp://www.hp.com/swpublishing/MTX-f6c141a7feeb4a358bbb28300f\n\nExtract the contents from the HP SUM ZIP file to\n\\\\eXpress\\hpfeatures\\fw-proLiant\\components location on the Insight Control\nserver deployment server\n\nRelated security bulletins:\n\nFor System Management Homepage please see Security bulletin HPSBMU03051 https\n://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c04\n345210\n\nFor HP Version Control Agent please see Security bulletin HPSBMU03057 https:/\n/h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c0434\n9897\n\nHISTORY\nVersion:1 (rev.1) - 8 August 2014 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2014 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.13 (GNU/Linux)\n\niEYEARECAAYFAlPk9ewACgkQ4B86/C0qfVn1/gCfR2U/mZZXYwPms9ptZcBTua/5\nMoQAn1qlQ3kmLRs7YFN5GzwBTRfSK5Go\n=r0qe\n-----END PGP SIGNATURE-----\n. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll OpenSSL users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-1.0.1h-r1\"\n\nReferences\n==========\n\n[ 1 ] CVE-2010-5298\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-5298\n[ 2 ] CVE-2014-0195\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0195\n[ 3 ] CVE-2014-0198\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0198\n[ 4 ] CVE-2014-0221\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0221\n[ 5 ] CVE-2014-0224\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0224\n[ 6 ] CVE-2014-3470\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3470\n[ 7 ] OpenSSL Security Advisory [05 Jun 2014]\n http://www.openssl.org/news/secadv_20140605.txt\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201407-05.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2014 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. Summary\n\n VMware product updates address OpenSSL security vulnerabilities. \n\n2. Problem Description\n\n a. \n\n OpenSSL libraries have been updated in multiple products to\n versions 0.9.8za and 1.0.1h in order to resolve multiple security\n issues. \n \n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n\n has assigned the names CVE-2014-0224, CVE-2014-0198, \n CVE-2010-5298, CVE-2014-3470, CVE-2014-0221 and CVE-2014-0195 to\n these issues. The most important of these issues is \n CVE-2014-0224. \n\n CVE-2014-0198, CVE-2010-5298 and CVE-2014-3470 are considered to\n be of moderate severity. Exploitation is highly unlikely or is\n mitigated due to the application configuration. \n\n CVE-2014-0221 and CVE-2014-0195, which are listed in the OpenSSL \n Security Advisory (see Reference section below), do not affect\n any VMware products. For readability\n the affected products have been split into 3 tables below, \n based on the different client-server configurations and\n deployment scenarios. Applying these patches to \n affected servers will mitigate the affected clients (See Table 1\n below). \n\n Clients that communicate over untrusted networks such as public\n Wi-Fi and communicate to a server running a vulnerable version of \n OpenSSL 1.0.1. can be mitigated by using a secure network such as \n VPN (see Table 2 below). \n \n Clients and servers that are deployed on an isolated network are\n less exposed to CVE-2014-0224 (see Table 3 below). The affected\n products are typically deployed to communicate over the\n management network. \n\n RECOMMENDATIONS\n\n VMware recommends customers evaluate and deploy patches for\n affected Servers in Table 1 below as these patches become\n available. Patching these servers will remove the ability to\n exploit the vulnerability described in CVE-2014-0224 on both\n clients and servers. VMware recommends customers consider \n applying patches to products listed in Table 2 \u0026 3 as required. \n\n Column 4 of the following tables lists the action required to\n remediate the vulnerability in each release, if a solution is\n available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch \n ============== ======= ======= =============\n ESXi 5.5 ESXi ESXi550-\n 201406401-SG \n\n Big Data Extensions 1.1 patch pending \n Charge Back Manager 2.6 patch pending \n\n Horizon Workspace Server \n GATEWAY 1.8.1 patch pending \n Horizon Workspace Server \n GATEWAY 1.5 patch pending \n\n Horizon Workspace Server \n DATA 1.8.1 patch pending \n\n Horizon Mirage Edge Gateway 4.4.2 patch pending \n Horizon View 5.3.1 patch pending \n\n Horizon View Feature Pack 5.3 SP2 patch pending \n\n NSX for Multi-Hypervisor 4.1.2 patch pending \n NSX for Multi-Hypervisor 4.0.3 patch pending \n NSX for vSphere 6.0.4 patch pending \n NVP 3.2.2 patch pending \n vCAC 6.0.1 patch pending \n\n vCloud Networking and Security 5.5.2 \t\t patch pending \n vCloud Networking and Security 5.1.2 \t\t patch pending \n\n vFabric Web Server 5.3.4 patch pending \n\n vCHS - DPS-Data Protection 2.0 patch pending \n Service\n\n Table 2\n ========\n Affected clients running a vulnerable version of OpenSSL 0.9.8 \n or 1.0.1 and communicating over an untrusted network. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch \n ============== ======= ======= =============\n vCSA 5.5 patch pending \n vCSA 5.1 patch pending \n vCSA 5.0 patch pending \n\n\n ESXi 5.1 ESXi patch pending \n ESXi 5.0 ESXi patch pending \n\n Workstation 10.0.2 any patch pending \n Workstation 9.0.3 any patch pending \n Fusion 6.x OSX patch pending \n Fusion 5.x OSX patch pending \n Player 10.0.2 any patch pending \n Player 9.0.3 any patch pending \n\n Chargeback Manager 2.5.x patch pending \n\n Horizon Workspace Client for 1.8.1 OSX patch pending \n Mac\n Horizon Workspace Client for 1.5 OSX patch pending \n Mac\n Horizon Workspace Client for 1.8.1 Windows patch pending \n Windows \n Horizon Workspace Client for 1.5 Windows patch pending \n\n OVF Tool 3.5.1 patch pending \n OVF Tool 3.0.1 patch pending \n\n vCenter Operations Manager 5.8.1 patch pending \n\n vCenter Support Assistant 5.5.0 patch pending \n vCenter Support Assistant 5.5.1 patch pending \n \n vCD 5.1.2 patch pending \n vCD 5.1.3 patch pending \n vCD 5.5.1.1 patch pending \n vCenter Site Recovery Manager 5.0.3.1 patch pending \n\n Table 3\n =======\n The following table lists all affected clients running a\n vulnerable version of OpenSSL 0.9.8 or 1.0.1 and communicating\n over an untrusted network. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch \n ============== ======= ======= =============\n vCenter Server 5.5 any patch pending\n vCenter Server 5.1 any patch pending\n vCenter Server 5.0 any patch pending\n\n Update Manager 5.5 Windows patch pending\n Update Manager 5.1 Windows patch pending\n Update Manager 5.0 Windows patch pending \n\n Config Manager (VCM) 5.6 patch pending \n\n Horizon View Client 5.3.1 patch pending \n Horizon View Client 4.x patch pending\n Horizon Workspace 1.8.1 patch pending \n Horizon Workspace 1.5 patch pending \n \n \n ITBM Standard 1.0.1 patch pending \n ITBM Standard 1.0 patch pending \n \n Studio 2.6.0.0 patch pending \n \n Usage Meter 3.3 patch pending \n vCenter Chargeback Manager 2.6 patch pending \n vCenter Converter Standalone 5.5 patch pending \n vCenter Converter Standalone 5.1 patch pending \n vCD (VCHS) 5.6.2 patch pending \n \n vCenter Site Recovery Manager 5.5.1 patch pending \n vCenter Site Recovery Manager 5.1.1 patch pending\n\n vFabric Application Director 5.2.0 patch pending \n vFabric Application Director 5.0.0 patch pending \n View Client 5.3.1 patch pending \n View Client 4.x patch pending\n VIX API 5.5 patch pending \n VIX API 1.12 patch pending \n \n vMA (Management Assistant) 5.1.0.1 patch pending \n \n\n VMware Data Recovery 2.0.3 patch pending \n \n VMware vSphere CLI 5.5 patch pending \n \n vSphere Replication 5.5.1 patch pending \n vSphere Replication 5.6 patch pending \n vSphere SDK for Perl 5.5 patch pending \n vSphere Storage Appliance 5.5.1 patch pending \n vSphere Storage Appliance 5.1.3 patch pending \n vSphere Support Assistant 5.5.1 patch pending \n vSphere Support Assistant 5.5.0 patch pending\n vSphere Virtual Disk 5.5 patch pending \n Development Kit \n vSphere Virtual Disk 5.1 patch pending \n Development Kit\n vSphere Virtual Disk 5.0 patch pending \n Development Kit\n \n 4. Solution\n\n ESXi 5.5\n ----------------------------\n\n Download:\n https://www.vmware.com/patchmgr/download.portal\n\n Release Notes and Remediation Instructions:\n http://kb.vmware.com/kb/2077359\n\n 5. References\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0198\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5298\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470\n \n https://www.openssl.org/news/secadv_20140605.txt\n\n- -----------------------------------------------------------------------\n\n6. Change Log\n\n 2014-06-10 VMSA-2014-0006\n Initial security advisory in conjunction with the release of\n ESXi 5.5 updates on 2014-06-10\n\n- -----------------------------------------------------------------------\n \n7. Contact\n\n E-mail list for product security notifications and announcements:\n http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\n This Security Advisory is posted to the following lists:\n\n security-announce at lists.vmware.com\n bugtraq at securityfocus.com\n fulldisclosure at seclists.org\n\n E-mail: security at vmware.com\n PGP key at: http://kb.vmware.com/kb/1055\n\n VMware Security Advisories\n http://www.vmware.com/security/advisories\n\n VMware Security Response Policy\n https://www.vmware.com/support/policies/security_response.html\n\n VMware Lifecycle Support Phases\n https://www.vmware.com/support/policies/lifecycle.html\n \n Twitter\n https://twitter.com/VMwareSRC\n\n Copyright 2014 VMware Inc. All rights reserved. The\nupdates are available from the following location using ftp:\n\nftp://srt03046:Secure12@ftp.usa.hp.com\n\nUser name: srt03046\nPassword: Secure12 ( NOTE: Case sensitive)\n\nHP-UX Release\n HP-UX OpenSSL version\n\nB.11.11 (11i v1)\n A.00.09.08za.001_HP-UX_B.11.11_32+64.depot\n\nB.11.23 (11i v2)\n A.00.09.08za.002_HP-UX_B.11.23_IA-PA.depot\n\nB.11.31 (11i v3)\n A.00.09.08za.003_HP-UX_B.11.31_IA-PA.depot\n\nMANUAL ACTIONS: Yes - Update\n\nInstall OpenSSL A.00.09.08za or subsequent\n\nPRODUCT SPECIFIC INFORMATION\n\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application\nthat replaces HP-UX Security Patch Check. It analyzes all Security Bulletins\nissued by HP and lists recommended actions that may apply to a specific HP-UX\nsystem. It can also download patches and create a depot automatically. For\nmore information see: https://www.hp.com/go/swa\n\nThe following text is for use by the HP-UX Software Assistant. OpenSSL Security Advisory [05 Jun 2014]\n========================================\n\nSSL/TLS MITM vulnerability (CVE-2014-0224)\n===========================================\n\nAn attacker using a carefully crafted handshake can force the use of weak\nkeying material in OpenSSL SSL/TLS clients and servers. This can be exploited\nby a Man-in-the-middle (MITM) attack where the attacker can decrypt and \nmodify traffic from the attacked client and server. \n\nThe attack can only be performed between a vulnerable client *and*\nserver. Users\nof OpenSSL servers earlier than 1.0.1 are advised to upgrade as a precaution. \n\nOpenSSL 0.9.8 SSL/TLS users (client and/or server) should upgrade to 0.9.8za. \nOpenSSL 1.0.0 SSL/TLS users (client and/or server) should upgrade to 1.0.0m. \nOpenSSL 1.0.1 SSL/TLS users (client and/or server) should upgrade to 1.0.1h. \n\nThanks to KIKUCHI Masashi (Lepidum Co. Ltd.) for discovering and\nresearching this issue. This issue was reported to OpenSSL on 1st May\n2014 via JPCERT/CC. \n\nThe fix was developed by Stephen Henson of the OpenSSL core team partly based\non an original patch from KIKUCHI Masashi. \n\nDTLS recursion flaw (CVE-2014-0221)\n====================================\n\nBy sending an invalid DTLS handshake to an OpenSSL DTLS client the code\ncan be made to recurse eventually crashing in a DoS attack. \n\nOnly applications using OpenSSL as a DTLS client are affected. \n\nOpenSSL 0.9.8 DTLS users should upgrade to 0.9.8za\nOpenSSL 1.0.0 DTLS users should upgrade to 1.0.0m. \nOpenSSL 1.0.1 DTLS users should upgrade to 1.0.1h. \n\nThanks to Imre Rad (Search-Lab Ltd.) for discovering this issue. This\nissue was reported to OpenSSL on 9th May 2014. \n\nThe fix was developed by Stephen Henson of the OpenSSL core team. \n\nDTLS invalid fragment vulnerability (CVE-2014-0195)\n====================================================\n\nA buffer overrun attack can be triggered by sending invalid DTLS fragments\nto an OpenSSL DTLS client or server. \n\nOnly applications using OpenSSL as a DTLS client or server affected. \n\nOpenSSL 0.9.8 DTLS users should upgrade to 0.9.8za\nOpenSSL 1.0.0 DTLS users should upgrade to 1.0.0m. \nOpenSSL 1.0.1 DTLS users should upgrade to 1.0.1h. \n\nThanks to J\u00fcri Aedla for reporting this issue. This issue was\nreported to OpenSSL on 23rd April 2014 via HP ZDI. \n\nThe fix was developed by Stephen Henson of the OpenSSL core team. \n\nSSL_MODE_RELEASE_BUFFERS NULL pointer dereference (CVE-2014-0198)\n=================================================================\n\nA flaw in the do_ssl3_write function can allow remote attackers to\ncause a denial of service via a NULL pointer dereference. This flaw\nonly affects OpenSSL 1.0.0 and 1.0.1 where SSL_MODE_RELEASE_BUFFERS is\nenabled, which is not the default and not common. \n\nOpenSSL 1.0.0 users should upgrade to 1.0.0m. \nOpenSSL 1.0.1 users should upgrade to 1.0.1h. \n\nThis issue was reported in public. The fix was developed by\nMatt Caswell of the OpenSSL development team. \n\nSSL_MODE_RELEASE_BUFFERS session injection or denial of service (CVE-2010-5298)\n===============================================================================\n \nA race condition in the ssl3_read_bytes function can allow remote\nattackers to inject data across sessions or cause a denial of service. \nThis flaw only affects multithreaded applications using OpenSSL 1.0.0\nand 1.0.1, where SSL_MODE_RELEASE_BUFFERS is enabled, which is not the\ndefault and not common. \n\nOpenSSL 1.0.0 users should upgrade to 1.0.0m. \nOpenSSL 1.0.1 users should upgrade to 1.0.1h. \n\nThis issue was reported in public. \n\nAnonymous ECDH denial of service (CVE-2014-3470)\n================================================\n\nOpenSSL TLS clients enabling anonymous ECDH ciphersuites are subject to a\ndenial of service attack. \n\nOpenSSL 0.9.8 users should upgrade to 0.9.8za\nOpenSSL 1.0.0 users should upgrade to 1.0.0m. \nOpenSSL 1.0.1 users should upgrade to 1.0.1h. \n\nThanks to Felix Gr\u00f6bert and Ivan Fratri\u0107 at Google for discovering this\nissue. This issue was reported to OpenSSL on 28th May 2014. \n\nThe fix was developed by Stephen Henson of the OpenSSL core team. \n\nOther issues\n============\n\nOpenSSL 1.0.0m and OpenSSL 0.9.8za also contain a fix for\nCVE-2014-0076: Fix for the attack described in the paper \"Recovering\nOpenSSL ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack\"\nReported by Yuval Yarom and Naomi Benger. This issue was previously\nfixed in OpenSSL 1.0.1g. \n\n\nReferences\n==========\n\nURL for this Security Advisory:\nhttp://www.openssl.org/news/secadv_20140605.txt\n\nNote: the online version of the advisory may be updated with additional\ndetails over time. \n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section. Relevant releases/architectures:\n\nRed Hat Storage Server 2.1 - x86_64\n\n3. Description:\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library. (CVE-2014-0195)\n\nMultiple flaws were found in the way OpenSSL handled read and write buffers\nwhen the SSL_MODE_RELEASE_BUFFERS mode was enabled. A specially crafted DTLS handshake packet could cause\na DTLS client using OpenSSL to crash. A specially\ncrafted handshake packet could cause a TLS/SSL client that has the\nanonymous ECDH cipher suite enabled to crash. (CVE-2014-3470)\n\nRed Hat would like to thank the OpenSSL project for reporting these issues. \nUpstream acknowledges KIKUCHI Masashi of Lepidum as the original reporter\nof CVE-2014-0224, J\u00fcri Aedla as the original reporter of CVE-2014-0195,\nImre Rad of Search-Lab as the original reporter of CVE-2014-0221, and Felix\nGr\u00f6bert and Ivan Fratri\u0107 of Google as the original reporters of\nCVE-2014-3470. For the update to take\neffect, all services linked to the OpenSSL library (such as httpd and other\nSSL-enabled services) must be restarted or the system rebooted. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258\n\n5. Package List:\n\nRed Hat Storage Server 2.1:\n\nSource:\nopenssl-1.0.1e-16.el6_5.14.src.rpm\n\nx86_64:\nopenssl-1.0.1e-16.el6_5.14.x86_64.rpm\nopenssl-debuginfo-1.0.1e-16.el6_5.14.x86_64.rpm\nopenssl-devel-1.0.1e-16.el6_5.14.x86_64.rpm\nopenssl-perl-1.0.1e-16.el6_5.14.x86_64.rpm\nopenssl-static-1.0.1e-16.el6_5.14.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2014 Red Hat, Inc",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0195"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002765"
},
{
"db": "ZDI",
"id": "ZDI-14-173"
},
{
"db": "BID",
"id": "67900"
},
{
"db": "VULMON",
"id": "CVE-2014-0195"
},
{
"db": "PACKETSTORM",
"id": "127917"
},
{
"db": "PACKETSTORM",
"id": "127018"
},
{
"db": "PACKETSTORM",
"id": "127807"
},
{
"db": "PACKETSTORM",
"id": "127630"
},
{
"db": "PACKETSTORM",
"id": "127045"
},
{
"db": "PACKETSTORM",
"id": "127086"
},
{
"db": "PACKETSTORM",
"id": "126961"
},
{
"db": "PACKETSTORM",
"id": "126930"
}
],
"trust": 3.33
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-0195",
"trust": 3.7
},
{
"db": "ZDI",
"id": "ZDI-14-173",
"trust": 2.1
},
{
"db": "BID",
"id": "67900",
"trust": 1.4
},
{
"db": "MCAFEE",
"id": "SB10075",
"trust": 1.4
},
{
"db": "SECUNIA",
"id": "59659",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "58977",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59310",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59305",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59189",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59721",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59587",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "58337",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59491",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59300",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "60571",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59287",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "58939",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59162",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "58743",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59449",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59364",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59990",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59192",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "58945",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59126",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "61254",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59175",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59655",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59451",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59429",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59040",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59306",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59518",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "58660",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59530",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59490",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59666",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59514",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59784",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "58615",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59188",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59413",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "58713",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "58883",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "58714",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59365",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59441",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59223",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59454",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59450",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59301",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59895",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59342",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59669",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59437",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59528",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1030337",
"trust": 1.1
},
{
"db": "JUNIPER",
"id": "JSA10629",
"trust": 1.1
},
{
"db": "JVN",
"id": "JVNVU93868849",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002765",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-2304",
"trust": 0.7
},
{
"db": "ICS CERT",
"id": "ICSA-17-094-04",
"trust": 0.4
},
{
"db": "DLINK",
"id": "SAP10045",
"trust": 0.3
},
{
"db": "VULMON",
"id": "CVE-2014-0195",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127917",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127018",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127807",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127630",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127045",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127086",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126961",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126930",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-173"
},
{
"db": "VULMON",
"id": "CVE-2014-0195"
},
{
"db": "BID",
"id": "67900"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002765"
},
{
"db": "PACKETSTORM",
"id": "127917"
},
{
"db": "PACKETSTORM",
"id": "127018"
},
{
"db": "PACKETSTORM",
"id": "127807"
},
{
"db": "PACKETSTORM",
"id": "127630"
},
{
"db": "PACKETSTORM",
"id": "127045"
},
{
"db": "PACKETSTORM",
"id": "127086"
},
{
"db": "PACKETSTORM",
"id": "126961"
},
{
"db": "PACKETSTORM",
"id": "126930"
},
{
"db": "NVD",
"id": "CVE-2014-0195"
}
]
},
"id": "VAR-201406-0137",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.40652013894736844
},
"last_update_date": "2024-07-23T21:11:52.075000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "DTLS invalid fragment vulnerability (CVE-2014-0195)",
"trust": 1.5,
"url": "http://www.openssl.org/news/secadv_20140605.txt"
},
{
"title": "HT6443",
"trust": 0.8,
"url": "http://support.apple.com/kb/ht6443"
},
{
"title": "HT6443",
"trust": 0.8,
"url": "http://support.apple.com/kb/ht6443?viewlocale=ja_jp"
},
{
"title": "KB36051",
"trust": 0.8,
"url": "http://www.blackberry.com/btsc/kb36051"
},
{
"title": "cisco-sa-20140605-openssl",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20140605-openssl"
},
{
"title": "\u30c8\u30c3\u30d7\u30da\u30fc\u30b8",
"trust": 0.8,
"url": "http://fedoraproject.org/ja/"
},
{
"title": "Multiple Vulnerabilities in OpenSSL",
"trust": 0.8,
"url": "http://www.fortiguard.com/advisory/fg-ir-14-018/"
},
{
"title": "HIRT-PUB14010",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/hirt/publications/hirt-pub14010/index.html"
},
{
"title": "HPSBHF03293 SSRT101846",
"trust": 0.8,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c04595951"
},
{
"title": "Once Bled, Twice Shy (OpenSSL: CVE-2014-0195)",
"trust": 0.8,
"url": "http://h30499.www3.hp.com/t5/hp-security-research-blog/once-bled-twice-shy-openssl-cve-2014-0195/ba-p/6501048#.u5ulr1scgdu"
},
{
"title": "ZDI-14-173/CVE-2014-0195 - OpenSSL DTLS Fragment Out-of-Bounds Write: Breaking up is hard to do",
"trust": 0.8,
"url": "http://h30499.www3.hp.com/t5/hp-security-research-blog/zdi-14-173-cve-2014-0195-openssl-dtls-fragment-out-of-bounds/ba-p/6501002#.u5ulsvscgdu"
},
{
"title": "1673137",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21673137"
},
{
"title": "1676035",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676035"
},
{
"title": "1676062",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676062"
},
{
"title": "1676419",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676419"
},
{
"title": "1677695",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677695"
},
{
"title": "1677828",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677828"
},
{
"title": "1676128",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676128"
},
{
"title": "1678167",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678167"
},
{
"title": "00001841",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001841"
},
{
"title": "1678289",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678289"
},
{
"title": "00001843",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001843"
},
{
"title": "2079783",
"trust": 0.8,
"url": "http://kb.vmware.com/selfservice/microsites/search.do?language=en_us\u0026cmd=displaykc\u0026externalid=2079783"
},
{
"title": "SB10075",
"trust": 0.8,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10075"
},
{
"title": "Fix for CVE-2014-0195",
"trust": 0.8,
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=1632ef744872edc2aa2a53d487d3e79c965a4ad3"
},
{
"title": "Oracle Critical Patch Update Advisory - January 2015",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"title": "Text Form of Oracle Critical Patch Update - January 2015 Risk Matrices",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015verbose-1972976.html"
},
{
"title": "Oracle Critical Patch Update Advisory - July 2014",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
},
{
"title": "Text Form of Oracle Critical Patch Update - July 2014 Risk Matrices",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2014verbose-1972958.html"
},
{
"title": "Bug 1103598",
"trust": 0.8,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1103598"
},
{
"title": "SA80",
"trust": 0.8,
"url": "https://kb.bluecoat.com/index?page=content\u0026id=sa80"
},
{
"title": "Huawei-SA-20140613-OpenSSL",
"trust": 0.8,
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm"
},
{
"title": "SOL15356: OpenSSL vulnerability CVE-2014-0195",
"trust": 0.8,
"url": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15356.html"
},
{
"title": "January 2015 Critical Patch Update Released",
"trust": 0.8,
"url": "https://blogs.oracle.com/security/entry/january_2015_critical_patch_update"
},
{
"title": "CVE-2014-0195 Buffer Errors vulnerability in OpenSSL",
"trust": 0.8,
"url": "https://blogs.oracle.com/sunsecurity/entry/cve_2014_0195_buffer_errors"
},
{
"title": "VMSA-2014-0012",
"trust": 0.8,
"url": "http://www.vmware.com/security/advisories/vmsa-2014-0012.html"
},
{
"title": "OpenSSL\u306e\u8106\u5f31\u6027(CVE-2014-0224\u4ed6)\u306b\u3088\u308b\u30c6\u30fc\u30d7\u30e9\u30a4\u30d6\u30e9\u30ea\u88c5\u7f6e\u3078\u306e\u5f71\u97ff\u306b\u3064\u3044\u3066",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/products/it/server/security/info/vulnerable/openssl_cve20140224_tape_library.html"
},
{
"title": "cisco-sa-20140605-openssl",
"trust": 0.8,
"url": "http://www.cisco.com/cisco/web/support/jp/112/1122/1122700_cisco-sa-20140605-openssl-j.html"
},
{
"title": "Symfoware Server: OpenSSL\u306e\u8106\u5f31\u6027(CVE-2014-0224, CVE-2014-0221, CVE-2014-0195, CVE-2014-3470)(2014\u5e747\u670815\u65e5)",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/symfoware_201404.html"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2014/07/25/how_long_is_too_long_to_wait_for_a_security_update/"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2014/06/06/thanks_for_nothing_openssl_cries_stonewalled_de_raadt/"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2014/06/05/openssl_bug_batch/"
},
{
"title": "Red Hat: CVE-2014-0195",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2014-0195"
},
{
"title": "Ubuntu Security Notice: openssl regression",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-2232-3"
},
{
"title": "Ubuntu Security Notice: openssl vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-2232-4"
},
{
"title": "Ubuntu Security Notice: openssl vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-2232-1"
},
{
"title": "Ubuntu Security Notice: openssl regression",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-2232-2"
},
{
"title": "Debian Security Advisories: DSA-2950-1 openssl -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=909292f2afe623fbec51f7ab6b32f790"
},
{
"title": "Debian CVElist Bug Report Logs: openssl: CVE-2014-0224, CVE-2014-0221, CVE-2014-0195, CVE-2014-0198, CVE-2010-5298, CVE-2014-3470",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=07d14df4883f21063a053cea8d2239c6"
},
{
"title": "Amazon Linux AMI: ALAS-2014-349",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2014-349"
},
{
"title": "Symantec Security Advisories: SA80 : OpenSSL Security Advisory 05-Jun-2014",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=dd4667746d163d08265dfdd4c98e4201"
},
{
"title": "Debian CVElist Bug Report Logs: virtualbox: CVE-2014-6588 CVE-2014-6589 CVE-2014-6590 CVE-2014-6595 CVE-2015-0418 CVE-2015-0427",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=eee4d8c3e2b11de5b15ee65d96af6c60"
},
{
"title": "Citrix Security Bulletins: Citrix Security Advisory for OpenSSL Vulnerabilities (June 2014)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins\u0026qid=afbd3a710e98424e558b1b21482abad6"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - January 2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=4a692d6d60aa31507cb101702b494c51"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=523d3f220a64ff01dd95e064bd37566a"
},
{
"title": "CVE-2014-0195",
"trust": 0.1,
"url": "https://github.com/ricedu/cve-2014-0195 "
},
{
"title": "changelog",
"trust": 0.1,
"url": "https://github.com/securityrouter/changelog "
},
{
"title": "changelog",
"trust": 0.1,
"url": "https://github.com/halon/changelog "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/potterxma/linux-deployment-standard "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/sf4bin/seeker_dataset "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/hrbrmstr/internetdb "
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-173"
},
{
"db": "VULMON",
"id": "CVE-2014-0195"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002765"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "CWE-119",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002765"
},
{
"db": "NVD",
"id": "CVE-2014-0195"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.openssl.org/news/secadv_20140605.txt"
},
{
"trust": 1.4,
"url": "https://kb.bluecoat.com/index?page=content\u0026id=sa80"
},
{
"trust": 1.4,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20140605-openssl"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676035"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677695"
},
{
"trust": 1.4,
"url": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15356.html"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677828"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676062"
},
{
"trust": 1.4,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10075"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676419"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678167"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21673137"
},
{
"trust": 1.4,
"url": "http://www.fortiguard.com/advisory/fg-ir-14-018/"
},
{
"trust": 1.4,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095757"
},
{
"trust": 1.4,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095756"
},
{
"trust": 1.4,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095755"
},
{
"trust": 1.4,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095754"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683332"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676879"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676644"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676071"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21675821"
},
{
"trust": 1.4,
"url": "http://www.f-secure.com/en/web/labs_global/fsc-2014-6"
},
{
"trust": 1.4,
"url": "http://support.citrix.com/article/ctx140876"
},
{
"trust": 1.4,
"url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc"
},
{
"trust": 1.2,
"url": "http://security.gentoo.org/glsa/glsa-201407-05.xml"
},
{
"trust": 1.1,
"url": "http://h30499.www3.hp.com/t5/hp-security-research-blog/once-bled-twice-shy-openssl-cve-2014-0195/ba-p/6501048"
},
{
"trust": 1.1,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1103598"
},
{
"trust": 1.1,
"url": "http://h30499.www3.hp.com/t5/hp-security-research-blog/zdi-14-173-cve-2014-0195-openssl-dtls-fragment-out-of-bounds/ba-p/6501002"
},
{
"trust": 1.1,
"url": "http://www.blackberry.com/btsc/kb36051"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59301"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59450"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59491"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59721"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59655"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59659"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678289"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59162"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59528"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/58939"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59666"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59587"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59126"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59490"
},
{
"trust": 1.1,
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59514"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677527"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59669"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59413"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/58883"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59300"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59895"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59530"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59342"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59451"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001843"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/58743"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001841"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59990"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/60571"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59784"
},
{
"trust": 1.1,
"url": "http://support.apple.com/kb/ht6443"
},
{
"trust": 1.1,
"url": "http://seclists.org/fulldisclosure/2014/dec/23"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/security/advisories/vmsa-2014-0012.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2"
},
{
"trust": 1.1,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2015:062"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140431828824371\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140499827729550\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140266410314613\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140448122410568\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140491231331543\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140621259019789\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140482916501310\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140389274407904\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140317760000786\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140904544427729\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140389355508263\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140752315422991\u0026w=2"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05301946"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html"
},
{
"trust": 1.1,
"url": "https://www.novell.com/support/kb/doc.php?id=7015271"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676889"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1020163"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/security/advisories/vmsa-2014-0006.html"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1030337"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/67900"
},
{
"trust": 1.1,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2014:106"
},
{
"trust": 1.1,
"url": "http://www.ibm.com/support/docview.wss?uid=swg24037783"
},
{
"trust": 1.1,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21676793"
},
{
"trust": 1.1,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21676356"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61254"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59518"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59454"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59449"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59441"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59437"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59429"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59365"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59364"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59310"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59306"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59305"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59287"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59223"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59192"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59189"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59188"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59175"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59040"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/58977"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/58945"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/58714"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/58713"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/58660"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/58615"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/58337"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-august/136473.html"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-august/136470.html"
},
{
"trust": 1.1,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10629"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
},
{
"trust": 1.1,
"url": "https://git.openssl.org/gitweb/?p=openssl.git%3ba=commit%3bh=1632ef744872edc2aa2a53d487d3e79c965a4ad3"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0195"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu93868849/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0195"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0224"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0221"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3470"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0195"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0198"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-5298"
},
{
"trust": 0.4,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-094-04"
},
{
"trust": 0.3,
"url": "http://securityadvisories.dlink.com/security/publication.aspx?name=sap10045"
},
{
"trust": 0.3,
"url": "http://www.cerberusftp.com/products/releasenotes.html"
},
{
"trust": 0.3,
"url": "http://googlechromereleases.blogspot.com/2014/06/chrome-for-android-update.html"
},
{
"trust": 0.3,
"url": "http://blogs.citrix.com/2014/06/06/citrix-security-advisory-for-openssl-vulnerabilities-june-2014/"
},
{
"trust": 0.3,
"url": "https://blogs.oracle.com/sunsecurity/entry/cve_2014_0195_buffer_errors"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2014/aug/att-93/esa-2014-079.txt"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21678123"
},
{
"trust": 0.3,
"url": "http://www.openssl.org"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100181245"
},
{
"trust": 0.3,
"url": "http://www8.hp.com/us/en/software-solutions/operations-analytics-operations-analysis/"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21686583"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685551"
},
{
"trust": 0.3,
"url": "http://www.marshut.com/ixwnpv/stunnel-5-02-released.html"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100181099"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2015/mar/84"
},
{
"trust": 0.3,
"url": "http://btsc.webapps.blackberry.com/btsc/viewdocument.do;jsessionid=98ec479ee69ccb916d2ea4b09943faf5?nocount=true\u0026externalid=kb36051\u0026sliceid=1\u0026cmd=\u0026forward=nonthreadedkc\u0026command=show\u0026kcid=kb36051\u0026viewe"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04355095"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04343424"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04345210"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04349175"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04349789"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04349897"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04363613"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04368523"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04378799"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04379485"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04337774"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05301946"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04336637"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21678356"
},
{
"trust": 0.3,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095940"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21676889"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676673"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676041"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676128"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-14-173/"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=nas8n1020200"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676356"
},
{
"trust": 0.3,
"url": "https://rhn.redhat.com/errata/rhsa-2014-0625.html"
},
{
"trust": 0.3,
"url": "http://forums.alienvault.com/discussion/3054/security-advisory-alienvault-v4-10-0-addresses-several-vulnerabilities"
},
{
"trust": 0.3,
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/archive/hw-345106.htm"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676793"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1021009"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676840"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=nas8n1020163"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678104"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682023"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682025"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682024"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21678289"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=ssg1s1004695"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1020976"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1020952"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1007987"
},
{
"trust": 0.3,
"url": "http://www.ubuntu.com/usn/usn-2232-4/"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0076"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0224"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3470"
},
{
"trust": 0.2,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/"
},
{
"trust": 0.2,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
},
{
"trust": 0.2,
"url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/120.html"
},
{
"trust": 0.1,
"url": "https://github.com/ricedu/cve-2014-0195"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-0195"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=34546"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/2232-3/"
},
{
"trust": 0.1,
"url": "https://launchpad.net/bugs/1356843"
},
{
"trust": 0.1,
"url": "http://www.ubuntu.com/usn/usn-2232-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/0.9.8k-7ubuntu8.21"
},
{
"trust": 0.1,
"url": "http://www.ubuntu.com/usn/usn-2232-4"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/en/support/security/"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/en/support/security/advisories/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0221"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_n"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-f6c141a7feeb4a358bbb28300f"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-bd9a1cf60e344c549c4888db93"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-3395d737d98f42149125b9bb05"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-c0d32bac154a4d93839d8cd1f2"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-8aefeaf490284a7691eca97d13"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-e8076c2a35804685ad65b2b1ba"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3470"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-5298"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0221"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0198"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0224"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0195"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://twitter.com/vmwaresrc"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-5298"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security/advisories"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1055"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/2077359"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0198"
},
{
"trust": 0.1,
"url": "https://www.vmware.com/support/policies/lifecycle.html"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "https://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "https://www.vmware.com/patchmgr/download.portal"
},
{
"trust": 0.1,
"url": "https://www.hp.com/go/swa"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0224.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/site/articles/11258"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0198.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/site/solutions/906703"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/site/articles/904433"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2010-5298.html"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2014-0628.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-3470.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0221.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0195.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/#package"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-173"
},
{
"db": "VULMON",
"id": "CVE-2014-0195"
},
{
"db": "BID",
"id": "67900"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002765"
},
{
"db": "PACKETSTORM",
"id": "127917"
},
{
"db": "PACKETSTORM",
"id": "127018"
},
{
"db": "PACKETSTORM",
"id": "127807"
},
{
"db": "PACKETSTORM",
"id": "127630"
},
{
"db": "PACKETSTORM",
"id": "127045"
},
{
"db": "PACKETSTORM",
"id": "127086"
},
{
"db": "PACKETSTORM",
"id": "126961"
},
{
"db": "PACKETSTORM",
"id": "126930"
},
{
"db": "NVD",
"id": "CVE-2014-0195"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-14-173"
},
{
"db": "VULMON",
"id": "CVE-2014-0195"
},
{
"db": "BID",
"id": "67900"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002765"
},
{
"db": "PACKETSTORM",
"id": "127917"
},
{
"db": "PACKETSTORM",
"id": "127018"
},
{
"db": "PACKETSTORM",
"id": "127807"
},
{
"db": "PACKETSTORM",
"id": "127630"
},
{
"db": "PACKETSTORM",
"id": "127045"
},
{
"db": "PACKETSTORM",
"id": "127086"
},
{
"db": "PACKETSTORM",
"id": "126961"
},
{
"db": "PACKETSTORM",
"id": "126930"
},
{
"db": "NVD",
"id": "CVE-2014-0195"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-06-05T00:00:00",
"db": "ZDI",
"id": "ZDI-14-173"
},
{
"date": "2014-06-05T00:00:00",
"db": "VULMON",
"id": "CVE-2014-0195"
},
{
"date": "2014-06-05T00:00:00",
"db": "BID",
"id": "67900"
},
{
"date": "2014-06-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002765"
},
{
"date": "2014-08-18T23:09:13",
"db": "PACKETSTORM",
"id": "127917"
},
{
"date": "2014-06-10T17:34:04",
"db": "PACKETSTORM",
"id": "127018"
},
{
"date": "2014-08-08T21:53:16",
"db": "PACKETSTORM",
"id": "127807"
},
{
"date": "2014-07-28T20:36:25",
"db": "PACKETSTORM",
"id": "127630"
},
{
"date": "2014-06-11T23:18:46",
"db": "PACKETSTORM",
"id": "127045"
},
{
"date": "2014-06-13T13:31:32",
"db": "PACKETSTORM",
"id": "127086"
},
{
"date": "2014-06-05T21:13:52",
"db": "PACKETSTORM",
"id": "126961"
},
{
"date": "2014-06-05T15:19:35",
"db": "PACKETSTORM",
"id": "126930"
},
{
"date": "2014-06-05T21:55:06.147000",
"db": "NVD",
"id": "CVE-2014-0195"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-06-05T00:00:00",
"db": "ZDI",
"id": "ZDI-14-173"
},
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2014-0195"
},
{
"date": "2017-05-23T16:25:00",
"db": "BID",
"id": "67900"
},
{
"date": "2015-12-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002765"
},
{
"date": "2023-11-07T02:18:11.613000",
"db": "NVD",
"id": "CVE-2014-0195"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "67900"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL of d1_both.c of dtls1_reassemble_fragment Vulnerability in arbitrary code execution in function",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002765"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "67900"
}
],
"trust": 0.3
}
}
VAR-201602-0272
Vulnerability from variot - Updated: 2024-07-23 21:05ssl/s2_srvr.c in OpenSSL 1.0.1 before 1.0.1r and 1.0.2 before 1.0.2f does not prevent use of disabled ciphers, which makes it easier for man-in-the-middle attackers to defeat cryptographic protection mechanisms by performing computations on SSLv2 traffic, related to the get_client_master_key and get_client_hello functions. OpenSSL may generate unsafe primes for use in the Diffie-Hellman protocol, which may lead to disclosure of enough information for an attacker to recover the private encryption key. OpenSSL is prone to a security-bypass vulnerability. Successfully exploiting this issue may allow attackers to perform unauthorized actions. This may lead to other attacks. Cisco Unified Computing System Central Software is prone to an arbitrary command-execution vulnerability. An attacker can exploit this issue to execute system commands on the underlying operating system. This issue being tracked by Cisco Bug ID CSCut46961. Description:
Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector(mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat Native library. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05390893
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c05390893 Version: 1
HPESBHF03703 rev.1 - HPE Network Products including Comware v7 and VCX using OpenSSL, Remote Unauthorized Disclosure of Information
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2017-02-14 Last Updated: 2017-02-14
Potential Security Impact: Remote: Unauthorized Disclosure of Information
Source: Hewlett Packard Enterprise, Product Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities with OpenSSL have been addressed in HPE Network Products including Comware v7 and VCX. The vulnerabilities could be remotely exploited resulting in disclosure of information.
References:
- CVE-2015-3197 - OpenSSL, Remote unauthorized disclosure of information
- CVE-2016-0701 - OpenSSL, Remote unauthorized disclosure of information
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
- VCX Products all prior versions - impacted by CVE-2015-3197 only. Please refer to the RESOLUTION below for a list of updated products.
- Comware 7 (CW7) Products all prior versions - impacted by CVE-2015-3197 and CVE-2016-0701. Please refer to the RESOLUTION below for a list of updated products.
BACKGROUND
CVSS Base Metrics ================= Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector
CVE-2015-3197
5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)
CVE-2016-0701
3.7 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
2.6 (AV:N/AC:H/Au:N/C:P/I:N/A:N)
Information on CVSS is documented in
HPE Customer Notice HPSN-2008-002 here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499
RESOLUTION
HPE has made the following software updates to resolve the vulnerability in the Comware v7 and VCX products.
COMWARE 7 Products
- 12500 (Comware 7) - Version: R7377P01
- HP Network Products
- JC072B HP 12500 Main Processing Unit
- JC085A HP A12518 Switch Chassis
- JC086A HP A12508 Switch Chassis
- JC652A HP 12508 DC Switch Chassis
- JC653A HP 12518 DC Switch Chassis
- JC654A HP 12504 AC Switch Chassis
- JC655A HP 12504 DC Switch Chassis
- JF430A HP A12518 Switch Chassis
- JF430B HP 12518 Switch Chassis
- JF430C HP 12518 AC Switch Chassis
- JF431A HP A12508 Switch Chassis
- JF431B HP 12508 Switch Chassis
- JF431C HP 12508 AC Switch Chassis
- JG497A HP 12500 MPU w/Comware V7 OS
- JG782A HP FF 12508E AC Switch Chassis
- JG783A HP FF 12508E DC Switch Chassis
- JG784A HP FF 12518E AC Switch Chassis
- JG785A HP FF 12518E DC Switch Chassis
- JG802A HP FF 12500E MPU
- CVEs
- CVE-2015-3197
- CVE-2016-0701
- 10500 (Comware 7) - Version: R7183
- HP Network Products
- JC611A HP 10508-V Switch Chassis
- JC612A HP 10508 Switch Chassis
- JC613A HP 10504 Switch Chassis
- JC748A HP 10512 Switch Chassis
- JG608A HP FlexFabric 11908-V Switch Chassis
- JG609A HP FlexFabric 11900 Main Processing Unit
- JG820A HP 10504 TAA Switch Chassis
- JG821A HP 10508 TAA Switch Chassis
- JG822A HP 10508-V TAA Switch Chassis
- JG823A HP 10512 TAA Switch Chassis
- JG496A HP 10500 Type A MPU w/Comware v7 OS
- JH198A HP 10500 Type D Main Processing Unit with Comware v7 Operating System
- JH206A HP 10500 Type D TAA-compliant with Comware v7 Operating System Main Processing Unit
- CVEs
- CVE-2015-3197
- CVE-2016-0701
- 12900 (Comware 7) - Version: R1150
- HP Network Products
- JG619A HP FlexFabric 12910 Switch AC Chassis
- JG621A HP FlexFabric 12910 Main Processing Unit
- JG632A HP FlexFabric 12916 Switch AC Chassis
- JG634A HP FlexFabric 12916 Main Processing Unit
- JH104A HP FlexFabric 12900E Main Processing Unit
- JH114A HP FlexFabric 12910 TAA-compliant Main Processing Unit
- JH263A HP FlexFabric 12904E Main Processing Unit
- JH255A HP FlexFabric 12908E Switch Chassis
- JH262A HP FlexFabric 12904E Switch Chassis
- JH113A HP FlexFabric 12910 TAA-compliant Switch AC Chassis
- JH103A HP FlexFabric 12916E Switch Chassis
- CVEs
- CVE-2015-3197
- CVE-2016-0701
- 5900 (Comware 7) - Version: R2432P01
- HP Network Products
- JC772A HP 5900AF-48XG-4QSFP+ Switch
- JG296A HP 5920AF-24XG Switch
- JG336A HP 5900AF-48XGT-4QSFP+ Switch
- JG510A HP 5900AF-48G-4XG-2QSFP+ Switch
- JG554A HP 5900AF-48XG-4QSFP+ TAA Switch
- JG555A HP 5920AF-24XG TAA Switch
- JG838A HP FF 5900CP-48XG-4QSFP+ Switch
- JH036A HP FlexFabric 5900CP 48XG 4QSFP+ TAA-Compliant
- JH037A HP 5900AF 48XGT 4QSFP+ TAA-Compliant Switch
- JH038A HP 5900AF 48G 4XG 2QSFP+ TAA-Compliant
- CVEs
- CVE-2015-3197
- CVE-2016-0701
- MSR1000 (Comware 7) - Version: R0306P30
- HP Network Products
- JG875A HP MSR1002-4 AC Router
- JH060A HP MSR1003-8S AC Router
- CVEs
- CVE-2015-3197
- CVE-2016-0701
- MSR2000 (Comware 7) - Version: R0306P30
- HP Network Products
- JG411A HP MSR2003 AC Router
- JG734A HP MSR2004-24 AC Router
- JG735A HP MSR2004-48 Router
- JG866A HP MSR2003 TAA-compliant AC Router
- CVEs
- CVE-2015-3197
- CVE-2016-0701
- MSR3000 (Comware 7) - Version: R0306P30
- HP Network Products
- JG404A HP MSR3064 Router
- JG405A HP MSR3044 Router
- JG406A HP MSR3024 AC Router
- JG409A HP MSR3012 AC Router
- JG409B HPE MSR3012 AC Router
- JG861A HP MSR3024 TAA-compliant AC Router
- CVEs
- CVE-2015-3197
- CVE-2016-0701
- MSR4000 (Comware 7) - Version: R0306P30
- HP Network Products
- JG402A HP MSR4080 Router Chassis
- JG403A HP MSR4060 Router Chassis
- JG412A HP MSR4000 MPU-100 Main Processing Unit
- JG869A HP MSR4000 TAA-compliant MPU-100 Main Processing Unit
- CVEs
- CVE-2015-3197
- CVE-2016-0701
- MSR95X - Version: R0306P30
- HP Network Products
- JH296A HPE MSR954 1GbE SFP 2GbE-WAN 4GbE-LAN CWv7 Router
- JH297A HPE MSR954-W 1GbE SFP (WW) 2GbE-WAN 4GbE-LAN Wireless 802.11n CWv7 Router
- JH298A HPE MSR954-W 1GbE SFP LTE (AM) 2GbE-WAN 4GbE-LAN Wireless 802.11n CWv7 Router
- JH299A HPE MSR954-W 1GbE SFP LTE (WW) 2GbE-WAN 4GbE-LAN Wireless 802.11n CWv7 Router
- CVEs
- CVE-2015-3197
- CVE-2016-0701
- VSR (Comware 7) - Version: E0322P01
- HP Network Products
- JG810AAE HP VSR1001 Virtual Services Router 60 Day Evaluation Software
- JG811AAE HP VSR1001 Comware 7 Virtual Services Router
- JG812AAE HP VSR1004 Comware 7 Virtual Services Router
- JG813AAE HP VSR1008 Comware 7 Virtual Services Router
- CVEs
- CVE-2015-3197
- CVE-2016-0701
- 7900 (Comware 7) - Version: R2150
- HP Network Products
- JG682A HP FlexFabric 7904 Switch Chassis
- JG841A HP FlexFabric 7910 Switch Chassis
- JG842A HP FlexFabric 7910 7.2Tbps Fabric / Main Processing Unit
- JH001A HP FlexFabric 7910 2.4Tbps Fabric / Main Processing Unit
- JH122A HP FlexFabric 7904 TAA-compliant Switch Chassis
- JH123A HP FlexFabric 7910 TAA-compliant Switch Chassis
- JH124A HP FlexFabric 7910 7.2Tbps TAA-compliant Fabric/Main Processing Unit
- JH125A HP FlexFabric 7910 2.4Tbps TAA-compliant Fabric/Main Processing Unit
- CVEs
- CVE-2015-3197
- CVE-2016-0701
- 5130EI (Comware 7) - Version: R3113P02
- HP Network Products
- JG932A HP 5130-24G-4SFP+ EI Switch
- JG933A HP 5130-24G-SFP-4SFP+ EI Switch
- JG934A HP 5130-48G-4SFP+ EI Switch
- JG936A HP 5130-24G-PoE+-4SFP+ (370W) EI Switch
- JG937A HP 5130-48G-PoE+-4SFP+ (370W) EI Switch
- JG938A HP 5130-24G-2SFP+-2XGT EI Switch
- JG939A HP 5130-48G-2SFP+-2XGT EI Switch
- JG940A HP 5130-24G-PoE+-2SFP+-2XGT (370W) EI Switch
- JG941A HP 5130-48G-PoE+-2SFP+-2XGT (370W) EI Switch
- JG975A HP 5130-24G-4SFP+ EI Brazil Switch
- JG976A HP 5130-48G-4SFP+ EI Brazil Switch
- JG977A HP 5130-24G-PoE+-4SFP+ (370W) EI Brazil Switch
- JG978A HP 5130-48G-PoE+-4SFP+ (370W) EI Brazil Switch
- CVEs
- CVE-2015-3197
- CVE-2016-0701
- 6125XLG - Version: R2432P01
- HP Network Products
- 711307-B21 HP 6125XLG Blade Switch
- 737230-B21 HP 6125XLG Blade Switch with TAA
- CVEs
- CVE-2015-3197
- CVE-2016-0701
- 6127XLG - Version: R2432P01
- HP Network Products
- 787635-B21 HP 6127XLG Blade Switch Opt Kit
- 787635-B22 HP 6127XLG Blade Switch with TAA
- CVEs
- CVE-2015-3197
- CVE-2016-0701
- Moonshot - Version: R2432P01
- HP Network Products
- 786617-B21 - HP Moonshot-45Gc Switch Module
- 704654-B21 - HP Moonshot-45XGc Switch Module
- 786619-B21 - HP Moonshot-180XGc Switch Module
- CVEs
- CVE-2015-3197
- CVE-2016-0701
- 5700 (Comware 7) - Version: R2432P01
- HP Network Products
- JG894A HP FlexFabric 5700-48G-4XG-2QSFP+ Switch
- JG895A HP FlexFabric 5700-48G-4XG-2QSFP+ TAA-compliant Switch
- JG896A HP FlexFabric 5700-40XG-2QSFP+ Switch
- JG897A HP FlexFabric 5700-40XG-2QSFP+ TAA-compliant Switch
- JG898A HP FlexFabric 5700-32XGT-8XG-2QSFP+ Switch
- JG899A HP FlexFabric 5700-32XGT-8XG-2QSFP+ TAA-compliant Switch
- CVEs
- CVE-2015-3197
- CVE-2016-0701
- 5930 (Comware 7) - Version: R2432P01
- HP Network Products
- JG726A HP FlexFabric 5930 32QSFP+ Switch
- JG727A HP FlexFabric 5930 32QSFP+ TAA-compliant Switch
- JH178A HP FlexFabric 5930 2QSFP+ 2-slot Switch
- JH179A HP FlexFabric 5930 4-slot Switch
- JH187A HP FlexFabric 5930 2QSFP+ 2-slot TAA-compliant Switch
- JH188A HP FlexFabric 5930 4-slot TAA-compliant Switch
- CVEs
- CVE-2015-3197
- CVE-2016-0701
- 1950 (Comware 7) - Version: R3113P02
- HP Network Products
- JG960A HP 1950-24G-4XG Switch
- JG961A HP 1950-48G-2SFP+-2XGT Switch
- JG962A HP 1950-24G-2SFP+-2XGT-PoE+(370W) Switch
- JG963A HP 1950-48G-2SFP+-2XGT-PoE+(370W) Switch
- CVEs
- CVE-2015-3197
- CVE-2016-0701
- 7500 (Comware 7) - Version: R7183
- HP Network Products
- JD238C HP 7510 Switch Chassis
- JD239C HP 7506 Switch Chassis
- JD240C HP 7503 Switch Chassis
- JD242C HP 7502 Switch Chassis
- JH207A HP 7500 1.2Tbps Fabric with 2-port 40GbE QSFP+ for IRF-Only Main Processing Unit
- JH208A HP 7502 Main Processing Unit
- JH209A HP 7500 2.4Tbps Fabric with 8-port 1/10GbE SFP+ and 2-port 40GbE QSFP+ Main Processing Unit
- CVEs
- CVE-2015-3197
- CVE-2016-0701
- 5130HI - Version: R1120P07
- HP Network Products
- JH323A HPE 5130 24G 4SFP+ 1-slot HI Switch
- JH324A HPE 5130 48G 4SFP+ 1-slot HI Switch
- JH325A HPE 5130 24G PoE+ 4SFP+ 1-slot HI Switch
- JH326A HPE 5130 48G PoE+ 4SFP+ 1-slot HI Switch
- CVEs
- CVE-2015-3197
- CVE-2016-0701
- 5510HI - Version: R1120P07
- HP Network Products
- JH145A HPE 5510 24G 4SFP+ HI 1-slot Switch
- JH146A HPE 5510 48G 4SFP+ HI 1-slot Switch
- JH147A HPE 5510 24G PoE+ 4SFP+ HI 1-slot Switch
- JH148A HPE 5510 48G PoE+ 4SFP+ HI 1-slot Switch
- JH149A HPE 5510 24G SFP 4SFP+ HI 1-slot Switch
- CVEs
- CVE-2015-3197
- CVE-2016-0701
- VCX - Version: 9.8.19
- HP Network Products
- J9672A HP VCX V7205 Platform w/ DL360 G7 Srvr
- J9668A HP VCX IPC V7005 Pltfrm w/ DL120 G6 Srvr
- JC517A HP VCX V7205 Platform w/DL 360 G6 Server
- JE355A HP VCX V6000 Branch Platform 9.0
- JC516A HP VCX V7005 Platform w/DL 120 G6 Server
- JC518A HP VCX Connect 200 Primry 120 G6 Server
- J9669A HP VCX IPC V7310 Pltfrm w/ DL360 G7 Srvr
- JE341A HP VCX Connect 100 Secondary
- JE252A HP VCX Connect Primary MIM Module
- JE253A HP VCX Connect Secondary MIM Module
- JE254A HP VCX Branch MIM Module
- JE355A HP VCX V6000 Branch Platform 9.0
- JD028A HP MS30-40 RTR w/VCX + T1/FXO/FXS/Mod
- JD023A HP MSR30-40 Router with VCX MIM Module
- JD024A HP MSR30-16 RTR w/VCX Ent Br Com MIM
- JD025A HP MSR30-16 RTR w/VCX + 4FXO/2FXS Mod
- JD026A HP MSR30-16 RTR w/VCX + 8FXO/4FXS Mod
- JD027A HP MSR30-16 RTR w/VCX + 8BRI/4FXS Mod
- JD029A HP MSR30-16 RTR w/VCX + E1/4BRI/4FXS
- JE340A HP VCX Connect 100 Pri Server 9.0
- JE342A HP VCX Connect 100 Sec Server 9.0
- CVEs
- CVE-2015-3197
Note: Please contact HPE Technical Support if any assistance is needed acquiring the software updates.
HISTORY Version:1 (rev.1) - 14 February 2017 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running Hewlett Packard Enterprise (HPE) software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HPE Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hpe.com.
Report: To report a potential security vulnerability for any HPE supported product: Web form: https://www.hpe.com/info/report-security-vulnerability Email: security-alert@hpe.com
Subscribe: To initiate a subscription to receive future HPE Security Bulletin alerts via Email: http://www.hpe.com/support/Subscriber_Choice
Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://www.hpe.com/support/Security_Bulletin_Archive
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HPE General Software HF = HPE Hardware and Firmware MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PV = ProCurve ST = Storage Software UX = HP-UX
Copyright 2016 Hewlett Packard Enterprise
Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett Packard Enterprise and the names of Hewlett Packard Enterprise products referenced herein are trademarks of Hewlett Packard Enterprise in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.
Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patches/packages/openssl-1.0.1r-i486-1_slack14.1.txz: Upgraded. This update fixes the following security issue: SSLv2 doesn't block disabled ciphers (CVE-2015-3197). +--------------------------+
Where to find the new packages: +-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.
Updated packages for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-1.0.1r-i486-1_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-solibs-1.0.1r-i486-1_slack14.0.txz
Updated packages for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-1.0.1r-x86_64-1_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-solibs-1.0.1r-x86_64-1_slack14.0.txz
Updated packages for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-1.0.1r-i486-1_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-solibs-1.0.1r-i486-1_slack14.1.txz
Updated packages for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-1.0.1r-x86_64-1_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-solibs-1.0.1r-x86_64-1_slack14.1.txz
Updated packages for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-1.0.2f-i586-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-1.0.2f-i586-1.txz
Updated packages for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/openssl-solibs-1.0.2f-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssl-1.0.2f-x86_64-1.txz
MD5 signatures: +-------------+
Slackware 14.0 packages: 0d6e8d3b27326c84b9996ed189868eba openssl-1.0.1r-i486-1_slack14.0.txz e3cb0b75e9df4be9d8fd1cfcd2fbd306 openssl-solibs-1.0.1r-i486-1_slack14.0.txz
Slackware x86_64 14.0 packages: 7b52f4a43b42703a6840945d55f503ee openssl-1.0.1r-x86_64-1_slack14.0.txz eee92cb549bacae21e63bee22b9bb8d4 openssl-solibs-1.0.1r-x86_64-1_slack14.0.txz
Slackware 14.1 packages: 5be72ab551b2064aa34c83b42a07ff85 openssl-1.0.1r-i486-1_slack14.1.txz b28e00a7124822258cfd137ab5ce0572 openssl-solibs-1.0.1r-i486-1_slack14.1.txz
Slackware x86_64 14.1 packages: 8e0273b1e99e8caa48fcab2547f051e9 openssl-1.0.1r-x86_64-1_slack14.1.txz 60f3994c35679455cab7a984493d1fdb openssl-solibs-1.0.1r-x86_64-1_slack14.1.txz
Slackware -current packages: 509771b1f7d58a682feb2099fdf3eb5d a/openssl-solibs-1.0.2f-i586-1.txz d72c0188f4223d1dc2d6080f8d99d92e n/openssl-1.0.2f-i586-1.txz
Slackware x86_64 -current packages: 0c6653d3c37271f9f1a58a8c0e1f7b40 a/openssl-solibs-1.0.2f-x86_64-1.txz e4ebd1204644ea58e1779187fe071428 n/openssl-1.0.2f-x86_64-1.txz
Installation instructions: +------------------------+
Upgrade the packages as root:
upgradepkg openssl-1.0.1r-i486-1_slack14.1.txz openssl-solibs-1.0.1r-i486-1_slack14.1.txz
+-----+
Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com
+------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. 5.9 server) - i386, ia64, x86_64
-
Gentoo Linux Security Advisory GLSA 201601-05
https://security.gentoo.org/
Severity: Normal Title: OpenSSL: Multiple vulnerabilities Date: January 29, 2016 Bugs: #572854 ID: 201601-05
Synopsis
Multiple vulnerabilities have been found in OpenSSL, allowing remote attackers to disclose sensitive information and complete weak handshakes.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-libs/openssl < 1.0.2f >= 1.0.2f
Description
Multiple vulnerabilities have been discovered in OpenSSL. Please review the upstream advisory and CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All OpenSSL users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/openssl-1.0.2f"
References
[ 1 ] CVE-2015-3197 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3197 [ 2 ] CVE-2016-0701 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0701 [ 3 ] OpenSSL Security Advisory [28th Jan 2016] http://openssl.org/news/secadv/20160128.txt
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201601-05
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: openssl098e security update Advisory ID: RHSA-2016:0372-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-0372.html Issue date: 2016-03-09 CVE Names: CVE-2015-0293 CVE-2015-3197 CVE-2016-0703 CVE-2016-0704 CVE-2016-0800 =====================================================================
- Summary:
Updated openssl098e packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7.
Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64
- Description:
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library.
A padding oracle flaw was found in the Secure Sockets Layer version 2.0 (SSLv2) protocol. An attacker can potentially use this flaw to decrypt RSA-encrypted cipher text from a connection using a newer SSL/TLS protocol version, allowing them to decrypt such connections. This cross-protocol attack is publicly referred to as DROWN. (CVE-2016-0800)
Note: This issue was addressed by disabling the SSLv2 protocol by default when using the 'SSLv23' connection methods, and removing support for weak SSLv2 cipher suites. For more information, refer to the knowledge base article linked to in the References section.
It was discovered that the SSLv2 servers using OpenSSL accepted SSLv2 connection handshakes that indicated non-zero clear key length for non-export cipher suites. An attacker could use this flaw to decrypt recorded SSLv2 sessions with the server by using it as a decryption oracle.(CVE-2016-0703)
It was discovered that the SSLv2 protocol implementation in OpenSSL did not properly implement the Bleichenbacher protection for export cipher suites. An attacker could use a SSLv2 server using OpenSSL as a Bleichenbacher oracle.
A denial of service flaw was found in the way OpenSSL handled SSLv2 handshake messages. This could result in weak SSLv2 ciphers being used for SSLv2 connections, making them vulnerable to man-in-the-middle attacks. (CVE-2015-3197)
Red Hat would like to thank the OpenSSL project for reporting these issues. Upstream acknowledges Nimrod Aviram and Sebastian Schinzel as the original reporters of CVE-2016-0800 and CVE-2015-3197; David Adrian (University of Michigan) and J. Alex Halderman (University of Michigan) as the original reporters of CVE-2016-0703 and CVE-2016-0704; and Sean Burford (Google) and Emilia Käsper (OpenSSL development team) as the original reporters of CVE-2015-0293. For the update to take effect, all services linked to the openssl098e library must be restarted, or the system rebooted.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1202404 - CVE-2015-0293 openssl: assertion failure in SSLv2 servers 1301846 - CVE-2015-3197 OpenSSL: SSLv2 doesn't block disabled ciphers 1310593 - CVE-2016-0800 SSL/TLS: Cross-protocol attack on TLS using SSLv2 (DROWN) 1310811 - CVE-2016-0703 openssl: Divide-and-conquer session key recovery in SSLv2 1310814 - CVE-2016-0704 openssl: SSLv2 Bleichenbacher protection overwrites wrong bytes for export ciphers
- Package List:
Red Hat Enterprise Linux Desktop (v. 6):
Source: openssl098e-0.9.8e-20.el6_7.1.src.rpm
i386: openssl098e-0.9.8e-20.el6_7.1.i686.rpm openssl098e-debuginfo-0.9.8e-20.el6_7.1.i686.rpm
x86_64: openssl098e-0.9.8e-20.el6_7.1.i686.rpm openssl098e-0.9.8e-20.el6_7.1.x86_64.rpm openssl098e-debuginfo-0.9.8e-20.el6_7.1.i686.rpm openssl098e-debuginfo-0.9.8e-20.el6_7.1.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source: openssl098e-0.9.8e-20.el6_7.1.src.rpm
x86_64: openssl098e-0.9.8e-20.el6_7.1.i686.rpm openssl098e-0.9.8e-20.el6_7.1.x86_64.rpm openssl098e-debuginfo-0.9.8e-20.el6_7.1.i686.rpm openssl098e-debuginfo-0.9.8e-20.el6_7.1.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source: openssl098e-0.9.8e-20.el6_7.1.src.rpm
i386: openssl098e-0.9.8e-20.el6_7.1.i686.rpm openssl098e-debuginfo-0.9.8e-20.el6_7.1.i686.rpm
ppc64: openssl098e-0.9.8e-20.el6_7.1.ppc.rpm openssl098e-0.9.8e-20.el6_7.1.ppc64.rpm openssl098e-debuginfo-0.9.8e-20.el6_7.1.ppc.rpm openssl098e-debuginfo-0.9.8e-20.el6_7.1.ppc64.rpm
s390x: openssl098e-0.9.8e-20.el6_7.1.s390.rpm openssl098e-0.9.8e-20.el6_7.1.s390x.rpm openssl098e-debuginfo-0.9.8e-20.el6_7.1.s390.rpm openssl098e-debuginfo-0.9.8e-20.el6_7.1.s390x.rpm
x86_64: openssl098e-0.9.8e-20.el6_7.1.i686.rpm openssl098e-0.9.8e-20.el6_7.1.x86_64.rpm openssl098e-debuginfo-0.9.8e-20.el6_7.1.i686.rpm openssl098e-debuginfo-0.9.8e-20.el6_7.1.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source: openssl098e-0.9.8e-20.el6_7.1.src.rpm
i386: openssl098e-0.9.8e-20.el6_7.1.i686.rpm openssl098e-debuginfo-0.9.8e-20.el6_7.1.i686.rpm
x86_64: openssl098e-0.9.8e-20.el6_7.1.i686.rpm openssl098e-0.9.8e-20.el6_7.1.x86_64.rpm openssl098e-debuginfo-0.9.8e-20.el6_7.1.i686.rpm openssl098e-debuginfo-0.9.8e-20.el6_7.1.x86_64.rpm
Red Hat Enterprise Linux Client (v. 7):
Source: openssl098e-0.9.8e-29.el7_2.3.src.rpm
x86_64: openssl098e-0.9.8e-29.el7_2.3.i686.rpm openssl098e-0.9.8e-29.el7_2.3.x86_64.rpm openssl098e-debuginfo-0.9.8e-29.el7_2.3.i686.rpm openssl098e-debuginfo-0.9.8e-29.el7_2.3.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: openssl098e-0.9.8e-29.el7_2.3.src.rpm
x86_64: openssl098e-0.9.8e-29.el7_2.3.i686.rpm openssl098e-0.9.8e-29.el7_2.3.x86_64.rpm openssl098e-debuginfo-0.9.8e-29.el7_2.3.i686.rpm openssl098e-debuginfo-0.9.8e-29.el7_2.3.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: openssl098e-0.9.8e-29.el7_2.3.src.rpm
ppc64: openssl098e-0.9.8e-29.el7_2.3.ppc.rpm openssl098e-0.9.8e-29.el7_2.3.ppc64.rpm openssl098e-debuginfo-0.9.8e-29.el7_2.3.ppc.rpm openssl098e-debuginfo-0.9.8e-29.el7_2.3.ppc64.rpm
s390x: openssl098e-0.9.8e-29.el7_2.3.s390.rpm openssl098e-0.9.8e-29.el7_2.3.s390x.rpm openssl098e-debuginfo-0.9.8e-29.el7_2.3.s390.rpm openssl098e-debuginfo-0.9.8e-29.el7_2.3.s390x.rpm
x86_64: openssl098e-0.9.8e-29.el7_2.3.i686.rpm openssl098e-0.9.8e-29.el7_2.3.x86_64.rpm openssl098e-debuginfo-0.9.8e-29.el7_2.3.i686.rpm openssl098e-debuginfo-0.9.8e-29.el7_2.3.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: openssl098e-0.9.8e-29.el7_2.3.src.rpm
x86_64: openssl098e-0.9.8e-29.el7_2.3.i686.rpm openssl098e-0.9.8e-29.el7_2.3.x86_64.rpm openssl098e-debuginfo-0.9.8e-29.el7_2.3.i686.rpm openssl098e-debuginfo-0.9.8e-29.el7_2.3.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2015-0293 https://access.redhat.com/security/cve/CVE-2015-3197 https://access.redhat.com/security/cve/CVE-2016-0703 https://access.redhat.com/security/cve/CVE-2016-0704 https://access.redhat.com/security/cve/CVE-2016-0800 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/articles/2176731 https://drownattack.com/ https://openssl.org/news/secadv/20160128.txt https://openssl.org/news/secadv/20160301.txt
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFW36N0XlSAg2UNWIIRAqYBAJ98/98OOTx9c6LlkPHMl7SfneXccQCfX2LY BQ+47lH1uQT1a3RxlYkETOk= =TqD1 -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce. OpenSSL Security Advisory [28th Jan 2016] =========================================
NOTE: SUPPORT FOR VERSION 1.0.1 WILL BE ENDING ON 31ST DECEMBER 2016. NO SECURITY FIXES WILL BE PROVIDED AFTER THAT DATE. UNTIL THAT TIME SECURITY FIXES ONLY ARE BEING APPLIED.
DH small subgroups (CVE-2016-0701)
Severity: High
Historically OpenSSL usually only ever generated DH parameters based on "safe" primes. More recently (in version 1.0.2) support was provided for generating X9.42 style parameter files such as those required for RFC 5114 support. The primes used in such files may not be "safe". Where an application is using DH configured with parameters based on primes that are not "safe" then an attacker could use this fact to find a peer's private DH exponent. This attack requires that the attacker complete multiple handshakes in which the peer uses the same private DH exponent. For example this could be used to discover a TLS server's private DH exponent if it's reusing the private DH exponent or it's using a static DH ciphersuite.
OpenSSL provides the option SSL_OP_SINGLE_DH_USE for ephemeral DH (DHE) in TLS. It is not on by default. If the option is not set then the server reuses the same private DH exponent for the life of the server process and would be vulnerable to this attack. It is believed that many popular applications do set this option and would therefore not be at risk.
OpenSSL before 1.0.2f will reuse the key if: - SSL_CTX_set_tmp_dh()/SSL_set_tmp_dh() is used and SSL_OP_SINGLE_DH_USE is not set. - SSL_CTX_set_tmp_dh_callback()/SSL_set_tmp_dh_callback() is used, and both the parameters and the key are set and SSL_OP_SINGLE_DH_USE is not used. This is an undocumted feature and parameter files don't contain the key. - Static DH ciphersuites are used. The key is part of the certificate and so it will always reuse it. This is only supported in 1.0.2.
It will not reuse the key for DHE ciphers suites if: - SSL_OP_SINGLE_DH_USE is set - SSL_CTX_set_tmp_dh_callback()/SSL_set_tmp_dh_callback() is used and the callback does not provide the key, only the parameters. The callback is almost always used like this.
Non-safe primes are generated by OpenSSL when using: - genpkey with the dh_rfc5114 option. This will write an X9.42 style file including the prime-order subgroup size "q". This is supported since the 1.0.2 version. Older versions can't read files generated in this way. - dhparam with the -dsaparam option. This has always been documented as requiring the single use.
The fix for this issue adds an additional check where a "q" parameter is available (as is the case in X9.42 based parameters). This detects the only known attack, and is the only possible defense for static DH ciphersuites. This could have some performance impact.
Additionally the SSL_OP_SINGLE_DH_USE option has been switched on by default and cannot be disabled. This could have some performance impact.
This issue affects OpenSSL version 1.0.2.
OpenSSL 1.0.2 users should upgrade to 1.0.2f
OpenSSL 1.0.1 is not affected by this CVE because it does not support X9.42 based parameters. It is possible to generate parameters using non "safe" primes, but this option has always been documented as requiring single use and is not the default or believed to be common. However, as a precaution, the SSL_OP_SINGLE_DH_USE change has also been backported to 1.0.1r.
This issue was reported to OpenSSL on 12 January 2016 by Antonio Sanso (Adobe). The fix was developed by Matt Caswell of the OpenSSL development team (incorporating some work originally written by Stephen Henson of the OpenSSL core team).
SSLv2 doesn't block disabled ciphers (CVE-2015-3197)
Severity: Low
A malicious client can negotiate SSLv2 ciphers that have been disabled on the server and complete SSLv2 handshakes even if all SSLv2 ciphers have been disabled, provided that the SSLv2 protocol was not also disabled via SSL_OP_NO_SSLv2.
This issue affects OpenSSL versions 1.0.2 and 1.0.1.
OpenSSL 1.0.2 users should upgrade to 1.0.2f OpenSSL 1.0.1 users should upgrade to 1.0.1r
This issue was reported to OpenSSL on 26th December 2015 by Nimrod Aviram and Sebastian Schinzel. The fix was developed by Nimrod Aviram with further development by Viktor Dukhovni of the OpenSSL development team.
An update on DHE man-in-the-middle protection (Logjam)
A previously published vulnerability in the TLS protocol allows a man-in-the-middle attacker to downgrade vulnerable TLS connections using ephemeral Diffie-Hellman key exchange to 512-bit export-grade cryptography. This vulnerability is known as Logjam (CVE-2015-4000). OpenSSL added Logjam mitigation for TLS clients by rejecting handshakes with DH parameters shorter than 768 bits in releases 1.0.2b and 1.0.1n.
This limit has been increased to 1024 bits in this release, to offer stronger cryptographic assurance for all TLS connections using ephemeral Diffie-Hellman key exchange.
OpenSSL 1.0.2 users should upgrade to 1.0.2f OpenSSL 1.0.1 users should upgrade to 1.0.1r
The fix was developed by Kurt Roeckx of the OpenSSL development team.
Note
As per our previous announcements and our Release Strategy (https://www.openssl.org/policies/releasestrat.html), support for OpenSSL version 1.0.1 will cease on 31st December 2016. No security updates for that version will be provided after that date. Users of 1.0.1 are advised to upgrade.
Support for versions 0.9.8 and 1.0.0 ended on 31st December 2015. Those versions are no longer receiving security updates.
References
URL for this Security Advisory: https://www.openssl.org/news/secadv/20160128.txt
Note: the online version of the advisory may be updated with additional details over time.
For details of OpenSSL severity classifications please see: https://www.openssl.org/policies/secpolicy.html
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201602-0272",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 2.1,
"vendor": "oracle",
"version": "8.53"
},
{
"model": "exalogic infrastructure",
"scope": "eq",
"trust": 2.1,
"vendor": "oracle",
"version": "2.0"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 2.1,
"vendor": "oracle",
"version": "8.54"
},
{
"model": "exalogic infrastructure",
"scope": "eq",
"trust": 2.1,
"vendor": "oracle",
"version": "1.0"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 2.1,
"vendor": "oracle",
"version": "8.55"
},
{
"model": "tuxedo",
"scope": "eq",
"trust": 2.1,
"vendor": "oracle",
"version": "12.1.1.0"
},
{
"model": "oss support tools",
"scope": "eq",
"trust": 1.6,
"vendor": "oracle",
"version": "8.11.16.3.8"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 1.6,
"vendor": "oracle",
"version": "5.0.16"
},
{
"model": "unified computing system central software 1.2",
"scope": null,
"trust": 1.2,
"vendor": "cisco",
"version": null
},
{
"model": "communications network charging and control",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "5.0.0.2.0"
},
{
"model": "primavera p6 enterprise project portfolio management",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "15.1"
},
{
"model": "primavera p6 enterprise project portfolio management",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "8.3"
},
{
"model": "enterprise manager ops center",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "12.1.4"
},
{
"model": "primavera p6 enterprise project portfolio management",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "8.4"
},
{
"model": "primavera p6 enterprise project portfolio management",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "15.2"
},
{
"model": "communications network charging and control",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "5.0.2.0.0"
},
{
"model": "enterprise manager ops center",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "12.2.2"
},
{
"model": "sun network 10ge switch 72p",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "1.2"
},
{
"model": "switch es1-24",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "1.3"
},
{
"model": "communications network charging and control",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "5.0.1.0.0"
},
{
"model": "communications network charging and control",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "5.0.0.1.0"
},
{
"model": "jd edwards enterpriseone tools",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "9.2.0.5"
},
{
"model": "enterprise manager ops center",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "12.3.2"
},
{
"model": "communications network charging and control",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "4.4.1.5.0"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1q"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1o"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1m"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1n"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1l"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1p"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1f"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openssl",
"version": null
},
{
"model": "esmpro/serveragentservice",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "all versions (linux)"
},
{
"model": "ucosminexus developer standard",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v3.0"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "/sg series univerge sg3000lg/lj"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v6.2"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.1r"
},
{
"model": "cosminexus developer version 5",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v7.1"
},
{
"model": "business intelligence",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "enterprise edition 11.1.1.9.0"
},
{
"model": "cosminexus primary server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "base version 6"
},
{
"model": "openssl",
"scope": "lt",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.2"
},
{
"model": "cosminexus developer standard version 6",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus developer professional version 6",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "capssuite",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v3.0 to v4.0 manager component"
},
{
"model": "secureware/pki application development kit",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "ver3.01"
},
{
"model": "enterprisedirectoryserver",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "all versions"
},
{
"model": "web server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "none"
},
{
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "professional for plug-in"
},
{
"model": "ucosminexus service platform",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "- messaging"
},
{
"model": "cosminexus application server version 5",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v3.1"
},
{
"model": "ucosminexus developer light",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "/sg series sg3600lm/lg/lj v6.1"
},
{
"model": "cosminexus developer light version 6",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "st ard-r"
},
{
"model": "ucosminexus service platform",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "none"
},
{
"model": "business intelligence",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "enterprise edition 12.1.1.0.0"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v4.0"
},
{
"model": "cosminexus application server enterprise",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 6"
},
{
"model": "cosminexus primary server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 6"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v8.0"
},
{
"model": "secureware/pki application development kit",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "ver3.02"
},
{
"model": "communications applications",
"scope": "lte",
"trust": 0.8,
"vendor": "oracle",
"version": "of oracle enterprise session border controller ecz7.3m1p4 and earlier"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "/sg series intersecvm/sg v1.2"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v7.0"
},
{
"model": "ucosminexus primary server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "base"
},
{
"model": "ucosminexus service architect",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "40g 10g 72/64 ethernet switch",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "2.0.0"
},
{
"model": "ucosminexus application server enterprise",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "mysql",
"scope": "lte",
"trust": 0.8,
"vendor": "oracle",
"version": "5.6.29 and earlier"
},
{
"model": "cosminexus application server standard",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 6"
},
{
"model": "business intelligence",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "enterprise edition 11.1.1.7.0"
},
{
"model": "mysql",
"scope": "lte",
"trust": 0.8,
"vendor": "oracle",
"version": "5.7.11 and earlier"
},
{
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "express"
},
{
"model": "sun blade 6000 ethernet switched nem 24p 10ge",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "1.2"
},
{
"model": "oss support tools",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "oracle explorer 8.11.16.3.8"
},
{
"model": "web server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "- security enhancement"
},
{
"model": "websam",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "application navigator agent ver3.3 to ver4.1"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.2f"
},
{
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "01"
},
{
"model": "openssl",
"scope": "lt",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "secureware/pki application development kit",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "ver3.0"
},
{
"model": "websam mcoperations",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "ver3.6.2 to ver4.2"
},
{
"model": "websam",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "application navigator manager ver3.2.2 to ver4.1"
},
{
"model": "websam systemmanager",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "ver5.5.2 to ver6.2.1"
},
{
"model": "ucosminexus application server standard",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "business intelligence",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "enterprise edition 12.2.1.1.0"
},
{
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "professional"
},
{
"model": "secureware/pki application development kit",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "ver3.1"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v8.2"
},
{
"model": "ucosminexus application server smart edition",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "wireless ap",
"scope": "ne",
"trust": 0.6,
"vendor": "extremenetworks",
"version": "396510.11.1"
},
{
"model": "wireless ap",
"scope": "eq",
"trust": 0.6,
"vendor": "extremenetworks",
"version": "382510.1.1"
},
{
"model": "wireless ap",
"scope": "ne",
"trust": 0.6,
"vendor": "extremenetworks",
"version": "386510.1.4"
},
{
"model": "wireless ap",
"scope": "ne",
"trust": 0.6,
"vendor": "extremenetworks",
"version": "380110.1.4"
},
{
"model": "wireless ap",
"scope": "eq",
"trust": 0.6,
"vendor": "extremenetworks",
"version": "396510.1.1"
},
{
"model": "wireless ap",
"scope": "eq",
"trust": 0.6,
"vendor": "extremenetworks",
"version": "380510.1.1"
},
{
"model": "wireless ap",
"scope": "ne",
"trust": 0.6,
"vendor": "extremenetworks",
"version": "382510.11.1"
},
{
"model": "wireless ap",
"scope": "eq",
"trust": 0.6,
"vendor": "extremenetworks",
"version": "386510.1.1"
},
{
"model": "wireless ap",
"scope": "eq",
"trust": 0.6,
"vendor": "extremenetworks",
"version": "371510.1.1"
},
{
"model": "wireless ap",
"scope": "eq",
"trust": 0.6,
"vendor": "extremenetworks",
"version": "380110.1.1"
},
{
"model": "wireless ap",
"scope": "ne",
"trust": 0.6,
"vendor": "extremenetworks",
"version": "371510.1.4"
},
{
"model": "wireless ap",
"scope": "ne",
"trust": 0.6,
"vendor": "extremenetworks",
"version": "380110.11.1"
},
{
"model": "wireless ap",
"scope": "ne",
"trust": 0.6,
"vendor": "extremenetworks",
"version": "393510.11.1"
},
{
"model": "wireless ap",
"scope": "ne",
"trust": 0.6,
"vendor": "extremenetworks",
"version": "382510.1.4"
},
{
"model": "wireless ap",
"scope": "eq",
"trust": 0.6,
"vendor": "extremenetworks",
"version": "393510.1.1"
},
{
"model": "wireless ap",
"scope": "ne",
"trust": 0.6,
"vendor": "extremenetworks",
"version": "380510.1.4"
},
{
"model": "wireless ap",
"scope": "ne",
"trust": 0.6,
"vendor": "extremenetworks",
"version": "396510.1.4"
},
{
"model": "wireless ap",
"scope": "ne",
"trust": 0.6,
"vendor": "extremenetworks",
"version": "380510.11.1"
},
{
"model": "wireless ap",
"scope": "ne",
"trust": 0.6,
"vendor": "extremenetworks",
"version": "371510.11.1"
},
{
"model": "extremexos",
"scope": "eq",
"trust": 0.6,
"vendor": "extremenetworks",
"version": "0"
},
{
"model": "wireless ap",
"scope": "ne",
"trust": 0.6,
"vendor": "extremenetworks",
"version": "386510.11.1"
},
{
"model": "wireless ap",
"scope": "ne",
"trust": 0.6,
"vendor": "extremenetworks",
"version": "393510.1.4"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.3"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2"
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.3.0.0"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.2"
},
{
"model": "registered envelope service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "10.2-release-p8",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.3"
},
{
"model": "proactive network operations center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.9"
},
{
"model": "enterprise virtualization",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "project openssl 1.0.1e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.10"
},
{
"model": "business process manager standard",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5"
},
{
"model": "cognos insight fp if",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.216"
},
{
"model": "project openssl 1.0.1a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5.1.6"
},
{
"model": "computer telephony integration object server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5.1.131"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"model": "powerkvm",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4.0.0"
},
{
"model": "10.1-release-p26",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.2"
},
{
"model": "unified contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.11"
},
{
"model": "cognos insight fp",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.26"
},
{
"model": "10.1-release-p5",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "10.0"
},
{
"model": "watson explorer foundational components",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.6"
},
{
"model": "real-time compression appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.2"
},
{
"model": "cloud manager with openstack interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.3"
},
{
"model": "business process manager express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.6"
},
{
"model": "prime license manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.2"
},
{
"model": "9.3-release-p22",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "10.1-release-p28",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.2"
},
{
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.4.0"
},
{
"model": "ons series multiservice provisioning platforms",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.1"
},
{
"model": "image construction and composition tool",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.1.0"
},
{
"model": "asa next-generation firewall services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "9.3-release-p10",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.3-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "opensuse evergreen",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.4"
},
{
"model": "infosphere master data management standard/advanced edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.5"
},
{
"model": "mq light client module for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.2014091001"
},
{
"model": "powerkvm build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.157"
},
{
"model": "tivoli provisioning manager for os deployment build",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1051.07"
},
{
"model": "security identity manager virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.3"
},
{
"model": "nexus",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"model": "unified series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "78000"
},
{
"model": "project openssl 1.0.1g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.4"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.1"
},
{
"model": "10.1-release-p17",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "cloud manager with openstack interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.5"
},
{
"model": "project openssl 1.0.1i",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.4.2"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0"
},
{
"model": "security identity manager virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.2"
},
{
"model": "unified attendant console advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "10.2-release-p9",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "10.1-release-p27",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "telepresence tx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10000"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "mq light client module for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.2014090800"
},
{
"model": "10.2-release-p6",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "cloud manager with openstack interix fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.3"
},
{
"model": "unified attendant console premium edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "real-time compression appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.2.17"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.7"
},
{
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime optical for sps",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "pureapplication system",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1"
},
{
"model": "cognos tm1 interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1.2"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"model": "vm server for",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "x863.3"
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0.0"
},
{
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2"
},
{
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.1"
},
{
"model": "business process manager express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5"
},
{
"model": "cognos insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.0.1"
},
{
"model": "tivoli provisioning manager for images",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.19"
},
{
"model": "anyres live",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.3"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "unified attendant console business edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "9.3-release-p36",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "cloud manager with openstack interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.5"
},
{
"model": "powerkvm sp3",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.1"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.14"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"model": "powerkvm",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.3"
},
{
"model": "mds series multilayer switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"model": "videoscape control suite foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.11"
},
{
"model": "cognos insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"model": "proventia network enterprise scanner",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1"
},
{
"model": "prime collaboration deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cloud manager with openstack interim fix1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.6"
},
{
"model": "9.3-release-p35",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "10.2-release-p10",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.19"
},
{
"model": "rational developer for i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5.0.1"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "unified computing system b-series servers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational developer for i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"model": "infosphere master data management provider hub",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"model": "watson explorer foundational components",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0.0.2"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"model": "sdk for node.js",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.20"
},
{
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3200"
},
{
"model": "9.3-release-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.3-stable",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "10.1-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "rational application developer for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.4"
},
{
"model": "10.1-release-p9",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.1"
},
{
"model": "project openssl 1.0.1c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "smartcloud entry appliance fixpac",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"model": "project openssl 1.0.1f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.13"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.15"
},
{
"model": "project openssl 1.0.2a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "13000"
},
{
"model": "tivoli provisioning manager for images",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.0"
},
{
"model": "netezza diagnostics tools",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.1.2"
},
{
"model": "powerkvm build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.12"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.2"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"model": "9.3-release-p3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "telepresence system series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "business process manager standard",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.7"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.1"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.3"
},
{
"model": "cognos tm1 fix pack",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.26"
},
{
"model": "sdk for node.js",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.10"
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.19"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.2"
},
{
"model": "cognos tm1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.0"
},
{
"model": "project openssl 1.0.2d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "intrusion prevention system solutions",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.3.2"
},
{
"model": "rational developer for aix and linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"model": "cloud manager with openstack interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.4"
},
{
"model": "tivoli provisioning manager for images build",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.20280.6"
},
{
"model": "9.3-release-p25",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "unified attendant console department edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.1"
},
{
"model": "cognos tm1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2"
},
{
"model": "nexus",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.10"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.1"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "cloupia unified infrastructure controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "enterprise session border controller ecz7.3m2p2",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.20"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.12"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"model": "project openssl 1.0.1n",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "infosphere master data management standard/advanced edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.0"
},
{
"model": "project openssl 1.0.1o",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "linux x86 64 -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "10.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.0.0"
},
{
"model": "project openssl 1.0.2e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.1q",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.3"
},
{
"model": "infosphere data explorer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.0"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5"
},
{
"model": "agent desktop",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.9"
},
{
"model": "email gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.404"
},
{
"model": "9.3-release-p21",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.3-release-p24",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "webex messenger service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.6"
},
{
"model": "10.1-release-p19",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "cisco directors and switches with nx-os",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6.4"
},
{
"model": "smartcloud entry appliance fixpac",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.5"
},
{
"model": "10.1-release-p29",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.3-release-p13",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "nx-os nexus",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.9"
},
{
"model": "powerkvm build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.165.6"
},
{
"model": "mobility services engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89450"
},
{
"model": "initiate master data service provider hub",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.10"
},
{
"model": "smartcloud entry appliance fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.11"
},
{
"model": "netezza diagnostics tools",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.1.1"
},
{
"model": "infosphere master data management standard/advanced edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.3"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.1"
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "primavera p6 enterprise project portfolio management",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "16.1"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.8"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.13"
},
{
"model": "10.2-release-p11",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.6"
},
{
"model": "business process manager express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.7"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5"
},
{
"model": "mq light client module for node.js 1.0.2014091000-red",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.0.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.18"
},
{
"model": "9.3-release-p33",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.8"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6.2"
},
{
"model": "jabber for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "10.2"
},
{
"model": "smartcloud entry appliance fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.21"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.3"
},
{
"model": "ethernet switch 40g 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "642.0"
},
{
"model": "telepresence video communication server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11000"
},
{
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "7"
},
{
"model": "10.1-release-p25",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"model": "ethernet switch 40g 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "722.0"
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.6"
},
{
"model": "rational developer for i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.9"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.7"
},
{
"model": "security guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.0.2"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.0"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.4"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.6"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.13"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.4"
},
{
"model": "project openssl 1.0.1m",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "13.1"
},
{
"model": "expressway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 1.0.2g",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "cisco directors and switches with nx-os",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.3.1"
},
{
"model": "project openssl 1.0.2f",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.5"
},
{
"model": "10.1-release-p6",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6.5"
},
{
"model": "security identity manager virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.0"
},
{
"model": "initiate master data service provider hub",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"model": "edge digital media player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3000"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"model": "linux enterprise server sp4 ltss",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "nexus",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3x000"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.5"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "nx-os nexus",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50000"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"model": "project openssl 1.0.1j",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "solaris sru",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "11.36.5"
},
{
"model": "oss support tools oracle explorer",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"model": "unified attendant console standard",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational developer for i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5.0.2"
},
{
"model": "project openssl 1.0.1d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "security identity governance and intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3100"
},
{
"model": "9.3-release-p31",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "cloud manager with openstack interim fix1",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.6"
},
{
"model": "smartcloud entry appliance fixpac",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"model": "prime performance manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational developer for aix and linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "prime collaboration provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "5"
},
{
"model": "tivoli provisioning manager for os deployment build",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.20280.6"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.12"
},
{
"model": "vm server for",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "x863.4"
},
{
"model": "project openssl 1.0.1r",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "cisco directors and switches with nx-os",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1.0.0"
},
{
"model": "telepresence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "87107010"
},
{
"model": "powerkvm build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.13"
},
{
"model": "tivoli netcool reporter",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"model": "rational developer for i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"model": "rational developer for i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1.1"
},
{
"model": "telepresence server on virtual machine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cognos tm1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.5"
},
{
"model": "10.2-release-p12",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "rational application developer for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"model": "infosphere data explorer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2-4"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.3"
},
{
"model": "powerkvm build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.165.4"
},
{
"model": "10.2-stable",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.14"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.3"
},
{
"model": "9.3-release-p5",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.4"
},
{
"model": "unified intelligent contact management enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security identity manager virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.1"
},
{
"model": "project openssl 1.0.1k",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3"
},
{
"model": "rational developer for aix and linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1.2"
},
{
"model": "telepresence",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "13100"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.2"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "project openssl 1.0.1b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "pureapplication system",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.2.2"
},
{
"model": "watson explorer foundational components",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0.0.0"
},
{
"model": "powerkvm build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.165.1"
},
{
"model": "telepresence conductor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "image construction and composition tool",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.2.0"
},
{
"model": "series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88000"
},
{
"model": "smartcloud entry appliance fixpac",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"model": "project openssl 1.0.1s",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "pureapplication system if",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.0.18"
},
{
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "6"
},
{
"model": "sun blade ethernet switched nem 24p 10ge",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "60001.2"
},
{
"model": "infosphere master data management standard/advanced edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.4"
},
{
"model": "cognos tm1 interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.0.2"
},
{
"model": "10.1-release-p23",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "10.1-release-p16",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "business process manager standard",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.6"
},
{
"model": "security identity manager virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.0"
},
{
"model": "unified communications manager session management edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "9.3-release-p6",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "powerkvm build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.165.5"
},
{
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "9.3-release-p9",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "project openssl 1.0.2c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "mq light client module for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.2014090801"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.12"
},
{
"model": "rational developer for aix and linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1.1"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "powerkvm sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500-320"
},
{
"model": "unified attendant console enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cognos insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2"
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.0"
},
{
"model": "watson explorer foundational components",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.0"
},
{
"model": "project openssl 1.0.2b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "powerkvm build",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.165.7"
},
{
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.1"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.8"
},
{
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.3.0"
},
{
"model": "9.3-release-p34",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "emergency responder",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "flex system chassis management module 2pet",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.2"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500-370"
},
{
"model": "cloud manager with openstack interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.3"
},
{
"model": "nexus",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "project openssl 1.0.1l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "im and presence service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.16"
},
{
"model": "9.3-release-p29",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "cognos insight fp if",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.126"
},
{
"model": "vm server for",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "x863.2"
},
{
"model": "tivoli provisioning manager for images system edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x7.1.1.0"
},
{
"model": "unity connection",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.1"
},
{
"model": "project openssl 1.0.1h",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "powerkvm build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.158"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.0"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.1"
},
{
"model": "project openssl 1.0.1p",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "unified computing system central software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.2"
},
{
"model": "unified computing system central software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.1"
},
{
"model": "unified computing system central software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#257823"
},
{
"db": "BID",
"id": "82237"
},
{
"db": "BID",
"id": "74491"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006985"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-026"
},
{
"db": "NVD",
"id": "CVE-2015-3197"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:oracle:tuxedo:12.1.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:oracle:exalogic_infrastructure:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:exalogic_infrastructure:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.54:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.53:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.55:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1m:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1j:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1:beta2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1h:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1:beta3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2:beta3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1p:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1k:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1n:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1q:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1l:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1o:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1i:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2:beta2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:oracle:oss_support_tools:8.11.16.3.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:oracle:vm_virtualbox:5.0.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-3197"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Nimrod Aviram and Sebastian Schinzel",
"sources": [
{
"db": "BID",
"id": "82237"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-026"
}
],
"trust": 0.9
},
"cve": "CVE-2015-3197",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2015-3197",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "High",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.9,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2015-3197",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2015-3197",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201602-026",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2015-3197",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-3197"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006985"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-026"
},
{
"db": "NVD",
"id": "CVE-2015-3197"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ssl/s2_srvr.c in OpenSSL 1.0.1 before 1.0.1r and 1.0.2 before 1.0.2f does not prevent use of disabled ciphers, which makes it easier for man-in-the-middle attackers to defeat cryptographic protection mechanisms by performing computations on SSLv2 traffic, related to the get_client_master_key and get_client_hello functions. OpenSSL may generate unsafe primes for use in the Diffie-Hellman protocol, which may lead to disclosure of enough information for an attacker to recover the private encryption key. OpenSSL is prone to a security-bypass vulnerability. \nSuccessfully exploiting this issue may allow attackers to perform unauthorized actions. This may lead to other attacks. Cisco Unified Computing System Central Software is prone to an arbitrary command-execution vulnerability. \nAn attacker can exploit this issue to execute system commands on the underlying operating system. \nThis issue being tracked by Cisco Bug ID CSCut46961. Description:\n\nRed Hat JBoss Web Server is a fully integrated and certified set of\ncomponents for hosting Java web applications. It is comprised of the\nApache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat\nConnector(mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and\nthe Tomcat Native library. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05390893\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c05390893\nVersion: 1\n\nHPESBHF03703 rev.1 - HPE Network Products including Comware v7 and VCX using\nOpenSSL, Remote Unauthorized Disclosure of Information\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2017-02-14\nLast Updated: 2017-02-14\n\nPotential Security Impact: Remote: Unauthorized Disclosure of Information\n\nSource: Hewlett Packard Enterprise, Product Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities with OpenSSL have been addressed in HPE\nNetwork Products including Comware v7 and VCX. The vulnerabilities could be\nremotely exploited resulting in disclosure of information. \n\nReferences:\n\n - CVE-2015-3197 - OpenSSL, Remote unauthorized disclosure of information\n - CVE-2016-0701 - OpenSSL, Remote unauthorized disclosure of information\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \n\n - VCX Products all prior versions - impacted by CVE-2015-3197 only. Please\nrefer to the RESOLUTION below for a list of updated products. \n - Comware 7 (CW7) Products all prior versions - impacted by CVE-2015-3197\nand CVE-2016-0701. Please refer to the RESOLUTION below for a list of updated\nproducts. \n\nBACKGROUND\n\n CVSS Base Metrics\n =================\n Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector\n\n CVE-2015-3197\n 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\n 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n CVE-2016-0701\n 3.7 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N\n 2.6 (AV:N/AC:H/Au:N/C:P/I:N/A:N)\n\n Information on CVSS is documented in\n HPE Customer Notice HPSN-2008-002 here:\n\nhttps://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499\n\nRESOLUTION\n\nHPE has made the following software updates to resolve the vulnerability in\nthe Comware v7 and VCX products. \n\n**COMWARE 7 Products**\n\n + **12500 (Comware 7) - Version: R7377P01**\n * HP Network Products\n - JC072B HP 12500 Main Processing Unit\n - JC085A HP A12518 Switch Chassis\n - JC086A HP A12508 Switch Chassis\n - JC652A HP 12508 DC Switch Chassis\n - JC653A HP 12518 DC Switch Chassis\n - JC654A HP 12504 AC Switch Chassis\n - JC655A HP 12504 DC Switch Chassis\n - JF430A HP A12518 Switch Chassis\n - JF430B HP 12518 Switch Chassis\n - JF430C HP 12518 AC Switch Chassis\n - JF431A HP A12508 Switch Chassis\n - JF431B HP 12508 Switch Chassis\n - JF431C HP 12508 AC Switch Chassis\n - JG497A HP 12500 MPU w/Comware V7 OS\n - JG782A HP FF 12508E AC Switch Chassis\n - JG783A HP FF 12508E DC Switch Chassis\n - JG784A HP FF 12518E AC Switch Chassis\n - JG785A HP FF 12518E DC Switch Chassis\n - JG802A HP FF 12500E MPU\n * CVEs\n - CVE-2015-3197\n - CVE-2016-0701\n + **10500 (Comware 7) - Version: R7183**\n * HP Network Products\n - JC611A HP 10508-V Switch Chassis\n - JC612A HP 10508 Switch Chassis\n - JC613A HP 10504 Switch Chassis\n - JC748A HP 10512 Switch Chassis\n - JG608A HP FlexFabric 11908-V Switch Chassis\n - JG609A HP FlexFabric 11900 Main Processing Unit\n - JG820A HP 10504 TAA Switch Chassis\n - JG821A HP 10508 TAA Switch Chassis\n - JG822A HP 10508-V TAA Switch Chassis\n - JG823A HP 10512 TAA Switch Chassis\n - JG496A HP 10500 Type A MPU w/Comware v7 OS\n - JH198A HP 10500 Type D Main Processing Unit with Comware v7 Operating\nSystem\n - JH206A HP 10500 Type D TAA-compliant with Comware v7 Operating System\nMain Processing Unit\n * CVEs\n - CVE-2015-3197\n - CVE-2016-0701\n + **12900 (Comware 7) - Version: R1150**\n * HP Network Products\n - JG619A HP FlexFabric 12910 Switch AC Chassis\n - JG621A HP FlexFabric 12910 Main Processing Unit\n - JG632A HP FlexFabric 12916 Switch AC Chassis\n - JG634A HP FlexFabric 12916 Main Processing Unit\n - JH104A HP FlexFabric 12900E Main Processing Unit\n - JH114A HP FlexFabric 12910 TAA-compliant Main Processing Unit\n - JH263A HP FlexFabric 12904E Main Processing Unit\n - JH255A HP FlexFabric 12908E Switch Chassis\n - JH262A HP FlexFabric 12904E Switch Chassis\n - JH113A HP FlexFabric 12910 TAA-compliant Switch AC Chassis\n - JH103A HP FlexFabric 12916E Switch Chassis\n * CVEs\n - CVE-2015-3197\n - CVE-2016-0701\n + **5900 (Comware 7) - Version: R2432P01**\n * HP Network Products\n - JC772A HP 5900AF-48XG-4QSFP+ Switch\n - JG296A HP 5920AF-24XG Switch\n - JG336A HP 5900AF-48XGT-4QSFP+ Switch\n - JG510A HP 5900AF-48G-4XG-2QSFP+ Switch\n - JG554A HP 5900AF-48XG-4QSFP+ TAA Switch\n - JG555A HP 5920AF-24XG TAA Switch\n - JG838A HP FF 5900CP-48XG-4QSFP+ Switch\n - JH036A HP FlexFabric 5900CP 48XG 4QSFP+ TAA-Compliant\n - JH037A HP 5900AF 48XGT 4QSFP+ TAA-Compliant Switch\n - JH038A HP 5900AF 48G 4XG 2QSFP+ TAA-Compliant\n * CVEs\n - CVE-2015-3197\n - CVE-2016-0701\n + **MSR1000 (Comware 7) - Version: R0306P30**\n * HP Network Products\n - JG875A HP MSR1002-4 AC Router\n - JH060A HP MSR1003-8S AC Router\n * CVEs\n - CVE-2015-3197\n - CVE-2016-0701\n + **MSR2000 (Comware 7) - Version: R0306P30**\n * HP Network Products\n - JG411A HP MSR2003 AC Router\n - JG734A HP MSR2004-24 AC Router\n - JG735A HP MSR2004-48 Router\n - JG866A HP MSR2003 TAA-compliant AC Router\n * CVEs\n - CVE-2015-3197\n - CVE-2016-0701\n + **MSR3000 (Comware 7) - Version: R0306P30**\n * HP Network Products\n - JG404A HP MSR3064 Router\n - JG405A HP MSR3044 Router\n - JG406A HP MSR3024 AC Router\n - JG409A HP MSR3012 AC Router\n - JG409B HPE MSR3012 AC Router\n - JG861A HP MSR3024 TAA-compliant AC Router\n * CVEs\n - CVE-2015-3197\n - CVE-2016-0701\n + **MSR4000 (Comware 7) - Version: R0306P30**\n * HP Network Products\n - JG402A HP MSR4080 Router Chassis\n - JG403A HP MSR4060 Router Chassis\n - JG412A HP MSR4000 MPU-100 Main Processing Unit\n - JG869A HP MSR4000 TAA-compliant MPU-100 Main Processing Unit\n * CVEs\n - CVE-2015-3197\n - CVE-2016-0701\n + **MSR95X - Version: R0306P30**\n * HP Network Products\n - JH296A HPE MSR954 1GbE SFP 2GbE-WAN 4GbE-LAN CWv7 Router\n - JH297A HPE MSR954-W 1GbE SFP (WW) 2GbE-WAN 4GbE-LAN Wireless 802.11n\nCWv7 Router\n - JH298A HPE MSR954-W 1GbE SFP LTE (AM) 2GbE-WAN 4GbE-LAN Wireless\n802.11n CWv7 Router\n - JH299A HPE MSR954-W 1GbE SFP LTE (WW) 2GbE-WAN 4GbE-LAN Wireless\n802.11n CWv7 Router\n * CVEs\n - CVE-2015-3197\n - CVE-2016-0701\n + **VSR (Comware 7) - Version: E0322P01**\n * HP Network Products\n - JG810AAE HP VSR1001 Virtual Services Router 60 Day Evaluation\nSoftware\n - JG811AAE HP VSR1001 Comware 7 Virtual Services Router\n - JG812AAE HP VSR1004 Comware 7 Virtual Services Router\n - JG813AAE HP VSR1008 Comware 7 Virtual Services Router\n * CVEs\n - CVE-2015-3197\n - CVE-2016-0701\n + **7900 (Comware 7) - Version: R2150**\n * HP Network Products\n - JG682A HP FlexFabric 7904 Switch Chassis\n - JG841A HP FlexFabric 7910 Switch Chassis\n - JG842A HP FlexFabric 7910 7.2Tbps Fabric / Main Processing Unit\n - JH001A HP FlexFabric 7910 2.4Tbps Fabric / Main Processing Unit\n - JH122A HP FlexFabric 7904 TAA-compliant Switch Chassis\n - JH123A HP FlexFabric 7910 TAA-compliant Switch Chassis\n - JH124A HP FlexFabric 7910 7.2Tbps TAA-compliant Fabric/Main\nProcessing Unit\n - JH125A HP FlexFabric 7910 2.4Tbps TAA-compliant Fabric/Main\nProcessing Unit\n * CVEs\n - CVE-2015-3197\n - CVE-2016-0701\n + **5130EI (Comware 7) - Version: R3113P02**\n * HP Network Products\n - JG932A HP 5130-24G-4SFP+ EI Switch\n - JG933A HP 5130-24G-SFP-4SFP+ EI Switch\n - JG934A HP 5130-48G-4SFP+ EI Switch\n - JG936A HP 5130-24G-PoE+-4SFP+ (370W) EI Switch\n - JG937A HP 5130-48G-PoE+-4SFP+ (370W) EI Switch\n - JG938A HP 5130-24G-2SFP+-2XGT EI Switch\n - JG939A HP 5130-48G-2SFP+-2XGT EI Switch\n - JG940A HP 5130-24G-PoE+-2SFP+-2XGT (370W) EI Switch\n - JG941A HP 5130-48G-PoE+-2SFP+-2XGT (370W) EI Switch\n - JG975A HP 5130-24G-4SFP+ EI Brazil Switch\n - JG976A HP 5130-48G-4SFP+ EI Brazil Switch\n - JG977A HP 5130-24G-PoE+-4SFP+ (370W) EI Brazil Switch\n - JG978A HP 5130-48G-PoE+-4SFP+ (370W) EI Brazil Switch\n * CVEs\n - CVE-2015-3197\n - CVE-2016-0701\n + **6125XLG - Version: R2432P01**\n * HP Network Products\n - 711307-B21 HP 6125XLG Blade Switch\n - 737230-B21 HP 6125XLG Blade Switch with TAA\n * CVEs\n - CVE-2015-3197\n - CVE-2016-0701\n + **6127XLG - Version: R2432P01**\n * HP Network Products\n - 787635-B21 HP 6127XLG Blade Switch Opt Kit\n - 787635-B22 HP 6127XLG Blade Switch with TAA\n * CVEs\n - CVE-2015-3197\n - CVE-2016-0701\n + **Moonshot - Version: R2432P01**\n * HP Network Products\n - 786617-B21 - HP Moonshot-45Gc Switch Module\n - 704654-B21 - HP Moonshot-45XGc Switch Module\n - 786619-B21 - HP Moonshot-180XGc Switch Module\n * CVEs\n - CVE-2015-3197\n - CVE-2016-0701\n + **5700 (Comware 7) - Version: R2432P01**\n * HP Network Products\n - JG894A HP FlexFabric 5700-48G-4XG-2QSFP+ Switch\n - JG895A HP FlexFabric 5700-48G-4XG-2QSFP+ TAA-compliant Switch\n - JG896A HP FlexFabric 5700-40XG-2QSFP+ Switch\n - JG897A HP FlexFabric 5700-40XG-2QSFP+ TAA-compliant Switch\n - JG898A HP FlexFabric 5700-32XGT-8XG-2QSFP+ Switch\n - JG899A HP FlexFabric 5700-32XGT-8XG-2QSFP+ TAA-compliant Switch\n * CVEs\n - CVE-2015-3197\n - CVE-2016-0701\n + **5930 (Comware 7) - Version: R2432P01**\n * HP Network Products\n - JG726A HP FlexFabric 5930 32QSFP+ Switch\n - JG727A HP FlexFabric 5930 32QSFP+ TAA-compliant Switch\n - JH178A HP FlexFabric 5930 2QSFP+ 2-slot Switch\n - JH179A HP FlexFabric 5930 4-slot Switch\n - JH187A HP FlexFabric 5930 2QSFP+ 2-slot TAA-compliant Switch\n - JH188A HP FlexFabric 5930 4-slot TAA-compliant Switch\n * CVEs\n - CVE-2015-3197\n - CVE-2016-0701\n + **1950 (Comware 7) - Version: R3113P02**\n * HP Network Products\n - JG960A HP 1950-24G-4XG Switch\n - JG961A HP 1950-48G-2SFP+-2XGT Switch\n - JG962A HP 1950-24G-2SFP+-2XGT-PoE+(370W) Switch\n - JG963A HP 1950-48G-2SFP+-2XGT-PoE+(370W) Switch\n * CVEs\n - CVE-2015-3197\n - CVE-2016-0701\n + **7500 (Comware 7) - Version: R7183**\n * HP Network Products\n - JD238C HP 7510 Switch Chassis\n - JD239C HP 7506 Switch Chassis\n - JD240C HP 7503 Switch Chassis\n - JD242C HP 7502 Switch Chassis\n - JH207A HP 7500 1.2Tbps Fabric with 2-port 40GbE QSFP+ for IRF-Only\nMain Processing Unit\n - JH208A HP 7502 Main Processing Unit\n - JH209A HP 7500 2.4Tbps Fabric with 8-port 1/10GbE SFP+ and 2-port\n40GbE QSFP+ Main Processing Unit\n * CVEs\n - CVE-2015-3197\n - CVE-2016-0701\n + **5130HI - Version: R1120P07**\n * HP Network Products\n - JH323A HPE 5130 24G 4SFP+ 1-slot HI Switch\n - JH324A HPE 5130 48G 4SFP+ 1-slot HI Switch\n - JH325A HPE 5130 24G PoE+ 4SFP+ 1-slot HI Switch\n - JH326A HPE 5130 48G PoE+ 4SFP+ 1-slot HI Switch\n * CVEs\n - CVE-2015-3197\n - CVE-2016-0701\n + **5510HI - Version: R1120P07**\n * HP Network Products\n - JH145A HPE 5510 24G 4SFP+ HI 1-slot Switch\n - JH146A HPE 5510 48G 4SFP+ HI 1-slot Switch\n - JH147A HPE 5510 24G PoE+ 4SFP+ HI 1-slot Switch\n - JH148A HPE 5510 48G PoE+ 4SFP+ HI 1-slot Switch\n - JH149A HPE 5510 24G SFP 4SFP+ HI 1-slot Switch\n * CVEs\n - CVE-2015-3197\n - CVE-2016-0701\n + **VCX - Version: 9.8.19**\n * HP Network Products\n - J9672A HP VCX V7205 Platform w/ DL360 G7 Srvr\n - J9668A HP VCX IPC V7005 Pltfrm w/ DL120 G6 Srvr\n - JC517A HP VCX V7205 Platform w/DL 360 G6 Server\n - JE355A HP VCX V6000 Branch Platform 9.0\n - JC516A HP VCX V7005 Platform w/DL 120 G6 Server\n - JC518A HP VCX Connect 200 Primry 120 G6 Server\n - J9669A HP VCX IPC V7310 Pltfrm w/ DL360 G7 Srvr\n - JE341A HP VCX Connect 100 Secondary\n - JE252A HP VCX Connect Primary MIM Module\n - JE253A HP VCX Connect Secondary MIM Module\n - JE254A HP VCX Branch MIM Module\n - JE355A HP VCX V6000 Branch Platform 9.0\n - JD028A HP MS30-40 RTR w/VCX + T1/FXO/FXS/Mod\n - JD023A HP MSR30-40 Router with VCX MIM Module\n - JD024A HP MSR30-16 RTR w/VCX Ent Br Com MIM\n - JD025A HP MSR30-16 RTR w/VCX + 4FXO/2FXS Mod\n - JD026A HP MSR30-16 RTR w/VCX + 8FXO/4FXS Mod\n - JD027A HP MSR30-16 RTR w/VCX + 8BRI/4FXS Mod\n - JD029A HP MSR30-16 RTR w/VCX + E1/4BRI/4FXS\n - JE340A HP VCX Connect 100 Pri Server 9.0\n - JE342A HP VCX Connect 100 Sec Server 9.0\n * CVEs\n - CVE-2015-3197\n \n **Note:** Please contact HPE Technical Support if any assistance is needed\nacquiring the software updates. \n\nHISTORY\nVersion:1 (rev.1) - 14 February 2017 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running Hewlett Packard Enterprise (HPE) software\nproducts should be applied in accordance with the customer\u0027s patch management\npolicy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HPE Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hpe.com. \n\nReport: To report a potential security vulnerability for any HPE supported\nproduct:\n Web form: https://www.hpe.com/info/report-security-vulnerability\n Email: security-alert@hpe.com\n\nSubscribe: To initiate a subscription to receive future HPE Security Bulletin\nalerts via Email: http://www.hpe.com/support/Subscriber_Choice\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here: http://www.hpe.com/support/Security_Bulletin_Archive\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HPE General Software\nHF = HPE Hardware and Firmware\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPV = ProCurve\nST = Storage Software\nUX = HP-UX\n\nCopyright 2016 Hewlett Packard Enterprise\n\nHewlett Packard Enterprise shall not be liable for technical or editorial\nerrors or omissions contained herein. The information provided is provided\n\"as is\" without warranty of any kind. To the extent permitted by law, neither\nHP or its affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. Hewlett\nPackard Enterprise and the names of Hewlett Packard Enterprise products\nreferenced herein are trademarks of Hewlett Packard Enterprise in the United\nStates and other countries. Other product and company names mentioned herein\nmay be trademarks of their respective owners. \n\n\nHere are the details from the Slackware 14.1 ChangeLog:\n+--------------------------+\npatches/packages/openssl-1.0.1r-i486-1_slack14.1.txz: Upgraded. \n This update fixes the following security issue:\n SSLv2 doesn\u0027t block disabled ciphers (CVE-2015-3197). \n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated packages for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-1.0.1r-i486-1_slack14.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-solibs-1.0.1r-i486-1_slack14.0.txz\n\nUpdated packages for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-1.0.1r-x86_64-1_slack14.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-solibs-1.0.1r-x86_64-1_slack14.0.txz\n\nUpdated packages for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-1.0.1r-i486-1_slack14.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-solibs-1.0.1r-i486-1_slack14.1.txz\n\nUpdated packages for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-1.0.1r-x86_64-1_slack14.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-solibs-1.0.1r-x86_64-1_slack14.1.txz\n\nUpdated packages for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-1.0.2f-i586-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-1.0.2f-i586-1.txz\n\nUpdated packages for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/openssl-solibs-1.0.2f-x86_64-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssl-1.0.2f-x86_64-1.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 14.0 packages:\n0d6e8d3b27326c84b9996ed189868eba openssl-1.0.1r-i486-1_slack14.0.txz\ne3cb0b75e9df4be9d8fd1cfcd2fbd306 openssl-solibs-1.0.1r-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 packages:\n7b52f4a43b42703a6840945d55f503ee openssl-1.0.1r-x86_64-1_slack14.0.txz\neee92cb549bacae21e63bee22b9bb8d4 openssl-solibs-1.0.1r-x86_64-1_slack14.0.txz\n\nSlackware 14.1 packages:\n5be72ab551b2064aa34c83b42a07ff85 openssl-1.0.1r-i486-1_slack14.1.txz\nb28e00a7124822258cfd137ab5ce0572 openssl-solibs-1.0.1r-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 packages:\n8e0273b1e99e8caa48fcab2547f051e9 openssl-1.0.1r-x86_64-1_slack14.1.txz\n60f3994c35679455cab7a984493d1fdb openssl-solibs-1.0.1r-x86_64-1_slack14.1.txz\n\nSlackware -current packages:\n509771b1f7d58a682feb2099fdf3eb5d a/openssl-solibs-1.0.2f-i586-1.txz\nd72c0188f4223d1dc2d6080f8d99d92e n/openssl-1.0.2f-i586-1.txz\n\nSlackware x86_64 -current packages:\n0c6653d3c37271f9f1a58a8c0e1f7b40 a/openssl-solibs-1.0.2f-x86_64-1.txz\ne4ebd1204644ea58e1779187fe071428 n/openssl-1.0.2f-x86_64-1.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the packages as root:\n# upgradepkg openssl-1.0.1r-i486-1_slack14.1.txz openssl-solibs-1.0.1r-i486-1_slack14.1.txz \n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list: |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message: |\n| |\n| unsubscribe slackware-security |\n| |\n| You will get a confirmation message back containing instructions to |\n| complete the process. Please do not reply to this email address. 5.9 server) - i386, ia64, x86_64\n\n3. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201601-05\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: OpenSSL: Multiple vulnerabilities\n Date: January 29, 2016\n Bugs: #572854\n ID: 201601-05\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in OpenSSL, allowing remote\nattackers to disclose sensitive information and complete weak\nhandshakes. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 dev-libs/openssl \u003c 1.0.2f \u003e= 1.0.2f\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in OpenSSL. Please review\nthe upstream advisory and CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll OpenSSL users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-1.0.2f\"\n\nReferences\n==========\n\n[ 1 ] CVE-2015-3197\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3197\n[ 2 ] CVE-2016-0701\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0701\n[ 3 ] OpenSSL Security Advisory [28th Jan 2016]\n http://openssl.org/news/secadv/20160128.txt\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201601-05\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2016 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: openssl098e security update\nAdvisory ID: RHSA-2016:0372-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2016-0372.html\nIssue date: 2016-03-09\nCVE Names: CVE-2015-0293 CVE-2015-3197 CVE-2016-0703 \n CVE-2016-0704 CVE-2016-0800 \n=====================================================================\n\n1. Summary:\n\nUpdated openssl098e packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 6 and 7. \n\nRed Hat Product Security has rated this update as having Important security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux Desktop (v. 6) - i386, x86_64\nRed Hat Enterprise Linux HPC Node (v. 6) - x86_64\nRed Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\n\n3. Description:\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library. \n\nA padding oracle flaw was found in the Secure Sockets Layer version 2.0\n(SSLv2) protocol. An attacker can potentially use this flaw to decrypt\nRSA-encrypted cipher text from a connection using a newer SSL/TLS protocol\nversion, allowing them to decrypt such connections. This cross-protocol\nattack is publicly referred to as DROWN. (CVE-2016-0800)\n\nNote: This issue was addressed by disabling the SSLv2 protocol by default\nwhen using the \u0027SSLv23\u0027 connection methods, and removing support for weak\nSSLv2 cipher suites. For more information, refer to the knowledge base\narticle linked to in the References section. \n\nIt was discovered that the SSLv2 servers using OpenSSL accepted SSLv2\nconnection handshakes that indicated non-zero clear key length for\nnon-export cipher suites. An attacker could use this flaw to decrypt\nrecorded SSLv2 sessions with the server by using it as a decryption \noracle.(CVE-2016-0703)\n\nIt was discovered that the SSLv2 protocol implementation in OpenSSL did\nnot properly implement the Bleichenbacher protection for export cipher\nsuites. An attacker could use a SSLv2 server using OpenSSL as a\nBleichenbacher oracle. \n\nA denial of service flaw was found in the way OpenSSL handled SSLv2\nhandshake messages. This could result in weak\nSSLv2 ciphers being used for SSLv2 connections, making them vulnerable to\nman-in-the-middle attacks. (CVE-2015-3197)\n\nRed Hat would like to thank the OpenSSL project for reporting these issues. \nUpstream acknowledges Nimrod Aviram and Sebastian Schinzel as the original\nreporters of CVE-2016-0800 and CVE-2015-3197; David Adrian (University of\nMichigan) and J. Alex Halderman (University of Michigan) as the original\nreporters of CVE-2016-0703 and CVE-2016-0704; and Sean Burford (Google) and\nEmilia K\u00e4sper (OpenSSL development team) as the original reporters of\nCVE-2015-0293. For the update\nto take effect, all services linked to the openssl098e library must be\nrestarted, or the system rebooted. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1202404 - CVE-2015-0293 openssl: assertion failure in SSLv2 servers\n1301846 - CVE-2015-3197 OpenSSL: SSLv2 doesn\u0027t block disabled ciphers\n1310593 - CVE-2016-0800 SSL/TLS: Cross-protocol attack on TLS using SSLv2 (DROWN)\n1310811 - CVE-2016-0703 openssl: Divide-and-conquer session key recovery in SSLv2\n1310814 - CVE-2016-0704 openssl: SSLv2 Bleichenbacher protection overwrites wrong bytes for export ciphers\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 6):\n\nSource:\nopenssl098e-0.9.8e-20.el6_7.1.src.rpm\n\ni386:\nopenssl098e-0.9.8e-20.el6_7.1.i686.rpm\nopenssl098e-debuginfo-0.9.8e-20.el6_7.1.i686.rpm\n\nx86_64:\nopenssl098e-0.9.8e-20.el6_7.1.i686.rpm\nopenssl098e-0.9.8e-20.el6_7.1.x86_64.rpm\nopenssl098e-debuginfo-0.9.8e-20.el6_7.1.i686.rpm\nopenssl098e-debuginfo-0.9.8e-20.el6_7.1.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node (v. 6):\n\nSource:\nopenssl098e-0.9.8e-20.el6_7.1.src.rpm\n\nx86_64:\nopenssl098e-0.9.8e-20.el6_7.1.i686.rpm\nopenssl098e-0.9.8e-20.el6_7.1.x86_64.rpm\nopenssl098e-debuginfo-0.9.8e-20.el6_7.1.i686.rpm\nopenssl098e-debuginfo-0.9.8e-20.el6_7.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 6):\n\nSource:\nopenssl098e-0.9.8e-20.el6_7.1.src.rpm\n\ni386:\nopenssl098e-0.9.8e-20.el6_7.1.i686.rpm\nopenssl098e-debuginfo-0.9.8e-20.el6_7.1.i686.rpm\n\nppc64:\nopenssl098e-0.9.8e-20.el6_7.1.ppc.rpm\nopenssl098e-0.9.8e-20.el6_7.1.ppc64.rpm\nopenssl098e-debuginfo-0.9.8e-20.el6_7.1.ppc.rpm\nopenssl098e-debuginfo-0.9.8e-20.el6_7.1.ppc64.rpm\n\ns390x:\nopenssl098e-0.9.8e-20.el6_7.1.s390.rpm\nopenssl098e-0.9.8e-20.el6_7.1.s390x.rpm\nopenssl098e-debuginfo-0.9.8e-20.el6_7.1.s390.rpm\nopenssl098e-debuginfo-0.9.8e-20.el6_7.1.s390x.rpm\n\nx86_64:\nopenssl098e-0.9.8e-20.el6_7.1.i686.rpm\nopenssl098e-0.9.8e-20.el6_7.1.x86_64.rpm\nopenssl098e-debuginfo-0.9.8e-20.el6_7.1.i686.rpm\nopenssl098e-debuginfo-0.9.8e-20.el6_7.1.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 6):\n\nSource:\nopenssl098e-0.9.8e-20.el6_7.1.src.rpm\n\ni386:\nopenssl098e-0.9.8e-20.el6_7.1.i686.rpm\nopenssl098e-debuginfo-0.9.8e-20.el6_7.1.i686.rpm\n\nx86_64:\nopenssl098e-0.9.8e-20.el6_7.1.i686.rpm\nopenssl098e-0.9.8e-20.el6_7.1.x86_64.rpm\nopenssl098e-debuginfo-0.9.8e-20.el6_7.1.i686.rpm\nopenssl098e-debuginfo-0.9.8e-20.el6_7.1.x86_64.rpm\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nopenssl098e-0.9.8e-29.el7_2.3.src.rpm\n\nx86_64:\nopenssl098e-0.9.8e-29.el7_2.3.i686.rpm\nopenssl098e-0.9.8e-29.el7_2.3.x86_64.rpm\nopenssl098e-debuginfo-0.9.8e-29.el7_2.3.i686.rpm\nopenssl098e-debuginfo-0.9.8e-29.el7_2.3.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nopenssl098e-0.9.8e-29.el7_2.3.src.rpm\n\nx86_64:\nopenssl098e-0.9.8e-29.el7_2.3.i686.rpm\nopenssl098e-0.9.8e-29.el7_2.3.x86_64.rpm\nopenssl098e-debuginfo-0.9.8e-29.el7_2.3.i686.rpm\nopenssl098e-debuginfo-0.9.8e-29.el7_2.3.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nopenssl098e-0.9.8e-29.el7_2.3.src.rpm\n\nppc64:\nopenssl098e-0.9.8e-29.el7_2.3.ppc.rpm\nopenssl098e-0.9.8e-29.el7_2.3.ppc64.rpm\nopenssl098e-debuginfo-0.9.8e-29.el7_2.3.ppc.rpm\nopenssl098e-debuginfo-0.9.8e-29.el7_2.3.ppc64.rpm\n\ns390x:\nopenssl098e-0.9.8e-29.el7_2.3.s390.rpm\nopenssl098e-0.9.8e-29.el7_2.3.s390x.rpm\nopenssl098e-debuginfo-0.9.8e-29.el7_2.3.s390.rpm\nopenssl098e-debuginfo-0.9.8e-29.el7_2.3.s390x.rpm\n\nx86_64:\nopenssl098e-0.9.8e-29.el7_2.3.i686.rpm\nopenssl098e-0.9.8e-29.el7_2.3.x86_64.rpm\nopenssl098e-debuginfo-0.9.8e-29.el7_2.3.i686.rpm\nopenssl098e-debuginfo-0.9.8e-29.el7_2.3.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nopenssl098e-0.9.8e-29.el7_2.3.src.rpm\n\nx86_64:\nopenssl098e-0.9.8e-29.el7_2.3.i686.rpm\nopenssl098e-0.9.8e-29.el7_2.3.x86_64.rpm\nopenssl098e-debuginfo-0.9.8e-29.el7_2.3.i686.rpm\nopenssl098e-debuginfo-0.9.8e-29.el7_2.3.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2015-0293\nhttps://access.redhat.com/security/cve/CVE-2015-3197\nhttps://access.redhat.com/security/cve/CVE-2016-0703\nhttps://access.redhat.com/security/cve/CVE-2016-0704\nhttps://access.redhat.com/security/cve/CVE-2016-0800\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/articles/2176731\nhttps://drownattack.com/\nhttps://openssl.org/news/secadv/20160128.txt\nhttps://openssl.org/news/secadv/20160301.txt\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFW36N0XlSAg2UNWIIRAqYBAJ98/98OOTx9c6LlkPHMl7SfneXccQCfX2LY\nBQ+47lH1uQT1a3RxlYkETOk=\n=TqD1\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce. OpenSSL Security Advisory [28th Jan 2016]\n=========================================\n\nNOTE: SUPPORT FOR VERSION 1.0.1 WILL BE ENDING ON 31ST DECEMBER 2016. NO\nSECURITY FIXES WILL BE PROVIDED AFTER THAT DATE. UNTIL THAT TIME SECURITY FIXES\nONLY ARE BEING APPLIED. \n\nDH small subgroups (CVE-2016-0701)\n==================================\n\nSeverity: High\n\nHistorically OpenSSL usually only ever generated DH parameters based on \"safe\"\nprimes. More recently (in version 1.0.2) support was provided for generating\nX9.42 style parameter files such as those required for RFC 5114 support. The\nprimes used in such files may not be \"safe\". Where an application is using DH\nconfigured with parameters based on primes that are not \"safe\" then an attacker\ncould use this fact to find a peer\u0027s private DH exponent. This attack requires\nthat the attacker complete multiple handshakes in which the peer uses the same\nprivate DH exponent. For example this could be used to discover a TLS server\u0027s\nprivate DH exponent if it\u0027s reusing the private DH exponent or it\u0027s using a\nstatic DH ciphersuite. \n\nOpenSSL provides the option SSL_OP_SINGLE_DH_USE for ephemeral DH (DHE) in TLS. \nIt is not on by default. If the option is not set then the server reuses the\nsame private DH exponent for the life of the server process and would be\nvulnerable to this attack. It is believed that many popular applications do set\nthis option and would therefore not be at risk. \n\nOpenSSL before 1.0.2f will reuse the key if:\n- SSL_CTX_set_tmp_dh()/SSL_set_tmp_dh() is used and SSL_OP_SINGLE_DH_USE is not\n set. \n- SSL_CTX_set_tmp_dh_callback()/SSL_set_tmp_dh_callback() is used, and both the\n parameters and the key are set and SSL_OP_SINGLE_DH_USE is not used. This is\n an undocumted feature and parameter files don\u0027t contain the key. \n- Static DH ciphersuites are used. The key is part of the certificate and\n so it will always reuse it. This is only supported in 1.0.2. \n\nIt will not reuse the key for DHE ciphers suites if:\n- SSL_OP_SINGLE_DH_USE is set\n- SSL_CTX_set_tmp_dh_callback()/SSL_set_tmp_dh_callback() is used and the\n callback does not provide the key, only the parameters. The callback is\n almost always used like this. \n\nNon-safe primes are generated by OpenSSL when using:\n- genpkey with the dh_rfc5114 option. This will write an X9.42 style file\n including the prime-order subgroup size \"q\". This is supported since the 1.0.2\n version. Older versions can\u0027t read files generated in this way. \n- dhparam with the -dsaparam option. This has always been documented as\n requiring the single use. \n\nThe fix for this issue adds an additional check where a \"q\" parameter is\navailable (as is the case in X9.42 based parameters). This detects the\nonly known attack, and is the only possible defense for static DH ciphersuites. \nThis could have some performance impact. \n\nAdditionally the SSL_OP_SINGLE_DH_USE option has been switched on by default\nand cannot be disabled. This could have some performance impact. \n\nThis issue affects OpenSSL version 1.0.2. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2f\n\nOpenSSL 1.0.1 is not affected by this CVE because it does not support X9.42\nbased parameters. It is possible to generate parameters using non \"safe\" primes,\nbut this option has always been documented as requiring single use and is not\nthe default or believed to be common. However, as a precaution, the\nSSL_OP_SINGLE_DH_USE change has also been backported to 1.0.1r. \n\nThis issue was reported to OpenSSL on 12 January 2016 by Antonio Sanso (Adobe). \nThe fix was developed by Matt Caswell of the OpenSSL development team\n(incorporating some work originally written by Stephen Henson of the OpenSSL\ncore team). \n\nSSLv2 doesn\u0027t block disabled ciphers (CVE-2015-3197)\n====================================================\n\nSeverity: Low\n\nA malicious client can negotiate SSLv2 ciphers that have been disabled on the\nserver and complete SSLv2 handshakes even if all SSLv2 ciphers have been\ndisabled, provided that the SSLv2 protocol was not also disabled via\nSSL_OP_NO_SSLv2. \n\nThis issue affects OpenSSL versions 1.0.2 and 1.0.1. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2f\nOpenSSL 1.0.1 users should upgrade to 1.0.1r\n\nThis issue was reported to OpenSSL on 26th December 2015 by Nimrod Aviram and\nSebastian Schinzel. The fix was developed by Nimrod Aviram with further\ndevelopment by Viktor Dukhovni of the OpenSSL development team. \n\n\nAn update on DHE man-in-the-middle protection (Logjam)\n====================================================================\n\nA previously published vulnerability in the TLS protocol allows a\nman-in-the-middle attacker to downgrade vulnerable TLS connections\nusing ephemeral Diffie-Hellman key exchange to 512-bit export-grade\ncryptography. This vulnerability is known as Logjam\n(CVE-2015-4000). OpenSSL added Logjam mitigation for TLS clients by\nrejecting handshakes with DH parameters shorter than 768 bits in\nreleases 1.0.2b and 1.0.1n. \n\nThis limit has been increased to 1024 bits in this release, to offer\nstronger cryptographic assurance for all TLS connections using\nephemeral Diffie-Hellman key exchange. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2f\nOpenSSL 1.0.1 users should upgrade to 1.0.1r\n\nThe fix was developed by Kurt Roeckx of the OpenSSL development team. \n\nNote\n====\n\nAs per our previous announcements and our Release Strategy\n(https://www.openssl.org/policies/releasestrat.html), support for OpenSSL\nversion 1.0.1 will cease on 31st December 2016. No security updates for that\nversion will be provided after that date. Users of 1.0.1 are\nadvised to upgrade. \n\nSupport for versions 0.9.8 and 1.0.0 ended on 31st December 2015. Those versions\nare no longer receiving security updates. \n\nReferences\n==========\n\nURL for this Security Advisory:\nhttps://www.openssl.org/news/secadv/20160128.txt\n\nNote: the online version of the advisory may be updated with additional\ndetails over time. \n\nFor details of OpenSSL severity classifications please see:\nhttps://www.openssl.org/policies/secpolicy.html\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-3197"
},
{
"db": "CERT/CC",
"id": "VU#257823"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006985"
},
{
"db": "BID",
"id": "82237"
},
{
"db": "BID",
"id": "74491"
},
{
"db": "VULMON",
"id": "CVE-2015-3197"
},
{
"db": "PACKETSTORM",
"id": "136213"
},
{
"db": "PACKETSTORM",
"id": "141101"
},
{
"db": "PACKETSTORM",
"id": "135596"
},
{
"db": "PACKETSTORM",
"id": "136032"
},
{
"db": "PACKETSTORM",
"id": "135515"
},
{
"db": "PACKETSTORM",
"id": "136034"
},
{
"db": "PACKETSTORM",
"id": "136132"
},
{
"db": "PACKETSTORM",
"id": "169661"
}
],
"trust": 3.69
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-3197",
"trust": 3.9
},
{
"db": "CERT/CC",
"id": "VU#257823",
"trust": 3.6
},
{
"db": "BID",
"id": "82237",
"trust": 2.0
},
{
"db": "SIEMENS",
"id": "SSA-412672",
"trust": 1.7
},
{
"db": "BID",
"id": "91787",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1034849",
"trust": 1.7
},
{
"db": "JUNIPER",
"id": "JSA10759",
"trust": 1.7
},
{
"db": "JVN",
"id": "JVNVU95668716",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006985",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2022.0696",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201602-026",
"trust": 0.6
},
{
"db": "CERT/CC",
"id": "VU#583776",
"trust": 0.3
},
{
"db": "MCAFEE",
"id": "SB10203",
"trust": 0.3
},
{
"db": "BID",
"id": "74491",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-22-349-21",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2015-3197",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136213",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "141101",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "135596",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136032",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "135515",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136034",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136132",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169661",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#257823"
},
{
"db": "VULMON",
"id": "CVE-2015-3197"
},
{
"db": "BID",
"id": "82237"
},
{
"db": "BID",
"id": "74491"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006985"
},
{
"db": "PACKETSTORM",
"id": "136213"
},
{
"db": "PACKETSTORM",
"id": "141101"
},
{
"db": "PACKETSTORM",
"id": "135596"
},
{
"db": "PACKETSTORM",
"id": "136032"
},
{
"db": "PACKETSTORM",
"id": "135515"
},
{
"db": "PACKETSTORM",
"id": "136034"
},
{
"db": "PACKETSTORM",
"id": "136132"
},
{
"db": "PACKETSTORM",
"id": "169661"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-026"
},
{
"db": "NVD",
"id": "CVE-2015-3197"
}
]
},
"id": "VAR-201602-0272",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.535906682
},
"last_update_date": "2024-07-23T21:05:01.067000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HS16-015",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/prod/comp/soft1/global/security/info/vuls/hs16-015/index.html"
},
{
"title": "NV16-007",
"trust": 0.8,
"url": "http://jpn.nec.com/security-info/secinfo/nv16-007.html"
},
{
"title": "LibreSSL 2.3.2 Release Notes",
"trust": 0.8,
"url": "http://ftp.openbsd.org/pub/openbsd/libressl/libressl-2.3.2-relnotes.txt"
},
{
"title": "LibreSSL 2.2.6 Release Notes",
"trust": 0.8,
"url": "http://ftp.openbsd.org/pub/openbsd/libressl/libressl-2.2.6-relnotes.txt"
},
{
"title": "Better SSLv2 cipher-suite enforcement",
"trust": 0.8,
"url": "https://git.openssl.org/?p=openssl.git;a=commit;h=d81a1600588b726c2bdccda7efad3cc7a87d6245"
},
{
"title": "SSLv2 doesn\u0027t block disabled ciphers (CVE-2015-3197)",
"trust": 0.8,
"url": "https://mta.openssl.org/pipermail/openssl-announce/2016-january/000061.html"
},
{
"title": "Oracle Critical Patch Update CVSS V2 Risk Matrices - April 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html"
},
{
"title": "Oracle Critical Patch Update Advisory - July 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"title": "Text Form of Oracle Critical Patch Update - April 2016 Risk Matrices",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2016verbose-2881709.html"
},
{
"title": "Oracle Critical Patch Update Advisory - October 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"title": "Text Form of Oracle Critical Patch Update - October 2016 Risk Matrices",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016verbose-2881725.html"
},
{
"title": "Text Form of Oracle Critical Patch Update - July 2016 Risk Matrices",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2016verbose-2881721.html"
},
{
"title": "Oracle Critical Patch Update Advisory - April 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
},
{
"title": "Oracle Linux Bulletin - January 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
},
{
"title": "Oracle Solaris Third Party Bulletin - January 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
},
{
"title": "Oracle VM Server for x86 Bulletin - July 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
},
{
"title": "April 2016 Critical Patch Update Released",
"trust": 0.8,
"url": "https://blogs.oracle.com/security/entry/april_2016_critical_patch_update"
},
{
"title": "October 2016 Critical Patch Update Released",
"trust": 0.8,
"url": "https://blogs.oracle.com/security/entry/october_2016_critical_patch_update"
},
{
"title": "July 2016 Critical Patch Update Released",
"trust": 0.8,
"url": "https://blogs.oracle.com/security/entry/july_2016_critical_patch_update"
},
{
"title": "TLSA-2016-6",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2016/tlsa-2016-6j.html"
},
{
"title": "HS16-015",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/prod/comp/soft1/security/info/vuls/hs16-015/index.html"
},
{
"title": "OpenSSL Security vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=60033"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2016/01/29/openssl_patch_quashes_rare_https_nasty_shores_up_crypto_chops/"
},
{
"title": "Red Hat: CVE-2015-3197",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2015-3197"
},
{
"title": "Cisco: Multiple Vulnerabilities in OpenSSL (January 2016) Affecting Cisco Products",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20160129-openssl"
},
{
"title": "Amazon Linux AMI: ALAS-2016-682",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2016-682"
},
{
"title": "Symantec Security Advisories: SA111 : OpenSSL Vulnerabilities 28-Jan-2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=83d562565218abbdbef42ef8962d127b"
},
{
"title": "Amazon Linux AMI: ALAS-2016-661",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2016-661"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=523d3f220a64ff01dd95e064bd37566a"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - January 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=eb439566c9130adc92d21bc093204cf8"
},
{
"title": "Oracle VM Server for x86 Bulletins: Oracle VM Server for x86 Bulletin - July 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_vm_server_for_x86_bulletins\u0026qid=6c15273f6bf4a785175f27073b98a1ce"
},
{
"title": "Oracle Linux Bulletins: Oracle Linux Bulletin - January 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=8ad80411af3e936eb2998df70506cc71"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=05aabe19d38058b7814ef5514aab4c0c"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - July 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=2f446a7e1ea263c0c3a365776c6713f2"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - April 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=122319027ae43d6d626710f1b1bb1d43"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - July 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=3a04485ebb79f7fbc2472bf9af5ce489"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2015-3197 "
},
{
"title": "changelog",
"trust": 0.1,
"url": "https://github.com/halon/changelog "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/imhunterand/hackerone-publicy-disclosed "
},
{
"title": "satellite-host-cve",
"trust": 0.1,
"url": "https://github.com/redhatsatellite/satellite-host-cve "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-3197"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006985"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-026"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-310",
"trust": 1.8
},
{
"problemtype": "CWE-200",
"trust": 1.8
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-006985"
},
{
"db": "NVD",
"id": "CVE-2015-3197"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.9,
"url": "https://www.kb.cert.org/vuls/id/257823"
},
{
"trust": 2.0,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"trust": 2.0,
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
},
{
"trust": 2.0,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
},
{
"trust": 2.0,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"trust": 1.8,
"url": "http://www.openssl.org/news/secadv/20160128.txt"
},
{
"trust": 1.8,
"url": "https://security.gentoo.org/glsa/201601-05"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/91787"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/82237"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00015.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00017.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00003.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00010.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00007.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00009.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00001.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00017.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00004.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00025.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00002.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00006.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00038.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00012.html"
},
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
},
{
"trust": 1.7,
"url": "https://security.freebsd.org/advisories/freebsd-sa-16:11.openssl.asc"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"trust": 1.7,
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03724en_us"
},
{
"trust": 1.7,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05390893"
},
{
"trust": 1.7,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10759"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1034849"
},
{
"trust": 1.7,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-january/176373.html"
},
{
"trust": 1.4,
"url": "https://mta.openssl.org/pipermail/openssl-announce/2016-january/000061.html"
},
{
"trust": 1.1,
"url": "https://www.openssl.org/news/vulnerabilities.html#y2016"
},
{
"trust": 1.1,
"url": "https://git.openssl.org/?p=openssl.git%3ba=commit%3bh=d81a1600588b726c2bdccda7efad3cc7a87d6245"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3197"
},
{
"trust": 0.8,
"url": "http://intothesymmetry.blogspot.com/2016/01/openssl-key-recovery-attack-on-dh-small.html"
},
{
"trust": 0.8,
"url": "http://tools.ietf.org/html/rfc5114"
},
{
"trust": 0.8,
"url": "http://webstore.ansi.org/recorddetail.aspx?sku=ansi+x9.42-2003+%28r2013%29"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu95668716/"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-3197"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3197"
},
{
"trust": 0.6,
"url": "https://gtacknowledge.extremenetworks.com/articles/vulnerability_notice/vn-2016-002-openssl/?q=cve-2015-3197\u0026l=en_us\u0026fs=search\u0026pn=1"
},
{
"trust": 0.6,
"url": "https://git.openssl.org/?p=openssl.git;a=commit;h=d81a1600588b726c2bdccda7efad3cc7a87d6245"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2015-3197"
},
{
"trust": 0.5,
"url": "https://openssl.org/news/secadv/20160128.txt"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0293"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2015-0293"
},
{
"trust": 0.4,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2016-0800"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0800"
},
{
"trust": 0.3,
"url": "http://openssl.org/"
},
{
"trust": 0.3,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160129-openssl"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html"
},
{
"trust": 0.3,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10203"
},
{
"trust": 0.3,
"url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory17.asc"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1023433"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1023836"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1023987"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5099307"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1021143"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1021265"
},
{
"trust": 0.3,
"url": "https://www.freebsd.org/security/advisories/freebsd-sa-16:11.openssl.asc"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2016-0303.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2016-0379.html"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1024066"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005820"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1009610"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976345"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976356"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21977014"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21977018"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21977144"
},
{
"trust": 0.3,
"url": "https://www-01.ibm.com/support/docview.wss?uid=swg21978361"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21978438"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21978941"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21979086"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21979209"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21980207"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21980965"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21980969"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21981438"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21982099"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21982336"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21982697"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21984601"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21985213"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21985698"
},
{
"trust": 0.3,
"url": "https://www-01.ibm.com/support/docview.wss?uid=swg21987174"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21987175"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/583776"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21979476"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
},
{
"trust": 0.3,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=38591"
},
{
"trust": 0.3,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20150506-ucsc"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0701"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/articles/2176731"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0704"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2016-0704"
},
{
"trust": 0.3,
"url": "https://openssl.org/news/secadv/20160301.txt"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2016-0703"
},
{
"trust": 0.3,
"url": "https://drownattack.com/"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0703"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/310.html"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/200.html"
},
{
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2015-3197"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/halon/changelog"
},
{
"trust": 0.1,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-21"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2016-0445.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?downloadtype=securitypatches\u0026product=webserver\u0026version=2.1.0"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05390893"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/support/security_bulletin_archive"
},
{
"trust": 0.1,
"url": "https://www.hpe.com/info/report-security-vulnerability"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c01345499"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/support/subscriber_choice"
},
{
"trust": 0.1,
"url": "http://slackware.com"
},
{
"trust": 0.1,
"url": "http://osuosl.org)"
},
{
"trust": 0.1,
"url": "http://slackware.com/gpg-key"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2016-0304.html"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-3197"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0701"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2016-0306.html"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2016-0372.html"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/policies/secpolicy.html"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/policies/releasestrat.html),"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4000"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#257823"
},
{
"db": "VULMON",
"id": "CVE-2015-3197"
},
{
"db": "BID",
"id": "82237"
},
{
"db": "BID",
"id": "74491"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006985"
},
{
"db": "PACKETSTORM",
"id": "136213"
},
{
"db": "PACKETSTORM",
"id": "141101"
},
{
"db": "PACKETSTORM",
"id": "135596"
},
{
"db": "PACKETSTORM",
"id": "136032"
},
{
"db": "PACKETSTORM",
"id": "135515"
},
{
"db": "PACKETSTORM",
"id": "136034"
},
{
"db": "PACKETSTORM",
"id": "136132"
},
{
"db": "PACKETSTORM",
"id": "169661"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-026"
},
{
"db": "NVD",
"id": "CVE-2015-3197"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#257823"
},
{
"db": "VULMON",
"id": "CVE-2015-3197"
},
{
"db": "BID",
"id": "82237"
},
{
"db": "BID",
"id": "74491"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006985"
},
{
"db": "PACKETSTORM",
"id": "136213"
},
{
"db": "PACKETSTORM",
"id": "141101"
},
{
"db": "PACKETSTORM",
"id": "135596"
},
{
"db": "PACKETSTORM",
"id": "136032"
},
{
"db": "PACKETSTORM",
"id": "135515"
},
{
"db": "PACKETSTORM",
"id": "136034"
},
{
"db": "PACKETSTORM",
"id": "136132"
},
{
"db": "PACKETSTORM",
"id": "169661"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-026"
},
{
"db": "NVD",
"id": "CVE-2015-3197"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-01-28T00:00:00",
"db": "CERT/CC",
"id": "VU#257823"
},
{
"date": "2016-02-15T00:00:00",
"db": "VULMON",
"id": "CVE-2015-3197"
},
{
"date": "2016-01-28T00:00:00",
"db": "BID",
"id": "82237"
},
{
"date": "2015-05-06T00:00:00",
"db": "BID",
"id": "74491"
},
{
"date": "2016-03-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006985"
},
{
"date": "2016-03-14T23:44:31",
"db": "PACKETSTORM",
"id": "136213"
},
{
"date": "2017-02-15T14:19:58",
"db": "PACKETSTORM",
"id": "141101"
},
{
"date": "2016-02-04T21:45:07",
"db": "PACKETSTORM",
"id": "135596"
},
{
"date": "2016-03-02T15:44:44",
"db": "PACKETSTORM",
"id": "136032"
},
{
"date": "2016-01-29T23:23:00",
"db": "PACKETSTORM",
"id": "135515"
},
{
"date": "2016-03-02T18:33:33",
"db": "PACKETSTORM",
"id": "136034"
},
{
"date": "2016-03-09T15:25:36",
"db": "PACKETSTORM",
"id": "136132"
},
{
"date": "2016-01-28T12:12:12",
"db": "PACKETSTORM",
"id": "169661"
},
{
"date": "2016-01-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201602-026"
},
{
"date": "2016-02-15T02:59:01.980000",
"db": "NVD",
"id": "CVE-2015-3197"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-01-29T00:00:00",
"db": "CERT/CC",
"id": "VU#257823"
},
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2015-3197"
},
{
"date": "2017-12-19T22:01:00",
"db": "BID",
"id": "82237"
},
{
"date": "2016-07-21T02:00:00",
"db": "BID",
"id": "74491"
},
{
"date": "2016-11-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006985"
},
{
"date": "2022-12-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201602-026"
},
{
"date": "2023-11-07T02:25:31.933000",
"db": "NVD",
"id": "CVE-2015-3197"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "135515"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-026"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL re-uses unsafe prime numbers in Diffie-Hellman protocol",
"sources": [
{
"db": "CERT/CC",
"id": "VU#257823"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201602-026"
}
],
"trust": 0.6
}
}
VAR-201404-0008
Vulnerability from variot - Updated: 2024-07-23 20:53Race condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, allows remote attackers to inject data across sessions or cause a denial of service (use-after-free and parsing error) via an SSL connection in a multithreaded environment. OpenSSL is prone to a remote memory-corruption vulnerability. An attacker can exploit this issue to cause denial-of-service condition. Due to the nature of this issue, arbitrary code execution may be possible; however, this has not been confirmed. As long as all other products which SMH V7.3.3.1 for Linux x86 communicates with have been upgraded to the latest versions, it will not be vulnerable to the exploits described in CVE-2014-0224. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
ESA-2014-079: EMC Documentum Content Server Multiple Vulnerabilities
EMC Identifier: ESA-2014-079
CVE Identifier: See below for individual CVEs
Severity Rating: CVSS v2 Base Score: See below for individual CVSS score for each CVE
Affected products:
\x95 All EMC Documentum Content Server versions of 7.1 prior to P07
\x95 All EMC Documentum Content Server versions of 7.0
\x95 All EMC Documentum Content Server versions of 6.7 SP2 prior to P16
\x95 All EMC Documentum Content Server versions of 6.7 SP1
\x95 All EMC Documentum Content Server versions prior to 6.7 SP1
Summary:
EMC Documentum Content Server contains fixes for multiple vulnerabilities which also include vulnerabilities disclosed by the OpenSSL project on June 5, 2014 in OpenSSL.
Details: EMC Documentum Content Server may be susceptible to the following vulnerabilities:
\x95 Arbitrary Code Execution (CVE-2014-4618): Authenticated non-privileged users can potentially execute Documentum methods with higher level privileges (up to and including superuser privileges) due to improper authorization checks being performed on user-created system objects. CVSS v2 Base Score: 8.2 (AV:N/AC:M/Au:S/C:C/I:C/A:P)
\x95 DQL Injection (CVE-2014-2520): Certain DQL hints in EMC Documentum Content Server may be potentially exploited by an authenticated non-privileged malicious user to conduct DQL injection attacks and read the database contents. CVSS v2 Base Score: 6.3 (AV:N/AC:M/Au:S/C:C/I:N/A:N)
\x95 Information Disclosure (CVE-2014-2521): Authenticated non-privileged users are allowed to retrieve meta-data of unauthorized system objects due to improper authorization checks being performed on certain RPC commands in Content Server. CVSS v2 Base Score: 6.3 (AV:N/AC:M/Au:S/C:C/I:N/A:N)
\x95 Multiple OpenSSL vulnerabilities (See individual CVEs below and refer to NVD for each of their scores): SSL/TLS Man-in-the-middle (MITM) vulnerability (CVE-2014-0224) DTLS recursion flaw (CVE-2014-0221) DTLS invalid fragment vulnerability (CVE-2014-0195) SSL_MODE_RELEASE_BUFFERS NULL pointer deference (CVE-2014-0198) SSL_MODE_RELEASE_BUFFERS session injection or denial of service (CVE-2010-5298) Anonymous ECDH denial of service (CVE-2014-3470) FLUSH + RELOAD cache side-channel attack (CVE-2014-0076) For more information about these vulnerabilities, please visit the original OpenSSL advisory https://www.openssl.org/news/secadv_20140605.txt
Resolution: The following versions contain the resolution for these issues: \x95 EMC Documentum Content Server version 7.1 P07 and later \x95 EMC Documentum Content Server version 7.0: Hotfixes are available for Windows & Linux. Contact EMC Support to obtain them. For Solaris and AIX, contact EMC Support to open Hotfix requests. \x95 EMC Documentum Content Server version 6.7 SP2 P16 and later \x95 EMC Documentum Content Server version 6.7 SP1: Hotfixes are available for Windows & Linux. Contact EMC Support to obtain them. For Solaris and AIX, contact EMC Support to open Hotfix requests.
EMC recommends all customers to upgrade to one of the above versions at the earliest opportunity.
Link to remedies: Registered EMC Online Support customers can download patches and software from support.emc.com at: https://support.emc.com/downloads/2732_Documentum-Server
For Hotfix, contact EMC Support.
Read and use the information in this EMC Security Advisory to assist in avoiding any situation that might arise from the problems described herein. If you have any questions regarding this product alert, contact EMC Software Technical Support at 1-877-534-2867.
For an explanation of Severity Ratings, refer to EMC Knowledgebase solution emc218831. EMC recommends all customers take into account both the base score and any relevant temporal and environmental scores which may impact the potential severity associated with particular security vulnerability.
EMC Corporation distributes EMC Security Advisories, in order to bring to the attention of users of the affected EMC products, important security information. EMC recommends that all users determine the applicability of this information to their individual situations and take appropriate action. EMC disclaims all warranties, either express or implied, including the warranties of merchantability, fitness for a particular purpose, title and non-infringement. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages, so the foregoing limitation may not apply.
Release Date: 2014-08-08 Last Updated: 2014-08-08
Potential Security Impact: Remote denial of service (DoS), code execution, unauthorized access, disclosure of information
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP System Management Homepage (SMH), HP Smart Update Manager (SUM), and HP Version Control Agent (VCA) running on Linux and Windows. These components of HP Insight Control server deployment could be exploited remotely resulting in denial of service (DoS), code execution, unauthorized access, or disclosure of information.
HP Insight Control server deployment packages HP System Management Homepage (SMH) and HP Version Control Agent (VCA), and HP Smart Update Manager (SUM) and deploys them through the following components. This bulletin provides the information needed to update the HP Insight Control server deployment solution.
Install HP Management Agents for Windows x86/x64 Install HP Management Agents for RHEL 5 x64 Install HP Management Agents for RHEL 6 x64 Install HP Management Agents for SLES 10 x64 Install HP Management Agents for SLES 11 x64 Upgrade Proliant Firmware
References:
CVE-2010-5298 Remote Denial of Service CVE-2014-0076 Unauthorized Disclosure of Information CVE-2014-0195 Remote Unauthorized Access CVE-2014-0198 Remote Denial of Service CVE-2014-0221 Remote Denial of Service (DoS) CVE-2014-0224 Remote Unauthorized Access or Disclosure of Information CVE-2014-3470 Remote Code Execution or Unauthorized Access SSRT101628
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP Insight Control server deployment v7.1.2, v7.2.0, v7.2.1, v7.2.2, v7.3.1
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2010-5298 (AV:N/AC:H/Au:N/C:N/I:P/A:P) 4.0 CVE-2014-0076 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2014-0195 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2014-0198 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2014-0221 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2014-0224 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2014-3470 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has provided the following updates to v7.3.1 of HP Insight Control server deployment to resolve this vulnerability. HP has provided manual update steps if a version upgrade is not possible; if users wish to remain at v7.1.2, v7.2.0, or v7.2.1.
Note: It is important to check your current running version of HP Insight Control server deployment and to follow the correct steps listed below. For HP Insight Control server deployment v7.2.2, users must upgrade to v7.3.1 and follow the steps below to remove the vulnerability. The vulnerability known as Heartbleed (CVE-2014-0160) was fixed in HP Insight Control server deployment v7.3.1. That Security Bulletin with instructions on how to upgrade to v7.3.1 can be found here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_n a-c04267749
HP Insight Control server deployment users of v7.1.2, v7.2.0, v7.2.1 should take the following steps to remove this vulnerability.
Delete the files smhamd64-.exe/smhx86-.exe" from Component Copy Location listed in the following table, rows 1 and 2. Delete the files "vcax86-.exe/vcaamd64-.exe from Component Copy Location listed in the following table, rows 3 and 4. Delete the files hpsmh-7.*.rpm" from Component Copy Location listed in row 5. In sequence, perform the steps from left to right in the following table. First, download components from Download Link; Second, rename the component as suggested in Rename to. Third, copy the component to the location specified in Component Copy Location. Table Row Number Download Link Rename to Component Copy Location
1 http://www.hp.com/swpublishing/MTX-e8076c2a35804685ad65b2b1ba smhamd64-ccp023716.exe \express\hpfeatures\hpagents-ws\components\Win2008
2 http://www.hp.com/swpublishing/MTX-3395d737d98f42149125b9bb05 smhx86-cp023715.exe \express\hpfeatures\hpagents-ws\components\Win2008
3 http://www.hp.com/swpublishing/MTX-8aefeaf490284a7691eca97d13 vcax86-cp023742.exe \express\hpfeatures\hpagents-ws\components\Win2008
4 http://www.hp.com/swpublishing/MTX-c0d32bac154a4d93839d8cd1f2 vcaamd64-cp023743.exe \express\hpfeatures\hpagents-ws\components\Win2008
5 http://www.hp.com/swpublishing/MTX-bd9a1cf60e344c549c4888db93 Do not rename the downloaded component for this step. \express\hpfeatures\hpagents-sles11-x64\components \express\hpfeatures\hpagents-sles10-x64\components \express\hpfeatures\hpagents-rhel5-x64\components \express\hpfeatures\hpagents-rhel6-x64\components
Download and extract the HPSUM 5.3.6 component from ftp://ftp.hp.com/pub/softlib2/software1/pubsw-windows/p750586112/v99793
Copy all content from extracted ZIP folder and paste into \eXpress\hpfeatures\fw-proLiant\components Initiate Install HP Management Agents for SLES 11 x64 on targets running SLES11 x64. Initiate Install HP Management Agents for SLES 10 x64 on targets running SLES10 x64. Initiate Install HP Management Agents for RHEL 6 x64 on targets running RHEL 6 x64. Initiate Install HP Management Agents for RHEL 5 x64 on targets running RHEL 5 x64. Initiate Install HP Management Agents for Windows x86/x64 on targets running Windows.
HP Insight Control server deployment users with v7.2.2:
Please upgrade to Insight Control server deployment v7.3.1 and follow the steps below for v7.3.1.
HP Insight Control server deployment users with v7.3.1:
Perform steps 1 - 4 as outlined above for users with HP Insight Control server deployment v7.1.2, v7.2.0, and v7.2.1. Download the HP SUM ZIP file from http://www.hp.com/swpublishing/MTX-f6c141a7feeb4a358bbb28300f
Extract the contents from the HP SUM ZIP file to \eXpress\hpfeatures\fw-proLiant\components location on the Insight Control server deployment server
Related security bulletins:
For System Management Homepage please see Security bulletin HPSBMU03051 https ://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c04 345210
For HP Version Control Agent please see Security bulletin HPSBMU03057 https:/ /h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c0434 9897
HISTORY Version:1 (rev.1) - 8 August 2014 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2014 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: openssl security update Advisory ID: RHSA-2014:0625-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0625.html Issue date: 2014-06-05 CVE Names: CVE-2010-5298 CVE-2014-0195 CVE-2014-0198 CVE-2014-0221 CVE-2014-0224 CVE-2014-3470 =====================================================================
- Summary:
Updated openssl packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6.
The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64
- Description:
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library.
It was found that OpenSSL clients and servers could be forced, via a specially crafted handshake packet, to use weak keying material for communication. A man-in-the-middle attacker could use this flaw to decrypt and modify traffic between a client and a server. (CVE-2014-0224)
Note: In order to exploit this flaw, both the server and the client must be using a vulnerable version of OpenSSL; the server must be using OpenSSL version 1.0.1 and above, and the client must be using any version of OpenSSL. For more information about this flaw, refer to: https://access.redhat.com/site/articles/904433
A buffer overflow flaw was found in the way OpenSSL handled invalid DTLS packet fragments. A remote attacker could possibly use this flaw to execute arbitrary code on a DTLS client or server. (CVE-2014-0195)
Multiple flaws were found in the way OpenSSL handled read and write buffers when the SSL_MODE_RELEASE_BUFFERS mode was enabled. A TLS/SSL client or server using OpenSSL could crash or unexpectedly drop connections when processing certain SSL traffic. (CVE-2010-5298, CVE-2014-0198)
A denial of service flaw was found in the way OpenSSL handled certain DTLS ServerHello requests. A specially crafted DTLS handshake packet could cause a DTLS client using OpenSSL to crash. (CVE-2014-0221)
A NULL pointer dereference flaw was found in the way OpenSSL performed anonymous Elliptic Curve Diffie Hellman (ECDH) key exchange. A specially crafted handshake packet could cause a TLS/SSL client that has the anonymous ECDH cipher suite enabled to crash. (CVE-2014-3470)
Red Hat would like to thank the OpenSSL project for reporting these issues. Upstream acknowledges KIKUCHI Masashi of Lepidum as the original reporter of CVE-2014-0224, Jüri Aedla as the original reporter of CVE-2014-0195, Imre Rad of Search-Lab as the original reporter of CVE-2014-0221, and Felix Gröbert and Ivan Fratrić of Google as the original reporters of CVE-2014-3470.
All OpenSSL users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. For the update to take effect, all services linked to the OpenSSL library (such as httpd and other SSL-enabled services) must be restarted or the system rebooted.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1087195 - CVE-2010-5298 openssl: freelist misuse causing a possible use-after-free 1093837 - CVE-2014-0198 openssl: SSL_MODE_RELEASE_BUFFERS NULL pointer dereference in do_ssl3_write() 1103586 - CVE-2014-0224 openssl: SSL/TLS MITM vulnerability 1103593 - CVE-2014-0221 openssl: DoS when sending invalid DTLS handshake 1103598 - CVE-2014-0195 openssl: Buffer overflow via DTLS invalid fragment 1103600 - CVE-2014-3470 openssl: client-side denial of service when using anonymous ECDH
- Package List:
Red Hat Enterprise Linux Desktop (v. 6):
Source: openssl-1.0.1e-16.el6_5.14.src.rpm
i386: openssl-1.0.1e-16.el6_5.14.i686.rpm openssl-debuginfo-1.0.1e-16.el6_5.14.i686.rpm
x86_64: openssl-1.0.1e-16.el6_5.14.i686.rpm openssl-1.0.1e-16.el6_5.14.x86_64.rpm openssl-debuginfo-1.0.1e-16.el6_5.14.i686.rpm openssl-debuginfo-1.0.1e-16.el6_5.14.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
Source: openssl-1.0.1e-16.el6_5.14.src.rpm
i386: openssl-debuginfo-1.0.1e-16.el6_5.14.i686.rpm openssl-devel-1.0.1e-16.el6_5.14.i686.rpm openssl-perl-1.0.1e-16.el6_5.14.i686.rpm openssl-static-1.0.1e-16.el6_5.14.i686.rpm
x86_64: openssl-debuginfo-1.0.1e-16.el6_5.14.i686.rpm openssl-debuginfo-1.0.1e-16.el6_5.14.x86_64.rpm openssl-devel-1.0.1e-16.el6_5.14.i686.rpm openssl-devel-1.0.1e-16.el6_5.14.x86_64.rpm openssl-perl-1.0.1e-16.el6_5.14.x86_64.rpm openssl-static-1.0.1e-16.el6_5.14.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source: openssl-1.0.1e-16.el6_5.14.src.rpm
x86_64: openssl-1.0.1e-16.el6_5.14.i686.rpm openssl-1.0.1e-16.el6_5.14.x86_64.rpm openssl-debuginfo-1.0.1e-16.el6_5.14.i686.rpm openssl-debuginfo-1.0.1e-16.el6_5.14.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
Source: openssl-1.0.1e-16.el6_5.14.src.rpm
x86_64: openssl-debuginfo-1.0.1e-16.el6_5.14.i686.rpm openssl-debuginfo-1.0.1e-16.el6_5.14.x86_64.rpm openssl-devel-1.0.1e-16.el6_5.14.i686.rpm openssl-devel-1.0.1e-16.el6_5.14.x86_64.rpm openssl-perl-1.0.1e-16.el6_5.14.x86_64.rpm openssl-static-1.0.1e-16.el6_5.14.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source: openssl-1.0.1e-16.el6_5.14.src.rpm
i386: openssl-1.0.1e-16.el6_5.14.i686.rpm openssl-debuginfo-1.0.1e-16.el6_5.14.i686.rpm openssl-devel-1.0.1e-16.el6_5.14.i686.rpm
ppc64: openssl-1.0.1e-16.el6_5.14.ppc.rpm openssl-1.0.1e-16.el6_5.14.ppc64.rpm openssl-debuginfo-1.0.1e-16.el6_5.14.ppc.rpm openssl-debuginfo-1.0.1e-16.el6_5.14.ppc64.rpm openssl-devel-1.0.1e-16.el6_5.14.ppc.rpm openssl-devel-1.0.1e-16.el6_5.14.ppc64.rpm
s390x: openssl-1.0.1e-16.el6_5.14.s390.rpm openssl-1.0.1e-16.el6_5.14.s390x.rpm openssl-debuginfo-1.0.1e-16.el6_5.14.s390.rpm openssl-debuginfo-1.0.1e-16.el6_5.14.s390x.rpm openssl-devel-1.0.1e-16.el6_5.14.s390.rpm openssl-devel-1.0.1e-16.el6_5.14.s390x.rpm
x86_64: openssl-1.0.1e-16.el6_5.14.i686.rpm openssl-1.0.1e-16.el6_5.14.x86_64.rpm openssl-debuginfo-1.0.1e-16.el6_5.14.i686.rpm openssl-debuginfo-1.0.1e-16.el6_5.14.x86_64.rpm openssl-devel-1.0.1e-16.el6_5.14.i686.rpm openssl-devel-1.0.1e-16.el6_5.14.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
Source: openssl-1.0.1e-16.el6_5.14.src.rpm
i386: openssl-debuginfo-1.0.1e-16.el6_5.14.i686.rpm openssl-perl-1.0.1e-16.el6_5.14.i686.rpm openssl-static-1.0.1e-16.el6_5.14.i686.rpm
ppc64: openssl-debuginfo-1.0.1e-16.el6_5.14.ppc64.rpm openssl-perl-1.0.1e-16.el6_5.14.ppc64.rpm openssl-static-1.0.1e-16.el6_5.14.ppc64.rpm
s390x: openssl-debuginfo-1.0.1e-16.el6_5.14.s390x.rpm openssl-perl-1.0.1e-16.el6_5.14.s390x.rpm openssl-static-1.0.1e-16.el6_5.14.s390x.rpm
x86_64: openssl-debuginfo-1.0.1e-16.el6_5.14.x86_64.rpm openssl-perl-1.0.1e-16.el6_5.14.x86_64.rpm openssl-static-1.0.1e-16.el6_5.14.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source: openssl-1.0.1e-16.el6_5.14.src.rpm
i386: openssl-1.0.1e-16.el6_5.14.i686.rpm openssl-debuginfo-1.0.1e-16.el6_5.14.i686.rpm openssl-devel-1.0.1e-16.el6_5.14.i686.rpm
x86_64: openssl-1.0.1e-16.el6_5.14.i686.rpm openssl-1.0.1e-16.el6_5.14.x86_64.rpm openssl-debuginfo-1.0.1e-16.el6_5.14.i686.rpm openssl-debuginfo-1.0.1e-16.el6_5.14.x86_64.rpm openssl-devel-1.0.1e-16.el6_5.14.i686.rpm openssl-devel-1.0.1e-16.el6_5.14.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
Source: openssl-1.0.1e-16.el6_5.14.src.rpm
i386: openssl-debuginfo-1.0.1e-16.el6_5.14.i686.rpm openssl-perl-1.0.1e-16.el6_5.14.i686.rpm openssl-static-1.0.1e-16.el6_5.14.i686.rpm
x86_64: openssl-debuginfo-1.0.1e-16.el6_5.14.x86_64.rpm openssl-perl-1.0.1e-16.el6_5.14.x86_64.rpm openssl-static-1.0.1e-16.el6_5.14.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2010-5298.html https://www.redhat.com/security/data/cve/CVE-2014-0195.html https://www.redhat.com/security/data/cve/CVE-2014-0198.html https://www.redhat.com/security/data/cve/CVE-2014-0221.html https://www.redhat.com/security/data/cve/CVE-2014-0224.html https://www.redhat.com/security/data/cve/CVE-2014-3470.html https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/site/articles/904433 https://access.redhat.com/site/solutions/905793
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFTkGAKXlSAg2UNWIIRAnrwAJ9sLrj3wCAZhJU00jxgt03unDAHywCfVjUB pJJhdOUzRUL8R2haDM4xrsk= =hZF8 -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce. Unvalidated Redirect Vulnerability (CVE-2015-0512)
A potential vulnerability in Unisphere Central may allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks. The attacker can specify the location of the arbitrary site in the unvalidated parameter of a crafted URL. If this URL is accessed, the browser is redirected to the arbitrary site specified in the parameter.
CVSSv2 Base Score: 5.8 (AV:N/AC:M/Au:N/C:P/I:P/A:N)
- To search for a particular CVE, use the NVD database\x92s search utility at http://web.nvd.nist.gov/view/vuln/search
Resolution: The following Unisphere Central release contains resolutions to the above issues: \x95 Unisphere Central version 4.0.
The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack (CVE-2014-0076).
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug (CVE-2014-0160).
OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL communications, and consequently hijack sessions or obtain sensitive information, via a crafted TLS handshake, aka the CCS Injection vulnerability (CVE-2014-0224).
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the POODLE issue (CVE-2014-3566).
The BN_sqr implementation in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not properly calculate the square of a BIGNUM value, which might make it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors, related to crypto/bn/asm/mips.pl, crypto/bn/asm/x86_64-gcc.c, and crypto/bn/bn_asm.c (CVE-2014-3570).
The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct ECDHE-to-ECDH downgrade attacks and trigger a loss of forward secrecy by omitting the ServerKeyExchange message (CVE-2014-3572).
OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not enforce certain constraints on certificate data, which allows remote attackers to defeat a fingerprint-based certificate-blacklist protection mechanism by including crafted data within a certificate's unsigned portion, related to crypto/asn1/a_verify.c, crypto/dsa/dsa_asn1.c, crypto/ecdsa/ecs_vrf.c, and crypto/x509/x_all.c (CVE-2014-8275).
The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct RSA-to-EXPORT_RSA downgrade attacks and facilitate brute-force decryption by offering a weak ephemeral RSA key in a noncompliant role, related to the FREAK issue. NOTE: the scope of this CVE is only client code based on OpenSSL, not EXPORT_RSA issues associated with servers or other TLS implementations (CVE-2015-0204).
The ssl3_get_cert_verify function in s3_srvr.c in OpenSSL 1.0.0 before 1.0.0p and 1.0.1 before 1.0.1k accepts client authentication with a Diffie-Hellman (DH) certificate without requiring a CertificateVerify message, which allows remote attackers to obtain access without knowledge of a private key via crafted TLS Handshake Protocol traffic to a server that recognizes a Certification Authority with DH support (CVE-2015-0205).
The updated packages have been upgraded to the 1.0.1m version where these security flaws has been fixed.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5298 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0076 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0198 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0221 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3513 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3569 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3570 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3571 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3572 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8275 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0206 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0209 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0286 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0287 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0288 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0289 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0293 http://openssl.org/news/secadv_20150108.txt http://openssl.org/news/secadv_20150319.txt
Updated Packages:
Mandriva Business Server 2/X86_64: 324a85f7e1165ab02881e44dbddaf599 mbs2/x86_64/lib64openssl1.0.0-1.0.1m-1.mbs2.x86_64.rpm 9c0bfb6ebd43cb6d81872abf71b4f85f mbs2/x86_64/lib64openssl-devel-1.0.1m-1.mbs2.x86_64.rpm 58df54e72ca7270210c7d8dd23df402b mbs2/x86_64/lib64openssl-engines1.0.0-1.0.1m-1.mbs2.x86_64.rpm b5313ffb5baaa65aea05eb05486d309a mbs2/x86_64/lib64openssl-static-devel-1.0.1m-1.mbs2.x86_64.rpm a9890ce4c33630cb9e00f3b2910dd784 mbs2/x86_64/openssl-1.0.1m-1.mbs2.x86_64.rpm 521297a5fe26e2de0c1222d8d03382d1 mbs2/SRPMS/openssl-1.0.1m-1.mbs2.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/en/support/security/advisories/
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux)
iD8DBQFVFTm1mqjQ0CJFipgRAoYFAKCaubn00colzVNnUBFjSElyDptGMQCfaGoS kz0ex6eI6hA6qSwklA2NoXY= =GYjX -----END PGP SIGNATURE----- . These vulnerabilities include:
-
The SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" also known as "POODLE", which could be exploited remotely resulting in disclosure of information.
-
HP StoreVirtual VSA Software 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4130 600GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4130 600GB China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 1TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 450GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 1TB MDL China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 450GB China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 900GB China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 FC 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 FC 900GB China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 2TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 3TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 450GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 600GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4630 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4730 600GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4730 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4730 FC 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 450GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 900GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 1TB MDL SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 3TB MDL SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 450GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4335 China Hybrid Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4335 Hybrid Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 4TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4130 600GB China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4130 600GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 1TB MDL China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 1TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 1TB MDL SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 450GB China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 450GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 450GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 900GB China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 900GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 FC 900GB China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 FC 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4335 China Hybrid SAN Solution 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4335 China Hybrid Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4335 Hybrid SAN Solution 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4335 Hybrid Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 2TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 3TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 3TB MDL SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 450GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 450GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 4TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 600GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 600GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4630 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4730 600GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4730 600GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4730 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4730 900GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4730 FC 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
BACKGROUND
CVSS Base Metrics ================= Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector
CVE-2010-5298
4.8 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
4.0 (AV:N/AC:H/Au:N/C:N/I:P/A:P)
CVE-2014-0076
4.0 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1.9 (AV:L/AC:M/Au:N/C:P/I:N/A:N)
CVE-2014-0195
7.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVE-2014-0198
5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
CVE-2014-0221
5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
CVE-2014-0224
6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVE-2014-3470
5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
CVE-2014-3566
3.1 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)
CVE-2016-0705
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Information on CVSS is documented in
HPE Customer Notice HPSN-2008-002 here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499
RESOLUTION
HPE recommends applying the following software updates to resolve the vulnerabilities in the impacted versions of HPE StoreVirtual products running HPE LeftHand OS.
LeftHand OS v11.5 - Patches 45019-00 and 45020 LeftHand OS v12.0 - Patches 50016-00 and 50017-00 LeftHand OS v12.5 - Patch 55016-00 LeftHand OS v12.6 - Patch 56002-00
Notes:
These patches enable TLSv1.2 protocol and upgrades the OpenSSL RPM revision to OpenSSL v1.0.1e 48. These patches migrate Certificate Authority Hashing Algorithm from a weak hashing algorithm SHA1 to the stronger hashing algorithm SHA256. Summary
VMware product updates address OpenSSL security vulnerabilities. Relevant Releases
ESXi 5.5 prior to ESXi550-201406401-SG
- Problem Description
a.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2014-0224, CVE-2014-0198,
CVE-2010-5298, CVE-2014-3470, CVE-2014-0221 and CVE-2014-0195 to
these issues. The most important of these issues is
CVE-2014-0224.
CVE-2014-0198, CVE-2010-5298 and CVE-2014-3470 are considered to
be of moderate severity. Exploitation is highly unlikely or is
mitigated due to the application configuration.
CVE-2014-0221 and CVE-2014-0195, which are listed in the OpenSSL
Security Advisory (see Reference section below), do not affect
any VMware products. For readability
the affected products have been split into 3 tables below,
based on the different client-server configurations and
deployment scenarios. Applying these patches to
affected servers will mitigate the affected clients (See Table 1
below). can be mitigated by using a secure network such as
VPN (see Table 2 below).
Clients and servers that are deployed on an isolated network are
less exposed to CVE-2014-0224 (see Table 3 below). The affected
products are typically deployed to communicate over the
management network.
RECOMMENDATIONS
VMware recommends customers evaluate and deploy patches for
affected Servers in Table 1 below as these patches become
available. Patching these servers will remove the ability to
exploit the vulnerability described in CVE-2014-0224 on both
clients and servers. VMware recommends customers consider
applying patches to products listed in Table 2 & 3 as required.
Column 4 of the following tables lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============== ======= ======= =============
ESXi 5.5 ESXi ESXi550-
201406401-SG
Big Data Extensions 1.1 patch pending
Charge Back Manager 2.6 patch pending
Horizon Workspace Server
GATEWAY 1.8.1 patch pending
Horizon Workspace Server
GATEWAY 1.5 patch pending
Horizon Workspace Server
DATA 1.8.1 patch pending
Horizon Mirage Edge Gateway 4.4.2 patch pending
Horizon View 5.3.1 patch pending
Horizon View Feature Pack 5.3 SP2 patch pending
NSX for Multi-Hypervisor 4.1.2 patch pending
NSX for Multi-Hypervisor 4.0.3 patch pending
NSX for vSphere 6.0.4 patch pending
NVP 3.2.2 patch pending
vCAC 6.0.1 patch pending
vCloud Networking and Security 5.5.2 patch pending
vCloud Networking and Security 5.1.2 patch pending
vFabric Web Server 5.3.4 patch pending
vCHS - DPS-Data Protection 2.0 patch pending
Service
Table 2
========
Affected clients running a vulnerable version of OpenSSL 0.9.8
or 1.0.1 and communicating over an untrusted network.
VMware Product Running Replace with/
Product Version on Apply Patch
============== ======= ======= =============
vCSA 5.5 patch pending
vCSA 5.1 patch pending
vCSA 5.0 patch pending
ESXi 5.1 ESXi patch pending
ESXi 5.0 ESXi patch pending
Workstation 10.0.2 any patch pending
Workstation 9.0.3 any patch pending
Fusion 6.x OSX patch pending
Fusion 5.x OSX patch pending
Player 10.0.2 any patch pending
Player 9.0.3 any patch pending
Chargeback Manager 2.5.x patch pending
Horizon Workspace Client for 1.8.1 OSX patch pending
Mac
Horizon Workspace Client for 1.5 OSX patch pending
Mac
Horizon Workspace Client for 1.8.1 Windows patch pending
Windows
Horizon Workspace Client for 1.5 Windows patch pending
OVF Tool 3.5.1 patch pending
OVF Tool 3.0.1 patch pending
vCenter Operations Manager 5.8.1 patch pending
vCenter Support Assistant 5.5.0 patch pending
vCenter Support Assistant 5.5.1 patch pending
vCD 5.1.2 patch pending
vCD 5.1.3 patch pending
vCD 5.5.1.1 patch pending
vCenter Site Recovery Manager 5.0.3.1 patch pending
Table 3
=======
The following table lists all affected clients running a
vulnerable version of OpenSSL 0.9.8 or 1.0.1 and communicating
over an untrusted network.
VMware Product Running Replace with/
Product Version on Apply Patch
============== ======= ======= =============
vCenter Server 5.5 any patch pending
vCenter Server 5.1 any patch pending
vCenter Server 5.0 any patch pending
Update Manager 5.5 Windows patch pending
Update Manager 5.1 Windows patch pending
Update Manager 5.0 Windows patch pending
Config Manager (VCM) 5.6 patch pending
Horizon View Client 5.3.1 patch pending
Horizon View Client 4.x patch pending
Horizon Workspace 1.8.1 patch pending
Horizon Workspace 1.5 patch pending
ITBM Standard 1.0.1 patch pending
ITBM Standard 1.0 patch pending
Studio 2.6.0.0 patch pending
Usage Meter 3.3 patch pending
vCenter Chargeback Manager 2.6 patch pending
vCenter Converter Standalone 5.5 patch pending
vCenter Converter Standalone 5.1 patch pending
vCD (VCHS) 5.6.2 patch pending
vCenter Site Recovery Manager 5.5.1 patch pending
vCenter Site Recovery Manager 5.1.1 patch pending
vFabric Application Director 5.2.0 patch pending
vFabric Application Director 5.0.0 patch pending
View Client 5.3.1 patch pending
View Client 4.x patch pending
VIX API 5.5 patch pending
VIX API 1.12 patch pending
vMA (Management Assistant) 5.1.0.1 patch pending
VMware Data Recovery 2.0.3 patch pending
VMware vSphere CLI 5.5 patch pending
vSphere Replication 5.5.1 patch pending
vSphere Replication 5.6 patch pending
vSphere SDK for Perl 5.5 patch pending
vSphere Storage Appliance 5.5.1 patch pending
vSphere Storage Appliance 5.1.3 patch pending
vSphere Support Assistant 5.5.1 patch pending
vSphere Support Assistant 5.5.0 patch pending
vSphere Virtual Disk 5.5 patch pending
Development Kit
vSphere Virtual Disk 5.1 patch pending
Development Kit
vSphere Virtual Disk 5.0 patch pending
Development Kit
- Solution
ESXi 5.5
Download: https://www.vmware.com/patchmgr/download.portal
Release Notes and Remediation Instructions: http://kb.vmware.com/kb/2077359
- Change Log
2014-06-10 VMSA-2014-0006 Initial security advisory in conjunction with the release of ESXi 5.5 updates on 2014-06-10
- Contact
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
security-announce at lists.vmware.com
bugtraq at securityfocus.com
fulldisclosure at seclists.org
E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055
VMware Security Advisories http://www.vmware.com/security/advisories
VMware Security Response Policy https://www.vmware.com/support/policies/security_response.html
VMware Lifecycle Support Phases https://www.vmware.com/support/policies/lifecycle.html
Twitter https://twitter.com/VMwareSRC
Copyright 2014 VMware Inc. All rights reserved.
The attack can only be performed between a vulnerable client and server.
Thanks to KIKUCHI Masashi (Lepidum Co. Ltd.) for discovering and researching this issue. This issue was reported to OpenSSL on 1st May 2014 via JPCERT/CC.
The fix was developed by Stephen Henson of the OpenSSL core team partly based on an original patch from KIKUCHI Masashi.
DTLS recursion flaw (CVE-2014-0221)
By sending an invalid DTLS handshake to an OpenSSL DTLS client the code can be made to recurse eventually crashing in a DoS attack.
OpenSSL 0.9.8 DTLS users should upgrade to 0.9.8za OpenSSL 1.0.0 DTLS users should upgrade to 1.0.0m. OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1h.
Thanks to Imre Rad (Search-Lab Ltd.) for discovering this issue. This issue was reported to OpenSSL on 9th May 2014.
The fix was developed by Stephen Henson of the OpenSSL core team.
OpenSSL 0.9.8 DTLS users should upgrade to 0.9.8za OpenSSL 1.0.0 DTLS users should upgrade to 1.0.0m. OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1h.
Thanks to Jüri Aedla for reporting this issue. This issue was reported to OpenSSL on 23rd April 2014 via HP ZDI.
The fix was developed by Stephen Henson of the OpenSSL core team. This flaw only affects OpenSSL 1.0.0 and 1.0.1 where SSL_MODE_RELEASE_BUFFERS is enabled, which is not the default and not common.
OpenSSL 1.0.0 users should upgrade to 1.0.0m. OpenSSL 1.0.1 users should upgrade to 1.0.1h.
This issue was reported in public. The fix was developed by Matt Caswell of the OpenSSL development team. This flaw only affects multithreaded applications using OpenSSL 1.0.0 and 1.0.1, where SSL_MODE_RELEASE_BUFFERS is enabled, which is not the default and not common.
OpenSSL 1.0.0 users should upgrade to 1.0.0m. OpenSSL 1.0.1 users should upgrade to 1.0.1h.
This issue was reported in public.
OpenSSL 0.9.8 users should upgrade to 0.9.8za OpenSSL 1.0.0 users should upgrade to 1.0.0m. OpenSSL 1.0.1 users should upgrade to 1.0.1h.
Thanks to Felix Gröbert and Ivan Fratrić at Google for discovering this issue. This issue was reported to OpenSSL on 28th May 2014.
The fix was developed by Stephen Henson of the OpenSSL core team.
Other issues
OpenSSL 1.0.0m and OpenSSL 0.9.8za also contain a fix for CVE-2014-0076: Fix for the attack described in the paper "Recovering OpenSSL ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack" Reported by Yuval Yarom and Naomi Benger. This issue was previously fixed in OpenSSL 1.0.1g.
References
URL for this Security Advisory: http://www.openssl.org/news/secadv_20140605.txt
Note: the online version of the advisory may be updated with additional details over time.
HP Systems Insight Manager v7.3 Hotfix kit HP Systems Insight Manager v7.2 Hotfix kit
http://h18013.www1.hp.com/products/servers/management/hpsim/download.html
NOTE: No reboot of the system is required after applying the HP SIM Hotfix kit. ============================================================================ Ubuntu Security Notice USN-2192-1 May 05, 2014
openssl vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 LTS
- Ubuntu 13.10
- Ubuntu 12.10
- Ubuntu 12.04 LTS
Summary:
OpenSSL could be made to crash if it received specially crafted network traffic. (CVE-2010-5298)
It was discovered that OpenSSL incorrectly handled memory in the do_ssl3_write() function. (CVE-2014-0198)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 14.04 LTS: libssl1.0.0 1.0.1f-1ubuntu2.1
Ubuntu 13.10: libssl1.0.0 1.0.1e-3ubuntu1.3
Ubuntu 12.10: libssl1.0.0 1.0.1c-3ubuntu2.8
Ubuntu 12.04 LTS: libssl1.0.0 1.0.1-4ubuntu5.13
After a standard system update you need to reboot your computer to make all the necessary changes
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201404-0008",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "19"
},
{
"model": "linux enterprise software development kit",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"model": "mariadb",
"scope": "lt",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.0.13"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "20"
},
{
"model": "openssl",
"scope": "lte",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1g"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"model": "mariadb",
"scope": "gte",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.0.0"
},
{
"model": "linux enterprise workstation extension",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"model": "bladecenter advanced management module 3.66e",
"scope": null,
"trust": 0.9,
"vendor": "ibm",
"version": null
},
{
"model": "project openssl 1.0.0a",
"scope": null,
"trust": 0.6,
"vendor": "openssl",
"version": null
},
{
"model": "ssl vpn 8.0r4",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual 1tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "security enterprise scanner",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "31005.1"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3.3"
},
{
"model": "real-time compression appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.8.106"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3.1"
},
{
"model": "spa232d multi-line dect ata",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security access manager for web appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "policy center v100r003c00spc305",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "solaris",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1.20.5.0"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.9"
},
{
"model": "storevirtual 1tb mdl china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "junos d30",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x45"
},
{
"model": "infosphere guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"model": "algo audit and compliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0.2"
},
{
"model": "project openssl 0.9.8f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "58200"
},
{
"model": "documentum content server p06",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"model": "tandberg mxp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8800"
},
{
"model": "proactive network operations center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos os 13.1r4-s3",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "junos 12.1r8-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl 1.0.0d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "prime network analysis module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6"
},
{
"model": "project openssl 1.0.1e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"model": "ip video phone e20",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ios software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 12.1x46-d25",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "ios xe software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.5"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "mate products",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.2"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.2.12"
},
{
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32400"
},
{
"model": "project openssl 1.0.1a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.6.1"
},
{
"model": "cp1543-1",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "computer telephony integration object server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 4tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "junos 12.1r",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "isoc v200r001c00spc202",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "3000"
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "60000"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "3.1.9"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1"
},
{
"model": "small business isa500 series integrated security appliances",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "srg1200\u00262200\u00263200 v100r002c02hp0001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "security network intrusion prevention system gx3002",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "9.2"
},
{
"model": "ace application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "oncommand unified manager core package",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1"
},
{
"model": "junos 12.3r5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual 600gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413011.5"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "storevirtual 2tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3100v2-480"
},
{
"model": "junos 13.3r3",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 11.4r11",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.28"
},
{
"model": "proventia network security controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.470"
},
{
"model": "systems insight manager 7.3.0a",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "storevirtual hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433511.5"
},
{
"model": "project openssl 1.0.0g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "56000"
},
{
"model": "anyconnect secure mobility client for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.1.3"
},
{
"model": "uacos c4.4r11.1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "dsr-500n 1.09.b61",
"scope": "ne",
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "unified contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "clustered data ontap antivirus connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"model": "junos 12.1x44-d35",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "msr3000 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "video surveillance series ip camera",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40000"
},
{
"model": "anyconnect secure mobility client for desktop platforms",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-iq device",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"model": "idp 4.1r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "10.4"
},
{
"model": "jabber guest",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.3"
},
{
"model": "real-time compression appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.2"
},
{
"model": "m220 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "7775"
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "usg9500 usg9500 v300r001c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "s2750\u0026s5700\u0026s6700 v200r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "58300"
},
{
"model": "upward integration modules for vmware vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"model": "spa510 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "espace u19** v100r001c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "content security management appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "4800g switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3.1"
},
{
"model": "junos 12.1x44-d34",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "uma v200r001c00spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "idp 4.1r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.3"
},
{
"model": "storevirtual vsa software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.5"
},
{
"model": "storevirtual 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "usg9500 v200r001c01sph902",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "vpn client v100r001c02spc702",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "data ontap smi-s agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "secure analytics 2013.2r8",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "telepresence content server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tandberg codian mse model",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83200"
},
{
"model": "uma v200r001c00spc200",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "api management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "oceanstor s6800t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl 0.9.8w",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "junos 12.1x47-d10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "11.4"
},
{
"model": "oneview",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.0"
},
{
"model": "isoc v200r001c00",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "3000"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "119000"
},
{
"model": "secure analytics 2014.2r3",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "enterprise linux server eus 6.5.z",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "9.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.10"
},
{
"model": "simatic wincc oa",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "3.12"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "31005.1.2"
},
{
"model": "junos 13.1r3-s1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "manageone v100r002c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "business server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "1"
},
{
"model": "eupp v100r001c10spc002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "rox",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "10"
},
{
"model": "prime performance manager for sps",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 1.0.1g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "storevirtual 4tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "5.0"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"model": "clustered data ontap antivirus connector",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.2"
},
{
"model": "oneview",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "1.10"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "f1000a and s family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "s7700\u0026s9700 v200r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational application developer for websphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "storevirtual vsa software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "12.6"
},
{
"model": "prime access registrar appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "87100"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"model": "u200a and m family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.10"
},
{
"model": "flex system fc5022",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "sterling file gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "850/8700"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "junos 11.4r9",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.0"
},
{
"model": "s3900 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 600gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.6"
},
{
"model": "ips",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual china hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433511.5"
},
{
"model": "unified communications widgets click to call",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "agile controller v100r001c00spc200",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "espace usm v100r001 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "softco v100r003",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "oceanstor s5500t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "7765"
},
{
"model": "videoscape anyres live",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence t series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 1tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "oncommand unified manager core package",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5"
},
{
"model": "junos d20",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x46"
},
{
"model": "unified attendant console advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 1.0.0h",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "mds switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smart update manager for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.3.5"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.3"
},
{
"model": "storevirtual 450gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "proventia network security controller 1.0.3352m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "documentum content server p07",
"scope": "ne",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"model": "hsr6602 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.4"
},
{
"model": "arx",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.0"
},
{
"model": "wag310g wireless-g adsl2+ gateway with voip",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.6"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "telepresence tx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10000"
},
{
"model": "security threat response manager",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "2012.1"
},
{
"model": "nexus switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "31640"
},
{
"model": "jabber for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.2.2"
},
{
"model": "fastsetup",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.11"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "unified wireless ip phone series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "29200"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "9.5"
},
{
"model": "fusionsphere v100r003c10spc600",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "msr93x family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "telepresence advanced media gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32100"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.3"
},
{
"model": "arx",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.4"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1"
},
{
"model": "smc2.0 v100r002c01b025sp07",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.0"
},
{
"model": "s2700\u0026s3700 v100r006",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl 0.9.8r",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "espace cc v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "wx5002/5004 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "storevirtual 1tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "ida pro",
"scope": "eq",
"trust": 0.3,
"vendor": "hex ray",
"version": "6.5"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.4.1"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.5-3"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"model": "jabber for ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "upward integration modules for vmware vsphere",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5"
},
{
"model": "usg5000 v300r001c10sph201",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "updatexpress system packs installer",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.61"
},
{
"model": "security information and event management",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.4"
},
{
"model": "security network intrusion prevention system gx5208",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "junos 11.4r12",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.14"
},
{
"model": "prime optical for sps",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "10.0-release-p2",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "a6600 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "isoc v200r001c01",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "5000"
},
{
"model": "si switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "51200"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"model": "project openssl 0.9.8y",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "arx",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.3"
},
{
"model": "junos 12.1x44-d40",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "vsr1000 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "project openssl beta4",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.0"
},
{
"model": "esight-ewl v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos 13.3r2-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "open systems snapvault",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2.4"
},
{
"model": "junos 12.1r5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "10.1"
},
{
"model": "security network intrusion prevention system gx4004-v2",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "guardium database activity monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "hyperdp oceanstor n8500 v200r001c91",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "asg2000 v100r001c10sph001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.11"
},
{
"model": "storevirtual hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.0"
},
{
"model": "documentum content server",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"model": "upward integration modules for microsoft system center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "manageone v100r001c02",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "10.2"
},
{
"model": "project openssl 1.0.0l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smart call home",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "oncommand unified manager core package",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "simatic wincc oa",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "3.8"
},
{
"model": "storevirtual 1tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "project openssl beta5",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.0"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "31005.2"
},
{
"model": "s7700\u0026s9700 v100r006",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.3"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.0"
},
{
"model": "oic v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"model": "storevirtual 3tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.0"
},
{
"model": "s6900 v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.3"
},
{
"model": "spa300 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "14.1"
},
{
"model": "vsm v200r002c00spc503",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "upward integration modules for microsoft system center",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5"
},
{
"model": "arx",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.2"
},
{
"model": "ecns610 v100r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ucs b-series servers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.3"
},
{
"model": "junos 12.3r7",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl 0.9.8p",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "junos 13.2r5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos r7",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.3"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"model": "documentum content server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "telepresence isdn link",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "3.1.4"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"model": "storevirtual china hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433511.5"
},
{
"model": "storevirtual hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.6"
},
{
"model": "junos 12.3r6",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "universal small cell series software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50003.4.2.0"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.13"
},
{
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32200"
},
{
"model": "hardware management console release",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v77.9"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "storevirtual fc 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"model": "security access manager for web appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "msr20 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "junos 12.1r9",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "s5900 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos 13.2r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 11.4r10-s1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "documentum content server p05",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"model": "oceanstor s6800t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos 12.1x46-d20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.2"
},
{
"model": "jabber video for telepresence",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.5"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 12.2r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"model": "junos 5.0r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "129000"
},
{
"model": "fortios build",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2.0589"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "snapdrive for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.4"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "virtualization experience media engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "documentum content server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.2.10"
},
{
"model": "data ontap smi-s agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1"
},
{
"model": "storevirtual 4tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "hsr6800 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "jabber im for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "snapdrive for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2"
},
{
"model": "project openssl 0.9.8m beta1",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"model": "ssl vpn 7.4r11.1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.1"
},
{
"model": "small cell factory recovery root filesystem",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.99.4"
},
{
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"model": "guardium database activity monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0.0"
},
{
"model": "big-iq device",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"model": "project openssl 0.9.8q",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.11"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "msr20 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "manageone v100r002c10 spc320",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "svn2200 v200r001c01spc600",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "rational application developer for websphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.0.1"
},
{
"model": "s2750\u0026s5700\u0026s6700 v100r006",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual china hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.0"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.3.10"
},
{
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3200"
},
{
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "msr1000 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "11.1"
},
{
"model": "storevirtual 3tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "secblade iii",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "espace vtm v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "jabber software development kit",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "spa122 ata with router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "junos 10.4r",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.0"
},
{
"model": "junos 12.1r8-s3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security network intrusion prevention system gx5208-v2",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.0"
},
{
"model": "junos 13.2r5",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "infosphere guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "junos 12.1x46-d10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl 1.0.1c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "advanced settings utility",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.60"
},
{
"model": "spa525 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "data ontap smi-s agent",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"model": "junos 13.1r4-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "(comware family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "12500v7)0"
},
{
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.4.0.15"
},
{
"model": "automation stratix",
"scope": "ne",
"trust": 0.3,
"vendor": "rockwell",
"version": "590015.6.3"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.2"
},
{
"model": "cp1543-1",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "1.1.25"
},
{
"model": "project openssl 0.9.8m",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "tssc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "secure analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "2013.2"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"model": "advanced settings utility",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.52"
},
{
"model": "eupp v100r001c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "msr30 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "nexus series fabric extenders",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "20000"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.4.0"
},
{
"model": "security network intrusion prevention system gx6116",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "project openssl 1.0.1f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "463012.0"
},
{
"model": "storevirtual china hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.6"
},
{
"model": "strm 2012.1r8",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual 600gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.0"
},
{
"model": "oncommand workflow automation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"model": "telepresence mxp series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3.2"
},
{
"model": "algo audit and compliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "upward integration modules for vmware vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.2"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "13000"
},
{
"model": "documentum content server p02",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"model": "espace u2980 v100r001c02",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos os 12.1x47-d10",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "uma-db v2r1coospc101",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "security information and event management hf6",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.2.2"
},
{
"model": "upward integration modules for microsoft system center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "identity service engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 0.9.8g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "jsa 2014.2r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.2"
},
{
"model": "telepresence exchange system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cms r17",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7900.00"
},
{
"model": "usg9300 usg9300 v100r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "s12700 v200r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "f1000e family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "smart update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.4"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "7"
},
{
"model": "oncommand workflow automation",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "sterling file gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"model": "desktop collaboration experience dx650",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos os 12.2r9",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "oncommand unified manager core package 5.2.1p1",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "automation stratix",
"scope": "eq",
"trust": 0.3,
"vendor": "rockwell",
"version": "59000"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "13.3"
},
{
"model": "oceanstor s2200t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "19200"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.3"
},
{
"model": "storevirtual hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433511.5"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.0"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7600-"
},
{
"model": "espace u2990 v200r001c02",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "hsr6602 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "41005.1.1"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "11.0"
},
{
"model": "msr93x russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "telepresence system series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "secure analytics 2014.2r2",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "s7-1500",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "storevirtual 3tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "s2900 v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "srg1200\u00262200\u00263200 v100r002c02spc800",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "telepresence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70100"
},
{
"model": "dsr-1000n rev. a1",
"scope": null,
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "open source security information management",
"scope": "ne",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.10"
},
{
"model": "junos 13.3r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "9.6"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "storevirtual hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.5"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "ei switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "51200"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.2"
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "41005.1.21"
},
{
"model": "svn5500 v200r001c01spc600",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual vsa software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "12.0"
},
{
"model": "telepresence ip gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.6"
},
{
"model": "junos 12.1r10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "simatic s7-1500",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "1.5.0"
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.2.0.1055"
},
{
"model": "msr50 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1"
},
{
"model": "open systems snapvault 3.0.1p6",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "smart update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3.0"
},
{
"model": "snapdrive for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.2"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "51005.2"
},
{
"model": "onepk all-in-one vm",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.7"
},
{
"model": "usg5000 v300r001c10spc200",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "jabber voice for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual china hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.0"
},
{
"model": "idp 4.2r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "51005.1.1"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.9"
},
{
"model": "infosphere guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.1.5.1"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.5"
},
{
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.2"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.3"
},
{
"model": "tandberg mxp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7700"
},
{
"model": "virusscan enterprise for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "1.7.1"
},
{
"model": "strm",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "2012.1"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "9.4"
},
{
"model": "msr50 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"model": "storevirtual 1tb mdl china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "prime data center network manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "11.4x27"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "13.1"
},
{
"model": "junos 12.1x45-d25",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "cc v200r001c31",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.5.0.15"
},
{
"model": "junos 13.2r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"model": "junos 13.2r2-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "u200s and cs family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.0.4"
},
{
"model": "security threat response manager 2013.2r8",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "s12700 v200r005+v200r005hp0",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "s5900 v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "xenmobile app controller",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "2.10"
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.0.10648"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.1"
},
{
"model": "project openssl l",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "xenmobile app controller",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "2.9"
},
{
"model": "esight v2r3c10spc201",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "oceanstor s5500t v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.0"
},
{
"model": "ssl vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.4"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "isoc v200r001c02",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "9000"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.1"
},
{
"model": "software development kit",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.0"
},
{
"model": "storevirtual china hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.6"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.4"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.3"
},
{
"model": "security information and event management hf3",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.1.4"
},
{
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"model": "project openssl 0.9.8l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "security information and event management",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.1"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50000"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.6"
},
{
"model": "hsr6800 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "documentum content server sp2 p13",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "agent desktop for cisco unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.1"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.5"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "s3900 v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "oneview",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.01"
},
{
"model": "switch series (comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10500v5)0"
},
{
"model": "smart update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0.0"
},
{
"model": "ddos secure",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "anyoffice emm",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "2.6.0601.0090"
},
{
"model": "adaptive security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ddos secure",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "5.14.1-1"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "security manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.1"
},
{
"model": "s2750\u0026s5700\u0026s6700 v200r005+v200r005hp0",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "41005.1.2"
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"model": "tivoli storage flashcopy manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.3"
},
{
"model": "tssc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.12"
},
{
"model": "vsm v200r002c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos 13.3r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "simatic s7-1500",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "1.6"
},
{
"model": "strm/jsa 2013.2r8",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl 1.0.0i",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "security network intrusion prevention system gx7412",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "ngfw family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "powervu d9190 comditional access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "storevirtual 3tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "11.3"
},
{
"model": "junos 10.4r16",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "msr9xx russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "junos 12.3r4-s3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "10"
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl 1.0.1h",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "security network intrusion prevention system gx5108",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "ssl vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.0"
},
{
"model": "real-time compression appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.203"
},
{
"model": "anyconnect secure mobility client",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "msr50-g2 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"model": "storevirtual 1tb mdl china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "storevirtual fc 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "51005.1.21"
},
{
"model": "security network intrusion prevention system gx5008",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "usg9500 usg9500 v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual china hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.5"
},
{
"model": "tssc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3"
},
{
"model": "softco v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "documentum content server sp2 p14",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "junos 5.0r4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "s2750\u0026s5700\u0026s6700 v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "s2700\u0026s3700 v100r006c05+v100r06h",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.1"
},
{
"model": "junos 12.1x44-d20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "oceanstor s6800t v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "rox",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "11.16"
},
{
"model": "storevirtual 4tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "ecns600 v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ive os",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.4"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.2.13"
},
{
"model": "telepresence mcu series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "web gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.4.2.1"
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.3"
},
{
"model": "storevirtual 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "jabber voice for iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime network services controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "asg2000 v100r001c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "idp 5.1r4",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "unified ip conference phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"model": "virusscan enterprise for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "1.8"
},
{
"model": "project openssl 1.0.0e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "oic v100r001c00spc402",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "documentum content server",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.0"
},
{
"model": "junos os 12.1x46-d25",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "uacos c5.0r4.1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security network intrusion prevention system gx4004",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "security network intrusion prevention system gv1000",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "webex messenger service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 13.1r.3-s1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"model": "nac manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "s7700\u0026s9700 v200r005+v200r005hp0",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "smc2.0 v100r002c01b017sp17",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "463012.6"
},
{
"model": "storevirtual 450gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "58000"
},
{
"model": "hardware management console release",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v77.8"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.5"
},
{
"model": "business server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "1x8664"
},
{
"model": "hardware management console release",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v77.7"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "junos os 12.1x46-d20",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.6"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "dsr-1000 1.09.b61",
"scope": "ne",
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3100v20"
},
{
"model": "junos 12.1x45-d10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.10"
},
{
"model": "aura collaboration environment",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "tivoli storage flashcopy manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"model": "security network intrusion prevention system gx7800",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1.2"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0"
},
{
"model": "uacos c5.0",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "7755"
},
{
"model": "strm/jsa",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "2013.2"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8x"
},
{
"model": "vtm v100r001c30",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "logcenter v200r003c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "oceanstor s5500t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"model": "storevirtual 2tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "dynamic system analysis",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.61"
},
{
"model": "storevirtual 1tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "99510"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "41005.1"
},
{
"model": "storevirtual hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.0"
},
{
"model": "imc uam",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.00"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89450"
},
{
"model": "telepresence supervisor mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "80500"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.2.0.9"
},
{
"model": "usg2000 v300r001c10sph201",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "1.0.4"
},
{
"model": "dsm v100r002c05spc615",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos 10.4s",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.6"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ive os",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.0"
},
{
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3.3"
},
{
"model": "tapi service provider",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "espace u2980 v100r001 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3"
},
{
"model": "project openssl 0.9.8t",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"model": "arx",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.1.1"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.5"
},
{
"model": "storevirtual 3tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "storevirtual 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "switch series (comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10500v7)0"
},
{
"model": "hosted collaboration mediation fulfillment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 11.4r8",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl 0.9.8n",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2.6"
},
{
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.0"
},
{
"model": "s7700\u0026s9700 v200r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ecns600 v100r002c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "application networking manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "oceanstor s2600t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "espace u19** v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl 1.0.0c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "spa112 2-port phone adapter",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.2"
},
{
"model": "spa500 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.4"
},
{
"model": "project openssl l",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.4"
},
{
"model": "storevirtual vsa software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "12.5"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "universal small cell series software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70003.4.20"
},
{
"model": "oceanstor s5600t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "paging server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "data ontap smi-s agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.2"
},
{
"model": "9500e family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "ace application control engine module ace20",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "msr30-16 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "jabber for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.4.1"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.1.5.2"
},
{
"model": "storevirtual china hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.5"
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1.0.1880"
},
{
"model": "hyperdp oceanstor n8500 v200r001c09",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.2"
},
{
"model": "telepresence video communication server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "3.1.10"
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.2"
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1.0.2354"
},
{
"model": "agent desktop for cisco unified contact center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"model": "toolscenter suite",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.53"
},
{
"model": "simatic s7-1500",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "telepresence ip vcr series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "msr20-1x russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11000"
},
{
"model": "unified communications series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"model": "telepresence sx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"model": "si switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "55000"
},
{
"model": "virusscan enterprise for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "2.0"
},
{
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "14.04"
},
{
"model": "ape",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "hyperdp v200r001c91spc201",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.1"
},
{
"model": "unified attendant console",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security threat response manager 2012.1r8",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl 1.0.0f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "dsr-500 1.09.b61",
"scope": "ne",
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "99710"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "s3900 v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "oceanstor s5600t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.1"
},
{
"model": "documentum content server sp1 p26",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "tivoli management framework",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.1"
},
{
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.3"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.6"
},
{
"model": "junos 12.1x44-d30",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security information and event management hf11",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.3.2"
},
{
"model": "snapdrive for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "project openssl 0.9.8o",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.12"
},
{
"model": "storevirtual 2tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "junos 12.1x45-d30",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "ata analog telephone adaptor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1870"
},
{
"model": "project openssl 1.0.0j",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "eupp v100r001c01spc101",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ace application control engine module ace10",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 1.0.0b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "junos 10.4s15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rox",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "20"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.4"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.1"
},
{
"model": "ecns600 v100r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "36100"
},
{
"model": "junos 13.2r4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "expressway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "hi switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "55000"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"model": "storevirtual 1tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "aura experience portal sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.1"
},
{
"model": "msr30-1x russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.7"
},
{
"model": "proventia network security controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1209"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "oceanstor s2600t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x46"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "msr9xx family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "msr2000 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "10.0"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6.5"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3"
},
{
"model": "security information and event management",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.3"
},
{
"model": "storevirtual 3tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "aura presence services sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.1.2"
},
{
"model": "aura presence services sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.3"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "3.1.12"
},
{
"model": "junos os 13.3r2-s3",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "msr30 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "smart update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3.1"
},
{
"model": "manageone v100r002c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "clustered data ontap antivirus connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "463011.5"
},
{
"model": "junos 12.2r7",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "ave2000 v100r001c00sph001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "security information and event management ga",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.4.0"
},
{
"model": "svn2200 v200r001c01hp0001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "125000"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "13.2"
},
{
"model": "esight-ewl v300r001c10spc300",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ave2000 v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.4"
},
{
"model": "storevirtual fc 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8v"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "tsm v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "usg9500 v300r001c01spc300",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "msr30-16 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "imc ead",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.00"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "9.1"
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3600v20"
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1"
},
{
"model": "fortios b064",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.5-1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "documentum content server sp2 p15",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.2"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "10.3"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.0.3"
},
{
"model": "usg9500 v300r001c20sph102",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "storevirtual 1tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"model": "fortios",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.8"
},
{
"model": "asa cx context-aware security",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 450gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "telepresence integrator c series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.4.13"
},
{
"model": "project openssl 1.0.1d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "msr4000 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"model": "unified im and presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 12.2r8",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.9"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "31005.1.21"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"model": "usg9300 v200r001c01sph902",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "security network intrusion prevention system gv200",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "open systems snapvault",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.6"
},
{
"model": "elog v100r003c01spc503",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "anyoffice v200r002c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "463012.5"
},
{
"model": "nac appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"model": "digital media players series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "43000"
},
{
"model": "hardware management console release",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v77.6"
},
{
"model": "vpn client v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3100"
},
{
"model": "metro ethernet series access devices",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12000"
},
{
"model": "mcp russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "66000"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "31005.1.1"
},
{
"model": "storevirtual 1tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "real-time compression appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.9.1"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.2"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "s5900 v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "13.10"
},
{
"model": "prime network",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "s6900 v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ecns610 v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.0.0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.1"
},
{
"model": "storevirtual hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.5"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "storevirtual 3tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "snapdrive for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"model": "a6600 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "storevirtual fc 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "junos 12.1r11",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "f5000 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "19100"
},
{
"model": "fusionsphere v100r003",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.1"
},
{
"model": "junos 13.3r2-s3",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "usg9500 usg9500 v300r001c20",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "tsm v100r002c07spc219",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "espace u2990 v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "prime infrastructure",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3"
},
{
"model": "espace iad v300r002c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos r11",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1"
},
{
"model": "proventia network security controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.913"
},
{
"model": "ace application control engine appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "documentum content server sp1 p28",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "telepresence isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32410"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.2.3"
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "66020"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "11.4x27.62"
},
{
"model": "real-time compression appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.8"
},
{
"model": "prime collaboration provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5"
},
{
"model": "oceanstor s5600t v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos os 12.1x44-d40",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.2"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x47"
},
{
"model": "security network intrusion prevention system gx7412-10",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "espace iad v300r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "virusscan enterprise for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "1.9"
},
{
"model": "pk family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1810v10"
},
{
"model": "telepresence ex series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"model": "junos os 13.3r3",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "telepresence server on virtual machine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "59200"
},
{
"model": "oceanstor s6800t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "manageone v100r001c02 spc901",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos 11.4r10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security information and event management",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.2"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "41005.2"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.5-2"
},
{
"model": "project openssl 1.0.0m",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "junos 12.1x45-d20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "open systems snapvault",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.6.1"
},
{
"model": "oceanstor s2600t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "dsr-500n rev. a1",
"scope": null,
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "project openssl m",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "security network intrusion prevention system gx5008-v2",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "s2750\u0026s5700\u0026s6700 v200r003",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "oceanstor s5800t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "security network intrusion prevention system gx4002",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"model": "4210g switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "oceanstor s5800t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "isoc v200r001c02spc202",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "9000"
},
{
"model": "ios xr software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 2tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "junos r1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "14.1"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413011.5"
},
{
"model": "unified series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "79000"
},
{
"model": "ons series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154000"
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"model": "aura experience portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "unified intelligent contact management enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "arx",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.1"
},
{
"model": "nip2000\u00265000 v100r002c10spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "hyperdp v200r001c09spc501",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "sterling b2b integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "webapp secure",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.8.0"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "anyconnect secure mobility client for ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.7.0"
},
{
"model": "security threat response manager",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "2013.2"
},
{
"model": "eupp v100r001c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ei switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "55000"
},
{
"model": "toolscenter suite",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.52"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3"
},
{
"model": "junos 13.1r4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0"
},
{
"model": "guardium database activity monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "dsr-500 rev. a1",
"scope": null,
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "aura system manager sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "policy center v100r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.2"
},
{
"model": "junos d15",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x45-"
},
{
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.0"
},
{
"model": "telepresence",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "13100"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl 1.0.1b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.0k",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "cms r17ac.g",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "storevirtual 3tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "tandberg mxp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9900"
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "59000"
},
{
"model": "updatexpress system packs installer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.60"
},
{
"model": "oceanstor s5800t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1"
},
{
"model": "jabber for mac",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "usg2000 v300r001c10spc200",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "d9036 modular encoding platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance 4300e/4500e high-definition ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smart update manager",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "6.4.1"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "mcp",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "66000"
},
{
"model": "storevirtual 600gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.5"
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.0.92743"
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "75000"
},
{
"model": "unified series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "69000"
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8300"
},
{
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "6"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "junos 12.2r8-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.2"
},
{
"model": "oceanstor s5600t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"model": "10.0-stable",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "aura utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.7"
},
{
"model": "sterling b2b integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"model": "jabber video for ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "secblade fw family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "tssc",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.15"
},
{
"model": "junos 12.1x44-d26",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos os 13.2r5",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "51005.1.2"
},
{
"model": "guardium database activity monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2.2"
},
{
"model": "unified communications manager session management edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "51005.1"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "junos os 14.1r1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "video surveillance ptz ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "snapdrive for unix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "project openssl 0.9.8s",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "webex connect client for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence serial gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "clustered data ontap antivirus connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1"
},
{
"model": "junos 10.4r15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "uacos c4.4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "elog v100r003c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "security module for cisco network registar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ata series analog telephone adaptor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1900"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.5"
},
{
"model": "aura utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.6"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89610"
},
{
"model": "open systems snapvault",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"model": "p2 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1810v10"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500-320"
},
{
"model": "junos 10.0s25",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.6"
},
{
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.1"
},
{
"model": "unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network intrusion prevention system gx5108-v2",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "softco v200r001c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x45"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.2"
},
{
"model": "s6900 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "web gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2.10"
},
{
"model": "svn5500 v200r001c01hp0001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.6"
},
{
"model": "prime lan management solution",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "11.2"
},
{
"model": "junos d10",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x47"
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "5.1"
},
{
"model": "proventia network security controller 1.0.3350m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "msr50 g2 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.0"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "junos 10.4r10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "agent desktop for cisco unified contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 12.3r4-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "dsm v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "cms r17ac.h",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "agile controller v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.1"
},
{
"model": "nip2000\u00265000 v100r002c10hp0001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "telepresence mx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "storevirtual 1tb mdl china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500-370"
},
{
"model": "russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "66020"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.4"
},
{
"model": "junos r5",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "13.2"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1"
},
{
"model": "oceanstor s5800t v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "oceanstor s5500t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "css series content services switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "115000"
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.0.10"
},
{
"model": "telepresence isdn gw mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83210"
},
{
"model": "ucs central",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence profile series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smc2.0 v100r002c01b017sp16",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3.0"
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "espace iad v300r001c07",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "security network intrusion prevention system gx7412-05",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.0"
},
{
"model": "dynamic system analysis",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.60"
},
{
"model": "s7700\u0026s9700 v200r003",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "blackberry link",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "1.2"
},
{
"model": "oneview",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.05"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.5"
},
{
"model": "msr20-1x family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "real-time compression appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.9.107"
},
{
"model": "project openssl m",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "1.0.6"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.3"
},
{
"model": "msr30-1x family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "junos 12.1x44-d32",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "4510g switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.2"
},
{
"model": "proventia network security controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1768"
},
{
"model": "physical access gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 450gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "dsr-1000 rev. a1",
"scope": null,
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "nac guest server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "session border controller enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "s7700\u0026s9700 v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.4"
},
{
"model": "dsr-1000n 1.09.b61",
"scope": "ne",
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "junos 12.1r7",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89410"
},
{
"model": "unity connection",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 0.9.8u",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "isoc v200r001c01spc101",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "5000"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.1"
},
{
"model": "documentum content server sp2 p16",
"scope": "ne",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "oceanstor s2200t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "prime network registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "espace usm v100r001c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos os 12.3r7",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.1"
}
],
"sources": [
{
"db": "BID",
"id": "66801"
},
{
"db": "NVD",
"id": "CVE-2010-5298"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.0.1g",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.0.13",
"versionStartIncluding": "10.0.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2010-5298"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HP",
"sources": [
{
"db": "PACKETSTORM",
"id": "127362"
},
{
"db": "PACKETSTORM",
"id": "127807"
},
{
"db": "PACKETSTORM",
"id": "140720"
},
{
"db": "PACKETSTORM",
"id": "127326"
},
{
"db": "PACKETSTORM",
"id": "128001"
}
],
"trust": 0.5
},
"cve": "CVE-2010-5298",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 4.9,
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 4.9,
"id": "CVE-2010-5298",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2010-5298",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2010-5298",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2010-5298"
},
{
"db": "NVD",
"id": "CVE-2010-5298"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Race condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, allows remote attackers to inject data across sessions or cause a denial of service (use-after-free and parsing error) via an SSL connection in a multithreaded environment. OpenSSL is prone to a remote memory-corruption vulnerability. \nAn attacker can exploit this issue to cause denial-of-service condition. Due to the nature of this issue, arbitrary code execution may be possible; however, this has not been confirmed. As long as all other products which SMH V7.3.3.1 for Linux\nx86 communicates with have been upgraded to the latest versions, it will not\nbe vulnerable to the exploits described in CVE-2014-0224. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nESA-2014-079: EMC Documentum Content Server Multiple Vulnerabilities \n\nEMC Identifier: ESA-2014-079\n\nCVE Identifier: See below for individual CVEs\n\nSeverity Rating: CVSS v2 Base Score: See below for individual CVSS score for each CVE\n\nAffected products: \n\\x95\tAll EMC Documentum Content Server versions of 7.1 prior to P07\n\\x95\tAll EMC Documentum Content Server versions of 7.0\n\\x95\tAll EMC Documentum Content Server versions of 6.7 SP2 prior to P16\n\\x95\tAll EMC Documentum Content Server versions of 6.7 SP1\n\\x95\tAll EMC Documentum Content Server versions prior to 6.7 SP1\n \nSummary: \nEMC Documentum Content Server contains fixes for multiple vulnerabilities which also include vulnerabilities disclosed by the OpenSSL project on June 5, 2014 in OpenSSL. \n\nDetails: \nEMC Documentum Content Server may be susceptible to the following vulnerabilities:\n\n\\x95\tArbitrary Code Execution (CVE-2014-4618):\nAuthenticated non-privileged users can potentially execute Documentum methods with higher level privileges (up to and including superuser privileges) due to improper authorization checks being performed on user-created system objects. \nCVSS v2 Base Score: 8.2 (AV:N/AC:M/Au:S/C:C/I:C/A:P)\n\n\\x95\tDQL Injection (CVE-2014-2520):\nCertain DQL hints in EMC Documentum Content Server may be potentially exploited by an authenticated non-privileged malicious user to conduct DQL injection attacks and read the database contents. \nCVSS v2 Base Score: 6.3 (AV:N/AC:M/Au:S/C:C/I:N/A:N)\n\n\\x95\tInformation Disclosure (CVE-2014-2521):\nAuthenticated non-privileged users are allowed to retrieve meta-data of unauthorized system objects due to improper authorization checks being performed on certain RPC commands in Content Server. \nCVSS v2 Base Score: 6.3 (AV:N/AC:M/Au:S/C:C/I:N/A:N)\n\n\\x95\tMultiple OpenSSL vulnerabilities (See individual CVEs below and refer to NVD for each of their scores):\n\tSSL/TLS Man-in-the-middle (MITM) vulnerability (CVE-2014-0224)\n\tDTLS recursion flaw (CVE-2014-0221)\n\tDTLS invalid fragment vulnerability (CVE-2014-0195)\n\tSSL_MODE_RELEASE_BUFFERS NULL pointer deference (CVE-2014-0198)\n\tSSL_MODE_RELEASE_BUFFERS session injection or denial of service (CVE-2010-5298)\n\tAnonymous ECDH denial of service (CVE-2014-3470)\n\tFLUSH + RELOAD cache side-channel attack (CVE-2014-0076)\nFor more information about these vulnerabilities, please visit the original OpenSSL advisory https://www.openssl.org/news/secadv_20140605.txt \n\nResolution: \nThe following versions contain the resolution for these issues: \n\\x95\tEMC Documentum Content Server version 7.1 P07 and later\n\\x95\tEMC Documentum Content Server version 7.0: Hotfixes are available for Windows \u0026 Linux. Contact EMC Support to obtain them. For Solaris and AIX, contact EMC Support to open Hotfix requests. \n\\x95\tEMC Documentum Content Server version 6.7 SP2 P16 and later\n\\x95\tEMC Documentum Content Server version 6.7 SP1: Hotfixes are available for Windows \u0026 Linux. Contact EMC Support to obtain them. For Solaris and AIX, contact EMC Support to open Hotfix requests. \n\nEMC recommends all customers to upgrade to one of the above versions at the earliest opportunity. \n\nLink to remedies:\nRegistered EMC Online Support customers can download patches and software from support.emc.com at: https://support.emc.com/downloads/2732_Documentum-Server\n\nFor Hotfix, contact EMC Support. \n\n\n\nRead and use the information in this EMC Security Advisory to assist in avoiding any situation that might arise from the problems described herein. If you have any questions regarding this product alert, contact EMC Software Technical Support at 1-877-534-2867. \n\nFor an explanation of Severity Ratings, refer to EMC Knowledgebase solution emc218831. EMC recommends all customers take into account both the base score and any relevant temporal and environmental scores which may impact the potential severity associated with particular security vulnerability. \n\nEMC Corporation distributes EMC Security Advisories, in order to bring to the attention of users of the affected EMC products, important security information. EMC recommends that all users determine the applicability of this information to their individual situations and take appropriate action. EMC disclaims all warranties, either express or implied, including the warranties of merchantability, fitness for a particular purpose, title and non-infringement. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages, so the foregoing limitation may not apply. \n\nRelease Date: 2014-08-08\nLast Updated: 2014-08-08\n\nPotential Security Impact: Remote denial of service (DoS), code execution,\nunauthorized access, disclosure of information\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with HP System\nManagement Homepage (SMH), HP Smart Update Manager (SUM), and HP Version\nControl Agent (VCA) running on Linux and Windows. These components of HP\nInsight Control server deployment could be exploited remotely resulting in\ndenial of service (DoS), code execution, unauthorized access, or disclosure\nof information. \n\nHP Insight Control server deployment packages HP System Management Homepage\n(SMH) and HP Version Control Agent (VCA), and HP Smart Update Manager (SUM)\nand deploys them through the following components. This bulletin provides the\ninformation needed to update the HP Insight Control server deployment\nsolution. \n\nInstall HP Management Agents for Windows x86/x64\nInstall HP Management Agents for RHEL 5 x64\nInstall HP Management Agents for RHEL 6 x64\nInstall HP Management Agents for SLES 10 x64\nInstall HP Management Agents for SLES 11 x64\nUpgrade Proliant Firmware\n\nReferences:\n\nCVE-2010-5298 Remote Denial of Service\nCVE-2014-0076 Unauthorized Disclosure of Information\nCVE-2014-0195 Remote Unauthorized Access\nCVE-2014-0198 Remote Denial of Service\nCVE-2014-0221 Remote Denial of Service (DoS)\nCVE-2014-0224 Remote Unauthorized Access or Disclosure of Information\nCVE-2014-3470 Remote Code Execution or Unauthorized Access\nSSRT101628\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP Insight Control server deployment v7.1.2, v7.2.0, v7.2.1, v7.2.2, v7.3.1\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2010-5298 (AV:N/AC:H/Au:N/C:N/I:P/A:P) 4.0\nCVE-2014-0076 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\nCVE-2014-0195 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2014-0198 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2014-0221 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2014-0224 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2014-3470 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has provided the following updates to v7.3.1 of HP Insight Control server\ndeployment to resolve this vulnerability. HP has provided manual update steps\nif a version upgrade is not possible; if users wish to remain at v7.1.2,\nv7.2.0, or v7.2.1. \n\nNote: It is important to check your current running version of HP Insight\nControl server deployment and to follow the correct steps listed below. For\nHP Insight Control server deployment v7.2.2, users must upgrade to v7.3.1 and\nfollow the steps below to remove the vulnerability. The vulnerability known\nas Heartbleed (CVE-2014-0160) was fixed in HP Insight Control server\ndeployment v7.3.1. That Security Bulletin with instructions on how to upgrade\nto v7.3.1 can be found here:\n\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_n\na-c04267749\n\nHP Insight Control server deployment users of v7.1.2, v7.2.0, v7.2.1 should\ntake the following steps to remove this vulnerability. \n\nDelete the files smhamd64-*.exe/smhx86-*.exe\" from Component Copy Location\nlisted in the following table, rows 1 and 2. \nDelete the files \"vcax86-*.exe/vcaamd64-*.exe from Component Copy Location\nlisted in the following table, rows 3 and 4. \nDelete the files hpsmh-7.*.rpm\" from Component Copy Location listed in row 5. \nIn sequence, perform the steps from left to right in the following table. \nFirst, download components from Download Link; Second, rename the component\nas suggested in Rename to. Third, copy the component to the location\nspecified in Component Copy Location. \nTable Row Number\n Download Link\n Rename to\n Component Copy Location\n\n1\n http://www.hp.com/swpublishing/MTX-e8076c2a35804685ad65b2b1ba\n smhamd64-ccp023716.exe\n \\\\express\\hpfeatures\\hpagents-ws\\components\\Win2008\n\n2\n http://www.hp.com/swpublishing/MTX-3395d737d98f42149125b9bb05\n smhx86-cp023715.exe\n \\\\express\\hpfeatures\\hpagents-ws\\components\\Win2008\n\n3\n http://www.hp.com/swpublishing/MTX-8aefeaf490284a7691eca97d13\n vcax86-cp023742.exe\n \\\\express\\hpfeatures\\hpagents-ws\\components\\Win2008\n\n4\n http://www.hp.com/swpublishing/MTX-c0d32bac154a4d93839d8cd1f2\n vcaamd64-cp023743.exe\n \\\\express\\hpfeatures\\hpagents-ws\\components\\Win2008\n\n5\n http://www.hp.com/swpublishing/MTX-bd9a1cf60e344c549c4888db93\n Do not rename the downloaded component for this step. \n \\\\express\\hpfeatures\\hpagents-sles11-x64\\components\n\\\\express\\hpfeatures\\hpagents-sles10-x64\\components\n\\\\express\\hpfeatures\\hpagents-rhel5-x64\\components\n\\\\express\\hpfeatures\\hpagents-rhel6-x64\\components\n\nDownload and extract the HPSUM 5.3.6 component from\nftp://ftp.hp.com/pub/softlib2/software1/pubsw-windows/p750586112/v99793\n\nCopy all content from extracted ZIP folder and paste into\n\\\\eXpress\\hpfeatures\\fw-proLiant\\components\nInitiate Install HP Management Agents for SLES 11 x64 on targets running\nSLES11 x64. \nInitiate Install HP Management Agents for SLES 10 x64 on targets running\nSLES10 x64. \nInitiate Install HP Management Agents for RHEL 6 x64 on targets running RHEL\n6 x64. \nInitiate Install HP Management Agents for RHEL 5 x64 on targets running RHEL\n5 x64. \nInitiate Install HP Management Agents for Windows x86/x64 on targets running\nWindows. \n\nHP Insight Control server deployment users with v7.2.2:\n\nPlease upgrade to Insight Control server deployment v7.3.1 and follow the\nsteps below for v7.3.1. \n\nHP Insight Control server deployment users with v7.3.1:\n\nPerform steps 1 - 4 as outlined above for users with HP Insight Control\nserver deployment v7.1.2, v7.2.0, and v7.2.1. \nDownload the HP SUM ZIP file from\nhttp://www.hp.com/swpublishing/MTX-f6c141a7feeb4a358bbb28300f\n\nExtract the contents from the HP SUM ZIP file to\n\\\\eXpress\\hpfeatures\\fw-proLiant\\components location on the Insight Control\nserver deployment server\n\nRelated security bulletins:\n\nFor System Management Homepage please see Security bulletin HPSBMU03051 https\n://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c04\n345210\n\nFor HP Version Control Agent please see Security bulletin HPSBMU03057 https:/\n/h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c0434\n9897\n\nHISTORY\nVersion:1 (rev.1) - 8 August 2014 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2014 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: openssl security update\nAdvisory ID: RHSA-2014:0625-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2014-0625.html\nIssue date: 2014-06-05\nCVE Names: CVE-2010-5298 CVE-2014-0195 CVE-2014-0198 \n CVE-2014-0221 CVE-2014-0224 CVE-2014-3470 \n=====================================================================\n\n1. Summary:\n\nUpdated openssl packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 6. \n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux HPC Node (v. 6) - x86_64\nRed Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64\nRed Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64\n\n3. Description:\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library. \n\nIt was found that OpenSSL clients and servers could be forced, via a\nspecially crafted handshake packet, to use weak keying material for\ncommunication. A man-in-the-middle attacker could use this flaw to decrypt\nand modify traffic between a client and a server. (CVE-2014-0224)\n\nNote: In order to exploit this flaw, both the server and the client must be\nusing a vulnerable version of OpenSSL; the server must be using OpenSSL\nversion 1.0.1 and above, and the client must be using any version of\nOpenSSL. For more information about this flaw, refer to:\nhttps://access.redhat.com/site/articles/904433\n\nA buffer overflow flaw was found in the way OpenSSL handled invalid DTLS\npacket fragments. A remote attacker could possibly use this flaw to execute\narbitrary code on a DTLS client or server. (CVE-2014-0195)\n\nMultiple flaws were found in the way OpenSSL handled read and write buffers\nwhen the SSL_MODE_RELEASE_BUFFERS mode was enabled. A TLS/SSL client or\nserver using OpenSSL could crash or unexpectedly drop connections when\nprocessing certain SSL traffic. (CVE-2010-5298, CVE-2014-0198)\n\nA denial of service flaw was found in the way OpenSSL handled certain DTLS\nServerHello requests. A specially crafted DTLS handshake packet could cause\na DTLS client using OpenSSL to crash. (CVE-2014-0221)\n\nA NULL pointer dereference flaw was found in the way OpenSSL performed\nanonymous Elliptic Curve Diffie Hellman (ECDH) key exchange. A specially\ncrafted handshake packet could cause a TLS/SSL client that has the\nanonymous ECDH cipher suite enabled to crash. (CVE-2014-3470)\n\nRed Hat would like to thank the OpenSSL project for reporting these issues. \nUpstream acknowledges KIKUCHI Masashi of Lepidum as the original reporter\nof CVE-2014-0224, J\u00fcri Aedla as the original reporter of CVE-2014-0195,\nImre Rad of Search-Lab as the original reporter of CVE-2014-0221, and Felix\nGr\u00f6bert and Ivan Fratri\u0107 of Google as the original reporters of\nCVE-2014-3470. \n\nAll OpenSSL users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. For the update to take\neffect, all services linked to the OpenSSL library (such as httpd and other\nSSL-enabled services) must be restarted or the system rebooted. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1087195 - CVE-2010-5298 openssl: freelist misuse causing a possible use-after-free\n1093837 - CVE-2014-0198 openssl: SSL_MODE_RELEASE_BUFFERS NULL pointer dereference in do_ssl3_write()\n1103586 - CVE-2014-0224 openssl: SSL/TLS MITM vulnerability\n1103593 - CVE-2014-0221 openssl: DoS when sending invalid DTLS handshake\n1103598 - CVE-2014-0195 openssl: Buffer overflow via DTLS invalid fragment\n1103600 - CVE-2014-3470 openssl: client-side denial of service when using anonymous ECDH\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 6):\n\nSource:\nopenssl-1.0.1e-16.el6_5.14.src.rpm\n\ni386:\nopenssl-1.0.1e-16.el6_5.14.i686.rpm\nopenssl-debuginfo-1.0.1e-16.el6_5.14.i686.rpm\n\nx86_64:\nopenssl-1.0.1e-16.el6_5.14.i686.rpm\nopenssl-1.0.1e-16.el6_5.14.x86_64.rpm\nopenssl-debuginfo-1.0.1e-16.el6_5.14.i686.rpm\nopenssl-debuginfo-1.0.1e-16.el6_5.14.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Optional (v. 6):\n\nSource:\nopenssl-1.0.1e-16.el6_5.14.src.rpm\n\ni386:\nopenssl-debuginfo-1.0.1e-16.el6_5.14.i686.rpm\nopenssl-devel-1.0.1e-16.el6_5.14.i686.rpm\nopenssl-perl-1.0.1e-16.el6_5.14.i686.rpm\nopenssl-static-1.0.1e-16.el6_5.14.i686.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-16.el6_5.14.i686.rpm\nopenssl-debuginfo-1.0.1e-16.el6_5.14.x86_64.rpm\nopenssl-devel-1.0.1e-16.el6_5.14.i686.rpm\nopenssl-devel-1.0.1e-16.el6_5.14.x86_64.rpm\nopenssl-perl-1.0.1e-16.el6_5.14.x86_64.rpm\nopenssl-static-1.0.1e-16.el6_5.14.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node (v. 6):\n\nSource:\nopenssl-1.0.1e-16.el6_5.14.src.rpm\n\nx86_64:\nopenssl-1.0.1e-16.el6_5.14.i686.rpm\nopenssl-1.0.1e-16.el6_5.14.x86_64.rpm\nopenssl-debuginfo-1.0.1e-16.el6_5.14.i686.rpm\nopenssl-debuginfo-1.0.1e-16.el6_5.14.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Optional (v. 6):\n\nSource:\nopenssl-1.0.1e-16.el6_5.14.src.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-16.el6_5.14.i686.rpm\nopenssl-debuginfo-1.0.1e-16.el6_5.14.x86_64.rpm\nopenssl-devel-1.0.1e-16.el6_5.14.i686.rpm\nopenssl-devel-1.0.1e-16.el6_5.14.x86_64.rpm\nopenssl-perl-1.0.1e-16.el6_5.14.x86_64.rpm\nopenssl-static-1.0.1e-16.el6_5.14.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 6):\n\nSource:\nopenssl-1.0.1e-16.el6_5.14.src.rpm\n\ni386:\nopenssl-1.0.1e-16.el6_5.14.i686.rpm\nopenssl-debuginfo-1.0.1e-16.el6_5.14.i686.rpm\nopenssl-devel-1.0.1e-16.el6_5.14.i686.rpm\n\nppc64:\nopenssl-1.0.1e-16.el6_5.14.ppc.rpm\nopenssl-1.0.1e-16.el6_5.14.ppc64.rpm\nopenssl-debuginfo-1.0.1e-16.el6_5.14.ppc.rpm\nopenssl-debuginfo-1.0.1e-16.el6_5.14.ppc64.rpm\nopenssl-devel-1.0.1e-16.el6_5.14.ppc.rpm\nopenssl-devel-1.0.1e-16.el6_5.14.ppc64.rpm\n\ns390x:\nopenssl-1.0.1e-16.el6_5.14.s390.rpm\nopenssl-1.0.1e-16.el6_5.14.s390x.rpm\nopenssl-debuginfo-1.0.1e-16.el6_5.14.s390.rpm\nopenssl-debuginfo-1.0.1e-16.el6_5.14.s390x.rpm\nopenssl-devel-1.0.1e-16.el6_5.14.s390.rpm\nopenssl-devel-1.0.1e-16.el6_5.14.s390x.rpm\n\nx86_64:\nopenssl-1.0.1e-16.el6_5.14.i686.rpm\nopenssl-1.0.1e-16.el6_5.14.x86_64.rpm\nopenssl-debuginfo-1.0.1e-16.el6_5.14.i686.rpm\nopenssl-debuginfo-1.0.1e-16.el6_5.14.x86_64.rpm\nopenssl-devel-1.0.1e-16.el6_5.14.i686.rpm\nopenssl-devel-1.0.1e-16.el6_5.14.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 6):\n\nSource:\nopenssl-1.0.1e-16.el6_5.14.src.rpm\n\ni386:\nopenssl-debuginfo-1.0.1e-16.el6_5.14.i686.rpm\nopenssl-perl-1.0.1e-16.el6_5.14.i686.rpm\nopenssl-static-1.0.1e-16.el6_5.14.i686.rpm\n\nppc64:\nopenssl-debuginfo-1.0.1e-16.el6_5.14.ppc64.rpm\nopenssl-perl-1.0.1e-16.el6_5.14.ppc64.rpm\nopenssl-static-1.0.1e-16.el6_5.14.ppc64.rpm\n\ns390x:\nopenssl-debuginfo-1.0.1e-16.el6_5.14.s390x.rpm\nopenssl-perl-1.0.1e-16.el6_5.14.s390x.rpm\nopenssl-static-1.0.1e-16.el6_5.14.s390x.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-16.el6_5.14.x86_64.rpm\nopenssl-perl-1.0.1e-16.el6_5.14.x86_64.rpm\nopenssl-static-1.0.1e-16.el6_5.14.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 6):\n\nSource:\nopenssl-1.0.1e-16.el6_5.14.src.rpm\n\ni386:\nopenssl-1.0.1e-16.el6_5.14.i686.rpm\nopenssl-debuginfo-1.0.1e-16.el6_5.14.i686.rpm\nopenssl-devel-1.0.1e-16.el6_5.14.i686.rpm\n\nx86_64:\nopenssl-1.0.1e-16.el6_5.14.i686.rpm\nopenssl-1.0.1e-16.el6_5.14.x86_64.rpm\nopenssl-debuginfo-1.0.1e-16.el6_5.14.i686.rpm\nopenssl-debuginfo-1.0.1e-16.el6_5.14.x86_64.rpm\nopenssl-devel-1.0.1e-16.el6_5.14.i686.rpm\nopenssl-devel-1.0.1e-16.el6_5.14.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 6):\n\nSource:\nopenssl-1.0.1e-16.el6_5.14.src.rpm\n\ni386:\nopenssl-debuginfo-1.0.1e-16.el6_5.14.i686.rpm\nopenssl-perl-1.0.1e-16.el6_5.14.i686.rpm\nopenssl-static-1.0.1e-16.el6_5.14.i686.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-16.el6_5.14.x86_64.rpm\nopenssl-perl-1.0.1e-16.el6_5.14.x86_64.rpm\nopenssl-static-1.0.1e-16.el6_5.14.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2010-5298.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-0195.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-0198.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-0221.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-0224.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-3470.html\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/site/articles/904433\nhttps://access.redhat.com/site/solutions/905793\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2014 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFTkGAKXlSAg2UNWIIRAnrwAJ9sLrj3wCAZhJU00jxgt03unDAHywCfVjUB\npJJhdOUzRUL8R2haDM4xrsk=\n=hZF8\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce. \tUnvalidated Redirect Vulnerability (CVE-2015-0512)\n\nA potential vulnerability in Unisphere Central may allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks. The attacker can specify the location of the arbitrary site in the unvalidated parameter of a crafted URL. If this URL is accessed, the browser is redirected to the arbitrary site specified in the parameter. \n\nCVSSv2 Base Score: 5.8 (AV:N/AC:M/Au:N/C:P/I:P/A:N)\n\n2. To search for a particular CVE, use the NVD database\\x92s search utility at http://web.nvd.nist.gov/view/vuln/search\n\nResolution: \nThe following Unisphere Central release contains resolutions to the above issues:\n\\x95\tUnisphere Central version 4.0. \n \n The Montgomery ladder implementation in OpenSSL through 1.0.0l does\n not ensure that certain swap operations have a constant-time behavior,\n which makes it easier for local users to obtain ECDSA nonces via a\n FLUSH+RELOAD cache side-channel attack (CVE-2014-0076). \n \n The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before\n 1.0.1g do not properly handle Heartbeat Extension packets, which allows\n remote attackers to obtain sensitive information from process memory\n via crafted packets that trigger a buffer over-read, as demonstrated\n by reading private keys, related to d1_both.c and t1_lib.c, aka the\n Heartbleed bug (CVE-2014-0160). \n \n OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before\n 1.0.1h does not properly restrict processing of ChangeCipherSpec\n messages, which allows man-in-the-middle attackers to trigger use of a\n zero-length master key in certain OpenSSL-to-OpenSSL communications,\n and consequently hijack sessions or obtain sensitive information,\n via a crafted TLS handshake, aka the CCS Injection vulnerability\n (CVE-2014-0224). \n \n The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other\n products, uses nondeterministic CBC padding, which makes it easier\n for man-in-the-middle attackers to obtain cleartext data via a\n padding-oracle attack, aka the POODLE issue (CVE-2014-3566). \n \n The BN_sqr implementation in OpenSSL before 0.9.8zd, 1.0.0 before\n 1.0.0p, and 1.0.1 before 1.0.1k does not properly calculate the square\n of a BIGNUM value, which might make it easier for remote attackers to\n defeat cryptographic protection mechanisms via unspecified vectors,\n related to crypto/bn/asm/mips.pl, crypto/bn/asm/x86_64-gcc.c, and\n crypto/bn/bn_asm.c (CVE-2014-3570). \n \n The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before\n 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote\n SSL servers to conduct ECDHE-to-ECDH downgrade attacks and trigger\n a loss of forward secrecy by omitting the ServerKeyExchange message\n (CVE-2014-3572). \n \n OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k\n does not enforce certain constraints on certificate data, which allows\n remote attackers to defeat a fingerprint-based certificate-blacklist\n protection mechanism by including crafted data within a\n certificate\u0026#039;s unsigned portion, related to crypto/asn1/a_verify.c,\n crypto/dsa/dsa_asn1.c, crypto/ecdsa/ecs_vrf.c, and crypto/x509/x_all.c\n (CVE-2014-8275). \n \n The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before\n 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL\n servers to conduct RSA-to-EXPORT_RSA downgrade attacks and facilitate\n brute-force decryption by offering a weak ephemeral RSA key in a\n noncompliant role, related to the FREAK issue. NOTE: the scope of\n this CVE is only client code based on OpenSSL, not EXPORT_RSA issues\n associated with servers or other TLS implementations (CVE-2015-0204). \n \n The ssl3_get_cert_verify function in s3_srvr.c in OpenSSL 1.0.0 before\n 1.0.0p and 1.0.1 before 1.0.1k accepts client authentication with a\n Diffie-Hellman (DH) certificate without requiring a CertificateVerify\n message, which allows remote attackers to obtain access without\n knowledge of a private key via crafted TLS Handshake Protocol traffic\n to a server that recognizes a Certification Authority with DH support\n (CVE-2015-0205). \n \n The updated packages have been upgraded to the 1.0.1m version where\n these security flaws has been fixed. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5298\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0076\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0195\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0198\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0221\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3513\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3569\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3570\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3571\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3572\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8275\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0206\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0209\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0286\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0287\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0288\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0289\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0293\n http://openssl.org/news/secadv_20150108.txt\n http://openssl.org/news/secadv_20150319.txt\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Business Server 2/X86_64:\n 324a85f7e1165ab02881e44dbddaf599 mbs2/x86_64/lib64openssl1.0.0-1.0.1m-1.mbs2.x86_64.rpm\n 9c0bfb6ebd43cb6d81872abf71b4f85f mbs2/x86_64/lib64openssl-devel-1.0.1m-1.mbs2.x86_64.rpm\n 58df54e72ca7270210c7d8dd23df402b mbs2/x86_64/lib64openssl-engines1.0.0-1.0.1m-1.mbs2.x86_64.rpm\n b5313ffb5baaa65aea05eb05486d309a mbs2/x86_64/lib64openssl-static-devel-1.0.1m-1.mbs2.x86_64.rpm\n a9890ce4c33630cb9e00f3b2910dd784 mbs2/x86_64/openssl-1.0.1m-1.mbs2.x86_64.rpm \n 521297a5fe26e2de0c1222d8d03382d1 mbs2/SRPMS/openssl-1.0.1m-1.mbs2.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/en/support/security/advisories/\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.12 (GNU/Linux)\n\niD8DBQFVFTm1mqjQ0CJFipgRAoYFAKCaubn00colzVNnUBFjSElyDptGMQCfaGoS\nkz0ex6eI6hA6qSwklA2NoXY=\n=GYjX\n-----END PGP SIGNATURE-----\n. These vulnerabilities include: \n\n* The SSLv3 vulnerability known as \"Padding Oracle on Downgraded Legacy\nEncryption\" also known as \"POODLE\", which could be exploited remotely\nresulting in disclosure of information. \n\n - HP StoreVirtual VSA Software 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4130 600GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4130 600GB China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 1TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 450GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 1TB MDL China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 450GB China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 900GB China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 FC 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 FC 900GB China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 2TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 3TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 450GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 600GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4630 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4730 600GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4730 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4730 FC 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 450GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 900GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 1TB MDL SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 3TB MDL SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 450GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4335 China Hybrid Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4335 Hybrid Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 4TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4130 600GB China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4130 600GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 1TB MDL China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 1TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 1TB MDL SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 450GB China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 450GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 450GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 900GB China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 900GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 FC 900GB China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 FC 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4335 China Hybrid SAN Solution 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4335 China Hybrid Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4335 Hybrid SAN Solution 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4335 Hybrid Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 2TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 3TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 3TB MDL SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 450GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 450GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 4TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 600GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 600GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4630 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4730 600GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4730 600GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4730 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4730 900GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4730 FC 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n\nBACKGROUND\n\n CVSS Base Metrics\n =================\n Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector\n\n CVE-2010-5298\n 4.8 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L\n 4.0 (AV:N/AC:H/Au:N/C:N/I:P/A:P)\n\n CVE-2014-0076\n 4.0 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\n 1.9 (AV:L/AC:M/Au:N/C:P/I:N/A:N)\n\n CVE-2014-0195\n 7.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L\n 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n\n CVE-2014-0198\n 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\n 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)\n\n CVE-2014-0221\n 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\n 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)\n\n CVE-2014-0224\n 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L\n 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n\n CVE-2014-3470\n 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\n 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)\n\n CVE-2014-3566\n 3.1 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N\n 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n CVE-2016-0705\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n Information on CVSS is documented in\n HPE Customer Notice HPSN-2008-002 here:\n\nhttps://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499\n\nRESOLUTION\n\nHPE recommends applying the following software updates to resolve the\nvulnerabilities in the impacted versions of HPE StoreVirtual products running\nHPE LeftHand OS. \n\nLeftHand OS v11.5 - Patches 45019-00 and 45020 \nLeftHand OS v12.0 - Patches 50016-00 and 50017-00 \nLeftHand OS v12.5 - Patch 55016-00 \nLeftHand OS v12.6 - Patch 56002-00 \n\n**Notes:**\n\nThese patches enable TLSv1.2 protocol and upgrades the OpenSSL RPM revision\nto OpenSSL v1.0.1e 48. \nThese patches migrate Certificate Authority Hashing Algorithm from a weak\nhashing algorithm SHA1 to the stronger hashing algorithm SHA256. Summary\n\n VMware product updates address OpenSSL security vulnerabilities. Relevant Releases\n\n ESXi 5.5 prior to ESXi550-201406401-SG\n\n\n3. Problem Description\n\n a. \n \n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n\n has assigned the names CVE-2014-0224, CVE-2014-0198, \n CVE-2010-5298, CVE-2014-3470, CVE-2014-0221 and CVE-2014-0195 to\n these issues. The most important of these issues is \n CVE-2014-0224. \n\n CVE-2014-0198, CVE-2010-5298 and CVE-2014-3470 are considered to\n be of moderate severity. Exploitation is highly unlikely or is\n mitigated due to the application configuration. \n\n CVE-2014-0221 and CVE-2014-0195, which are listed in the OpenSSL \n Security Advisory (see Reference section below), do not affect\n any VMware products. For readability\n the affected products have been split into 3 tables below, \n based on the different client-server configurations and\n deployment scenarios. Applying these patches to \n affected servers will mitigate the affected clients (See Table 1\n below). can be mitigated by using a secure network such as \n VPN (see Table 2 below). \n \n Clients and servers that are deployed on an isolated network are\n less exposed to CVE-2014-0224 (see Table 3 below). The affected\n products are typically deployed to communicate over the\n management network. \n\n RECOMMENDATIONS\n\n VMware recommends customers evaluate and deploy patches for\n affected Servers in Table 1 below as these patches become\n available. Patching these servers will remove the ability to\n exploit the vulnerability described in CVE-2014-0224 on both\n clients and servers. VMware recommends customers consider \n applying patches to products listed in Table 2 \u0026 3 as required. \n\n Column 4 of the following tables lists the action required to\n remediate the vulnerability in each release, if a solution is\n available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch \n ============== ======= ======= =============\n ESXi 5.5 ESXi ESXi550-\n 201406401-SG \n\n Big Data Extensions 1.1 patch pending \n Charge Back Manager 2.6 patch pending \n\n Horizon Workspace Server \n GATEWAY 1.8.1 patch pending \n Horizon Workspace Server \n GATEWAY 1.5 patch pending \n\n Horizon Workspace Server \n DATA 1.8.1 patch pending \n\n Horizon Mirage Edge Gateway 4.4.2 patch pending \n Horizon View 5.3.1 patch pending \n\n Horizon View Feature Pack 5.3 SP2 patch pending \n\n NSX for Multi-Hypervisor 4.1.2 patch pending \n NSX for Multi-Hypervisor 4.0.3 patch pending \n NSX for vSphere 6.0.4 patch pending \n NVP 3.2.2 patch pending \n vCAC 6.0.1 patch pending \n\n vCloud Networking and Security 5.5.2 \t\t patch pending \n vCloud Networking and Security 5.1.2 \t\t patch pending \n\n vFabric Web Server 5.3.4 patch pending \n\n vCHS - DPS-Data Protection 2.0 patch pending \n Service\n\n Table 2\n ========\n Affected clients running a vulnerable version of OpenSSL 0.9.8 \n or 1.0.1 and communicating over an untrusted network. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch \n ============== ======= ======= =============\n vCSA 5.5 patch pending \n vCSA 5.1 patch pending \n vCSA 5.0 patch pending \n\n\n ESXi 5.1 ESXi patch pending \n ESXi 5.0 ESXi patch pending \n\n Workstation 10.0.2 any patch pending \n Workstation 9.0.3 any patch pending \n Fusion 6.x OSX patch pending \n Fusion 5.x OSX patch pending \n Player 10.0.2 any patch pending \n Player 9.0.3 any patch pending \n\n Chargeback Manager 2.5.x patch pending \n\n Horizon Workspace Client for 1.8.1 OSX patch pending \n Mac\n Horizon Workspace Client for 1.5 OSX patch pending \n Mac\n Horizon Workspace Client for 1.8.1 Windows patch pending \n Windows \n Horizon Workspace Client for 1.5 Windows patch pending \n\n OVF Tool 3.5.1 patch pending \n OVF Tool 3.0.1 patch pending \n\n vCenter Operations Manager 5.8.1 patch pending \n\n vCenter Support Assistant 5.5.0 patch pending \n vCenter Support Assistant 5.5.1 patch pending \n \n vCD 5.1.2 patch pending \n vCD 5.1.3 patch pending \n vCD 5.5.1.1 patch pending \n vCenter Site Recovery Manager 5.0.3.1 patch pending \n\n Table 3\n =======\n The following table lists all affected clients running a\n vulnerable version of OpenSSL 0.9.8 or 1.0.1 and communicating\n over an untrusted network. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch \n ============== ======= ======= =============\n vCenter Server 5.5 any patch pending\n vCenter Server 5.1 any patch pending\n vCenter Server 5.0 any patch pending\n\n Update Manager 5.5 Windows patch pending\n Update Manager 5.1 Windows patch pending\n Update Manager 5.0 Windows patch pending \n\n Config Manager (VCM) 5.6 patch pending \n\n Horizon View Client 5.3.1 patch pending \n Horizon View Client 4.x patch pending\n Horizon Workspace 1.8.1 patch pending \n Horizon Workspace 1.5 patch pending \n \n \n ITBM Standard 1.0.1 patch pending \n ITBM Standard 1.0 patch pending \n \n Studio 2.6.0.0 patch pending \n \n Usage Meter 3.3 patch pending \n vCenter Chargeback Manager 2.6 patch pending \n vCenter Converter Standalone 5.5 patch pending \n vCenter Converter Standalone 5.1 patch pending \n vCD (VCHS) 5.6.2 patch pending \n \n vCenter Site Recovery Manager 5.5.1 patch pending \n vCenter Site Recovery Manager 5.1.1 patch pending\n\n vFabric Application Director 5.2.0 patch pending \n vFabric Application Director 5.0.0 patch pending \n View Client 5.3.1 patch pending \n View Client 4.x patch pending\n VIX API 5.5 patch pending \n VIX API 1.12 patch pending \n \n vMA (Management Assistant) 5.1.0.1 patch pending \n \n\n VMware Data Recovery 2.0.3 patch pending \n \n VMware vSphere CLI 5.5 patch pending \n \n vSphere Replication 5.5.1 patch pending \n vSphere Replication 5.6 patch pending \n vSphere SDK for Perl 5.5 patch pending \n vSphere Storage Appliance 5.5.1 patch pending \n vSphere Storage Appliance 5.1.3 patch pending \n vSphere Support Assistant 5.5.1 patch pending \n vSphere Support Assistant 5.5.0 patch pending\n vSphere Virtual Disk 5.5 patch pending \n Development Kit \n vSphere Virtual Disk 5.1 patch pending \n Development Kit\n vSphere Virtual Disk 5.0 patch pending \n Development Kit\n \n 4. Solution\n\n ESXi 5.5\n ----------------------------\n\n Download:\n https://www.vmware.com/patchmgr/download.portal\n\n Release Notes and Remediation Instructions:\n http://kb.vmware.com/kb/2077359\n\n 5. Change Log\n\n 2014-06-10 VMSA-2014-0006\n Initial security advisory in conjunction with the release of\n ESXi 5.5 updates on 2014-06-10\n\n- -----------------------------------------------------------------------\n \n7. Contact\n\n E-mail list for product security notifications and announcements:\n http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\n This Security Advisory is posted to the following lists:\n\n security-announce at lists.vmware.com\n bugtraq at securityfocus.com\n fulldisclosure at seclists.org\n\n E-mail: security at vmware.com\n PGP key at: http://kb.vmware.com/kb/1055\n\n VMware Security Advisories\n http://www.vmware.com/security/advisories\n\n VMware Security Response Policy\n https://www.vmware.com/support/policies/security_response.html\n\n VMware Lifecycle Support Phases\n https://www.vmware.com/support/policies/lifecycle.html\n \n Twitter\n https://twitter.com/VMwareSRC\n\n Copyright 2014 VMware Inc. All rights reserved. \n\nThe attack can only be performed between a vulnerable client *and*\nserver. \n\nThanks to KIKUCHI Masashi (Lepidum Co. Ltd.) for discovering and\nresearching this issue. This issue was reported to OpenSSL on 1st May\n2014 via JPCERT/CC. \n\nThe fix was developed by Stephen Henson of the OpenSSL core team partly based\non an original patch from KIKUCHI Masashi. \n\nDTLS recursion flaw (CVE-2014-0221)\n====================================\n\nBy sending an invalid DTLS handshake to an OpenSSL DTLS client the code\ncan be made to recurse eventually crashing in a DoS attack. \n\nOpenSSL 0.9.8 DTLS users should upgrade to 0.9.8za\nOpenSSL 1.0.0 DTLS users should upgrade to 1.0.0m. \nOpenSSL 1.0.1 DTLS users should upgrade to 1.0.1h. \n\nThanks to Imre Rad (Search-Lab Ltd.) for discovering this issue. This\nissue was reported to OpenSSL on 9th May 2014. \n\nThe fix was developed by Stephen Henson of the OpenSSL core team. \n\nOpenSSL 0.9.8 DTLS users should upgrade to 0.9.8za\nOpenSSL 1.0.0 DTLS users should upgrade to 1.0.0m. \nOpenSSL 1.0.1 DTLS users should upgrade to 1.0.1h. \n\nThanks to J\u00fcri Aedla for reporting this issue. This issue was\nreported to OpenSSL on 23rd April 2014 via HP ZDI. \n\nThe fix was developed by Stephen Henson of the OpenSSL core team. This flaw\nonly affects OpenSSL 1.0.0 and 1.0.1 where SSL_MODE_RELEASE_BUFFERS is\nenabled, which is not the default and not common. \n\nOpenSSL 1.0.0 users should upgrade to 1.0.0m. \nOpenSSL 1.0.1 users should upgrade to 1.0.1h. \n\nThis issue was reported in public. The fix was developed by\nMatt Caswell of the OpenSSL development team. \nThis flaw only affects multithreaded applications using OpenSSL 1.0.0\nand 1.0.1, where SSL_MODE_RELEASE_BUFFERS is enabled, which is not the\ndefault and not common. \n\nOpenSSL 1.0.0 users should upgrade to 1.0.0m. \nOpenSSL 1.0.1 users should upgrade to 1.0.1h. \n\nThis issue was reported in public. \n\nOpenSSL 0.9.8 users should upgrade to 0.9.8za\nOpenSSL 1.0.0 users should upgrade to 1.0.0m. \nOpenSSL 1.0.1 users should upgrade to 1.0.1h. \n\nThanks to Felix Gr\u00f6bert and Ivan Fratri\u0107 at Google for discovering this\nissue. This issue was reported to OpenSSL on 28th May 2014. \n\nThe fix was developed by Stephen Henson of the OpenSSL core team. \n\nOther issues\n============\n\nOpenSSL 1.0.0m and OpenSSL 0.9.8za also contain a fix for\nCVE-2014-0076: Fix for the attack described in the paper \"Recovering\nOpenSSL ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack\"\nReported by Yuval Yarom and Naomi Benger. This issue was previously\nfixed in OpenSSL 1.0.1g. \n\n\nReferences\n==========\n\nURL for this Security Advisory:\nhttp://www.openssl.org/news/secadv_20140605.txt\n\nNote: the online version of the advisory may be updated with additional\ndetails over time. \n\nHP Systems Insight Manager v7.3 Hotfix kit\nHP Systems Insight Manager v7.2 Hotfix kit\n\nhttp://h18013.www1.hp.com/products/servers/management/hpsim/download.html\n\nNOTE: No reboot of the system is required after applying the HP SIM Hotfix\nkit. ============================================================================\nUbuntu Security Notice USN-2192-1\nMay 05, 2014\n\nopenssl vulnerabilities\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 14.04 LTS\n- Ubuntu 13.10\n- Ubuntu 12.10\n- Ubuntu 12.04 LTS\n\nSummary:\n\nOpenSSL could be made to crash if it received specially crafted network\ntraffic. \n(CVE-2010-5298)\n\nIt was discovered that OpenSSL incorrectly handled memory in the\ndo_ssl3_write() function. \n(CVE-2014-0198)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 14.04 LTS:\n libssl1.0.0 1.0.1f-1ubuntu2.1\n\nUbuntu 13.10:\n libssl1.0.0 1.0.1e-3ubuntu1.3\n\nUbuntu 12.10:\n libssl1.0.0 1.0.1c-3ubuntu2.8\n\nUbuntu 12.04 LTS:\n libssl1.0.0 1.0.1-4ubuntu5.13\n\nAfter a standard system update you need to reboot your computer to make all\nthe necessary changes",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-5298"
},
{
"db": "BID",
"id": "66801"
},
{
"db": "VULMON",
"id": "CVE-2010-5298"
},
{
"db": "PACKETSTORM",
"id": "127362"
},
{
"db": "PACKETSTORM",
"id": "127923"
},
{
"db": "PACKETSTORM",
"id": "127807"
},
{
"db": "PACKETSTORM",
"id": "126927"
},
{
"db": "PACKETSTORM",
"id": "130188"
},
{
"db": "PACKETSTORM",
"id": "131044"
},
{
"db": "PACKETSTORM",
"id": "140720"
},
{
"db": "PACKETSTORM",
"id": "127326"
},
{
"db": "PACKETSTORM",
"id": "127045"
},
{
"db": "PACKETSTORM",
"id": "126961"
},
{
"db": "PACKETSTORM",
"id": "128001"
},
{
"db": "PACKETSTORM",
"id": "126481"
},
{
"db": "PACKETSTORM",
"id": "126930"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-5298",
"trust": 2.7
},
{
"db": "JUNIPER",
"id": "JSA10629",
"trust": 1.4
},
{
"db": "BID",
"id": "66801",
"trust": 1.4
},
{
"db": "MCAFEE",
"id": "SB10075",
"trust": 1.4
},
{
"db": "SECUNIA",
"id": "59490",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59666",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59440",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59437",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "58977",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59301",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59450",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59287",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59342",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59721",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59413",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "58337",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59655",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "58713",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59669",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59162",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "58939",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59300",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59438",
"trust": 1.1
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2014/04/13/1",
"trust": 1.1
},
{
"db": "ICS CERT",
"id": "ICSA-14-198-03G",
"trust": 0.4
},
{
"db": "DLINK",
"id": "SAP10045",
"trust": 0.3
},
{
"db": "JUNIPER",
"id": "JSA10643",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-17-094-04",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-14-198-03F",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-14-198-03B",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-14-198-03C",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-14-198-03",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-14-198-03D",
"trust": 0.3
},
{
"db": "MCAFEE",
"id": "SB10071",
"trust": 0.3
},
{
"db": "VULMON",
"id": "CVE-2010-5298",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127362",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127923",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127807",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126927",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "130188",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "131044",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "140720",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127326",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127045",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126961",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128001",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126481",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126930",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2010-5298"
},
{
"db": "BID",
"id": "66801"
},
{
"db": "PACKETSTORM",
"id": "127362"
},
{
"db": "PACKETSTORM",
"id": "127923"
},
{
"db": "PACKETSTORM",
"id": "127807"
},
{
"db": "PACKETSTORM",
"id": "126927"
},
{
"db": "PACKETSTORM",
"id": "130188"
},
{
"db": "PACKETSTORM",
"id": "131044"
},
{
"db": "PACKETSTORM",
"id": "140720"
},
{
"db": "PACKETSTORM",
"id": "127326"
},
{
"db": "PACKETSTORM",
"id": "127045"
},
{
"db": "PACKETSTORM",
"id": "126961"
},
{
"db": "PACKETSTORM",
"id": "128001"
},
{
"db": "PACKETSTORM",
"id": "126481"
},
{
"db": "PACKETSTORM",
"id": "126930"
},
{
"db": "NVD",
"id": "CVE-2010-5298"
}
]
},
"id": "VAR-201404-0008",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.416493127826087
},
"last_update_date": "2024-07-23T20:53:19.246000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2014/07/10/fireeye_patches_os_torpedo_exploitdb_disclosure/"
},
{
"title": "Ubuntu Security Notice: openssl vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-2192-1"
},
{
"title": "Debian Security Advisories: DSA-2908-1 openssl -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=438bf64e25a46a5ac11098b5720d1bb6"
},
{
"title": "Debian CVElist Bug Report Logs: openssl: CVE-2014-0198 Null pointer dereference bug in OpenSSL 1.0.1g and earlier",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=94b6140bb563b66b3bcd98992e854bf3"
},
{
"title": "Debian CVElist Bug Report Logs: openssl: CVE-2014-0076",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=1fc1fc75c3cab4aa04eb437a09a1da4f"
},
{
"title": "Debian CVElist Bug Report Logs: openssl: CVE-2014-0224, CVE-2014-0221, CVE-2014-0195, CVE-2014-0198, CVE-2010-5298, CVE-2014-3470",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=07d14df4883f21063a053cea8d2239c6"
},
{
"title": "Amazon Linux AMI: ALAS-2014-349",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2014-349"
},
{
"title": "Citrix Security Bulletins: Citrix Security Advisory for OpenSSL Vulnerabilities (June 2014)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins\u0026qid=afbd3a710e98424e558b1b21482abad6"
},
{
"title": "Debian CVElist Bug Report Logs: virtualbox: CVE-2014-6588 CVE-2014-6589 CVE-2014-6590 CVE-2014-6595 CVE-2015-0418 CVE-2015-0427",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=eee4d8c3e2b11de5b15ee65d96af6c60"
},
{
"title": "Symantec Security Advisories: SA80 : OpenSSL Security Advisory 05-Jun-2014",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=dd4667746d163d08265dfdd4c98e4201"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - January 2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=4a692d6d60aa31507cb101702b494c51"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/hrbrmstr/internetdb "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2010-5298"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-362",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2010-5298"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.openssl.org/news/secadv_20140605.txt"
},
{
"trust": 1.4,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20140605-openssl"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676035"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677695"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676655"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677828"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676062"
},
{
"trust": 1.4,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10075"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676419"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678167"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21673137"
},
{
"trust": 1.4,
"url": "http://www.fortiguard.com/advisory/fg-ir-14-018/"
},
{
"trust": 1.4,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095757"
},
{
"trust": 1.4,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095756"
},
{
"trust": 1.4,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095755"
},
{
"trust": 1.4,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095754"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683332"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677836"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676879"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676529"
},
{
"trust": 1.4,
"url": "http://support.citrix.com/article/ctx140876"
},
{
"trust": 1.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-5298"
},
{
"trust": 1.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0198"
},
{
"trust": 1.1,
"url": "http://openwall.com/lists/oss-security/2014/04/13/1"
},
{
"trust": 1.1,
"url": "http://svnweb.freebsd.org/ports/head/security/openssl/files/patch-ssl-s3_pkt.c?revision=351191\u0026view=markup"
},
{
"trust": 1.1,
"url": "http://ftp.openbsd.org/pub/openbsd/patches/5.5/common/004_openssl.patch.sig"
},
{
"trust": 1.1,
"url": "http://www.tedunangst.com/flak/post/analysis-of-openssl-freelist-reuse"
},
{
"trust": 1.1,
"url": "https://rt.openssl.org/ticket/display.html?id=3265\u0026user=guest\u0026pass=guest"
},
{
"trust": 1.1,
"url": "http://www.openbsd.org/errata55.html#004_openssl"
},
{
"trust": 1.1,
"url": "https://rt.openssl.org/ticket/display.html?id=2167\u0026user=guest\u0026pass=guest"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/66801"
},
{
"trust": 1.1,
"url": "https://kb.bluecoat.com/index?page=content\u0026id=sa80"
},
{
"trust": 1.1,
"url": "http://www.blackberry.com/btsc/kb36051"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59438"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59301"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59450"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59721"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59655"
},
{
"trust": 1.1,
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59162"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/58939"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59666"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59490"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677527"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59669"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59413"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59300"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59342"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/security/advisories/vmsa-2014-0012.html"
},
{
"trust": 1.1,
"url": "http://seclists.org/fulldisclosure/2014/dec/23"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"trust": 1.1,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2015:062"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140431828824371\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=141658880509699\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140448122410568\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140621259019789\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140544599631400\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140389274407904\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140904544427729\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140389355508263\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140752315422991\u0026w=2"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05301946"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html"
},
{
"trust": 1.1,
"url": "https://www.novell.com/support/kb/doc.php?id=7015271"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676889"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/security/advisories/vmsa-2014-0006.html"
},
{
"trust": 1.1,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2014:090"
},
{
"trust": 1.1,
"url": "http://www.ibm.com/support/docview.wss?uid=swg24037783"
},
{
"trust": 1.1,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21676356"
},
{
"trust": 1.1,
"url": "http://security.gentoo.org/glsa/glsa-201407-05.xml"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59440"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59437"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59287"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/58977"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/58713"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/58337"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-august/136473.html"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-august/136470.html"
},
{
"trust": 1.1,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=kb29195"
},
{
"trust": 1.1,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10629"
},
{
"trust": 1.1,
"url": "http://advisories.mageia.org/mgasa-2014-0187.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
},
{
"trust": 1.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0224"
},
{
"trust": 1.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0221"
},
{
"trust": 1.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3470"
},
{
"trust": 1.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0195"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0076"
},
{
"trust": 0.4,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-198-03g"
},
{
"trust": 0.4,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05301946"
},
{
"trust": 0.4,
"url": "https://rhn.redhat.com/errata/rhsa-2014-0625.html"
},
{
"trust": 0.4,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/"
},
{
"trust": 0.4,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
},
{
"trust": 0.4,
"url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
},
{
"trust": 0.3,
"url": "http://securityadvisories.dlink.com/security/publication.aspx?name=sap10045"
},
{
"trust": 0.3,
"url": "http://seclists.org/oss-sec/2014/q2/102"
},
{
"trust": 0.3,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10629\u0026cat=sirt_1\u0026actp=list\u0026showdraft=false"
},
{
"trust": 0.3,
"url": "http://blogs.citrix.com/2014/06/06/citrix-security-advisory-for-openssl-vulnerabilities-june-2014/"
},
{
"trust": 0.3,
"url": "https://blogs.oracle.com/sunsecurity/entry/cve_2010_5298_race_conditions"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2014/aug/att-93/esa-2014-079.txt"
},
{
"trust": 0.3,
"url": "http://www.freebsd.org/security/advisories/freebsd-sa-14:09.openssl.asc"
},
{
"trust": 0.3,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10643\u0026cat=sirt_1\u0026actp=list"
},
{
"trust": 0.3,
"url": "http://www.openssl.org"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100181245"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21686583"
},
{
"trust": 0.3,
"url": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15328.html"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100181099"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100180978"
},
{
"trust": 0.3,
"url": "http://ics-cert.us-cert.gov/advisories/icsa-14-198-03"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-198-03d"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-094-04"
},
{
"trust": 0.3,
"url": "http://btsc.webapps.blackberry.com/btsc/viewdocument.do;jsessionid=98ec479ee69ccb916d2ea4b09943faf5?nocount=true\u0026externalid=kb36051\u0026sliceid=1\u0026cmd=\u0026forward=nonthreadedkc\u0026command=show\u0026kcid=kb36051\u0026viewe"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04355095"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04368264"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04347622"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04345210"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04349175"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04349789"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04349897"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04378799"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04379485"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21678356"
},
{
"trust": 0.3,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095940"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1004830"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21676889"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676041"
},
{
"trust": 0.3,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10071"
},
{
"trust": 0.3,
"url": "https://www.xerox.com/download/security/security-bulletin/29a7e-50e49f9c009f9/cert_security_mini_bulletin_xrx14g_for_77xx_v1.1.pdf"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=nas8n1020200"
},
{
"trust": 0.3,
"url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory8.asc"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676356"
},
{
"trust": 0.3,
"url": "http://forums.alienvault.com/discussion/3054/security-advisory-alienvault-v4-10-0-addresses-several-vulnerabilities"
},
{
"trust": 0.3,
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/archive/hw-345106.htm"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1021009"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678104"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682025"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21690128"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=ssg1s1004695"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-198-03b"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-198-03c"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-198-03f"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1020976"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1020952"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1007987"
},
{
"trust": 0.3,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10629\u0026cat=sirt_1\u0026actp=list"
},
{
"trust": 0.2,
"url": "http://www.hp.com/swpublishing/mtx-bd9a1cf60e344c549c4888db93"
},
{
"trust": 0.2,
"url": "http://www.hp.com/swpublishing/mtx-3395d737d98f42149125b9bb05"
},
{
"trust": 0.2,
"url": "http://www.hp.com/swpublishing/mtx-e8076c2a35804685ad65b2b1ba"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0224.html"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/site/articles/11258"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0198.html"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/site/articles/904433"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2010-5298.html"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.2,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2014-3470.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0221.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0195.html"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-5298"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0224"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3470"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0198"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3566"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/362.html"
},
{
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2010-5298"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=33860"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/2192-1/"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-511c3e0b2f6f4f6bbc796fc619"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-3a7aa5e233904ebe847a5e1555"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-d775367b0a28449ca05660778b"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4618"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2520"
},
{
"trust": 0.1,
"url": "https://support.emc.com/downloads/2732_documentum-server"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2521"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_n"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-f6c141a7feeb4a358bbb28300f"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-c0d32bac154a4d93839d8cd1f2"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-8aefeaf490284a7691eca97d13"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/site/solutions/905793"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1796"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-6549"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0064"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1774"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1899"
},
{
"trust": 0.1,
"url": "http://web.nvd.nist.gov/view/vuln/search"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1798"
},
{
"trust": 0.1,
"url": "https://support.emc.com/products/28224_unisphere-central"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0160"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2137"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0311"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1792"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0914"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0349"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0020"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1848"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0268"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov)"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0216"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1767"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3389"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1860"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-6085"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0231"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5885"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0913"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1797"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-5107"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/home.cfm."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-6548"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1772"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0289"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0288"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0287"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0209"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0195"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0160"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3571"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3566"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0287"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0160"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0286"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3513"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8275"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3572"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0209"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0289"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/en/support/security/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3513"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0204"
},
{
"trust": 0.1,
"url": "http://openssl.org/news/secadv_20150319.txt"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3570"
},
{
"trust": 0.1,
"url": "http://openssl.org/news/secadv_20150108.txt"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0204"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/en/support/security/advisories/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3571"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0221"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0076"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0288"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0206"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0205"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0293"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3570"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0205"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8275"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3572"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3569"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0286"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3569"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0293"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0206"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/support/security_bulletin_archive"
},
{
"trust": 0.1,
"url": "https://www.hpe.com/info/report-security-vulnerability"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c01345499"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0705"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/support/subscriber_choice"
},
{
"trust": 0.1,
"url": "http://h17007.www1.hp.com/us/en/enterprise/servers/products/service_pack/hpsu"
},
{
"trust": 0.1,
"url": "https://twitter.com/vmwaresrc"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security/advisories"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1055"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/2077359"
},
{
"trust": 0.1,
"url": "https://www.vmware.com/support/policies/lifecycle.html"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "https://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "https://www.vmware.com/patchmgr/download.portal"
},
{
"trust": 0.1,
"url": "http://h18013.www1.hp.com/products/servers/management/hpsim/download.html"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_n"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_"
},
{
"trust": 0.1,
"url": "http://h17007.www1.hp.com/us/en/enterprise/servers/solutions/info-library/ind"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu2.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1-4ubuntu5.13"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1e-3ubuntu1.3"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1c-3ubuntu2.8"
},
{
"trust": 0.1,
"url": "http://www.ubuntu.com/usn/usn-2192-1"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/site/solutions/906703"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2014-0628.html"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2010-5298"
},
{
"db": "BID",
"id": "66801"
},
{
"db": "PACKETSTORM",
"id": "127362"
},
{
"db": "PACKETSTORM",
"id": "127923"
},
{
"db": "PACKETSTORM",
"id": "127807"
},
{
"db": "PACKETSTORM",
"id": "126927"
},
{
"db": "PACKETSTORM",
"id": "130188"
},
{
"db": "PACKETSTORM",
"id": "131044"
},
{
"db": "PACKETSTORM",
"id": "140720"
},
{
"db": "PACKETSTORM",
"id": "127326"
},
{
"db": "PACKETSTORM",
"id": "127045"
},
{
"db": "PACKETSTORM",
"id": "126961"
},
{
"db": "PACKETSTORM",
"id": "128001"
},
{
"db": "PACKETSTORM",
"id": "126481"
},
{
"db": "PACKETSTORM",
"id": "126930"
},
{
"db": "NVD",
"id": "CVE-2010-5298"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2010-5298"
},
{
"db": "BID",
"id": "66801"
},
{
"db": "PACKETSTORM",
"id": "127362"
},
{
"db": "PACKETSTORM",
"id": "127923"
},
{
"db": "PACKETSTORM",
"id": "127807"
},
{
"db": "PACKETSTORM",
"id": "126927"
},
{
"db": "PACKETSTORM",
"id": "130188"
},
{
"db": "PACKETSTORM",
"id": "131044"
},
{
"db": "PACKETSTORM",
"id": "140720"
},
{
"db": "PACKETSTORM",
"id": "127326"
},
{
"db": "PACKETSTORM",
"id": "127045"
},
{
"db": "PACKETSTORM",
"id": "126961"
},
{
"db": "PACKETSTORM",
"id": "128001"
},
{
"db": "PACKETSTORM",
"id": "126481"
},
{
"db": "PACKETSTORM",
"id": "126930"
},
{
"db": "NVD",
"id": "CVE-2010-5298"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-04-14T00:00:00",
"db": "VULMON",
"id": "CVE-2010-5298"
},
{
"date": "2014-04-13T00:00:00",
"db": "BID",
"id": "66801"
},
{
"date": "2014-07-06T18:53:39",
"db": "PACKETSTORM",
"id": "127362"
},
{
"date": "2014-08-19T16:52:04",
"db": "PACKETSTORM",
"id": "127923"
},
{
"date": "2014-08-08T21:53:16",
"db": "PACKETSTORM",
"id": "127807"
},
{
"date": "2014-06-05T15:17:27",
"db": "PACKETSTORM",
"id": "126927"
},
{
"date": "2015-01-30T22:43:20",
"db": "PACKETSTORM",
"id": "130188"
},
{
"date": "2015-03-27T20:42:44",
"db": "PACKETSTORM",
"id": "131044"
},
{
"date": "2017-01-25T21:54:44",
"db": "PACKETSTORM",
"id": "140720"
},
{
"date": "2014-07-02T21:43:37",
"db": "PACKETSTORM",
"id": "127326"
},
{
"date": "2014-06-11T23:18:46",
"db": "PACKETSTORM",
"id": "127045"
},
{
"date": "2014-06-05T21:13:52",
"db": "PACKETSTORM",
"id": "126961"
},
{
"date": "2014-08-26T11:11:00",
"db": "PACKETSTORM",
"id": "128001"
},
{
"date": "2014-05-05T17:16:01",
"db": "PACKETSTORM",
"id": "126481"
},
{
"date": "2014-06-05T15:19:35",
"db": "PACKETSTORM",
"id": "126930"
},
{
"date": "2014-04-14T22:38:08.590000",
"db": "NVD",
"id": "CVE-2010-5298"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-08-29T00:00:00",
"db": "VULMON",
"id": "CVE-2010-5298"
},
{
"date": "2017-05-23T16:24:00",
"db": "BID",
"id": "66801"
},
{
"date": "2022-08-29T20:53:02.917000",
"db": "NVD",
"id": "CVE-2010-5298"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "66801"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL \u0027ssl3_release_read_buffer()\u0027 Use-After-Free Memory Corruption Vulnerability",
"sources": [
{
"db": "BID",
"id": "66801"
}
],
"trust": 0.3
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "66801"
}
],
"trust": 0.3
}
}
VAR-201605-0079
Vulnerability from variot - Updated: 2024-07-23 20:50The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in the ASN.1 BIO implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (memory consumption) via a short invalid encoding. OpenSSL is prone to a local denial-of-service vulnerability. An attacker may exploit this issue to crash the application or consume excessive amount of data, resulting in denial-of-service conditions. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03756en_us
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: hpesbhf03756en_us Version: 1
HPESBHF03756 rev.1 - HPE Network Products including Comware 7, iMC, and VCX running OpenSSL, Remote Denial of Service (DoS), Disclosure of Sensitive Information
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2017-06-05 Last Updated: 2017-06-05
Potential Security Impact: Remote: Denial of Service (DoS), Disclosure of Sensitive Information
Source: Hewlett Packard Enterprise, Product Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities with OpenSSL have been addressed for HPE network products including Comware 7, iMC, and VCX. The vulnerabilities could be remotely exploited resulting in Denial of Service (DoS) or disclosure of sensitive information.
References:
- CVE-2016-2105 - Remote Denial of Service (DoS)
- CVE-2016-2106 - Remote Denial of Service (DoS)
- CVE-2016-2107 - Remote disclosure of sensitive information
- CVE-2016-2108 - Remote Denial of Service (DoS)
- CVE-2016-2109 - Remote Denial of Service (DoS)
- CVE-2016-2176 - Remote Denial of Service (DoS)
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
- VCX Products All versions - Please refer to the RESOLUTION below for a list of updated products.
- Comware v7 (CW7) Products All versions - Please refer to the RESOLUTION below for a list of updated products.
- HP Intelligent Management Center (iMC) All versions - Please refer to the RESOLUTION below for a list of updated products.
BACKGROUND
CVSS Base Metrics ================= Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector
CVE-2016-2105
5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVE-2016-2106
5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVE-2016-2107
3.7 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
2.6 (AV:N/AC:H/Au:N/C:P/I:N/A:N)
CVE-2016-2108
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2016-2109
7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.8 (AV:N/AC:L/Au:N/C:N/I:N/A:C)
CVE-2016-2176
6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
6.4 (AV:N/AC:L/Au:N/C:P/I:N/A:P)
Information on CVSS is documented in
HPE Customer Notice HPSN-2008-002 here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499
RESOLUTION
HPE has made the following software updates available to resolve the vulnerabilities in the Comware 7, iMC and VCX products running OpenSSL.
COMWARE 7 Products
- 12500 (Comware 7) - Version: R7377P02
- HP Network Products
- JC072B HP 12500 Main Processing Unit
- JC085A HP A12518 Switch Chassis
- JC086A HP A12508 Switch Chassis
- JC652A HP 12508 DC Switch Chassis
- JC653A HP 12518 DC Switch Chassis
- JC654A HP 12504 AC Switch Chassis
- JC655A HP 12504 DC Switch Chassis
- JF430A HP A12518 Switch Chassis
- JF430B HP 12518 Switch Chassis
- JF430C HP 12518 AC Switch Chassis
- JF431A HP A12508 Switch Chassis
- JF431B HP 12508 Switch Chassis
- JF431C HP 12508 AC Switch Chassis
- JG497A HP 12500 MPU w/Comware V7 OS
- JG782A HP FF 12508E AC Switch Chassis
- JG783A HP FF 12508E DC Switch Chassis
- JG784A HP FF 12518E AC Switch Chassis
- JG785A HP FF 12518E DC Switch Chassis
- JG802A HP FF 12500E MPU
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 10500 (Comware 7) - Version: R7184
- HP Network Products
- JC611A HP 10508-V Switch Chassis
- JC612A HP 10508 Switch Chassis
- JC613A HP 10504 Switch Chassis
- JC748A HP 10512 Switch Chassis
- JG608A HP FlexFabric 11908-V Switch Chassis
- JG609A HP FlexFabric 11900 Main Processing Unit
- JG820A HP 10504 TAA Switch Chassis
- JG821A HP 10508 TAA Switch Chassis
- JG822A HP 10508-V TAA Switch Chassis
- JG823A HP 10512 TAA Switch Chassis
- JG496A HP 10500 Type A MPU w/Comware v7 OS
- JH198A HP 10500 Type D Main Processing Unit with Comware v7 Operating System
- JH206A HP 10500 Type D TAA-compliant with Comware v7 Operating System Main Processing Unit
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 5900/5920 (Comware 7) - Version: R2422P02
- HP Network Products
- JC772A HP 5900AF-48XG-4QSFP+ Switch
- JG296A HP 5920AF-24XG Switch
- JG336A HP 5900AF-48XGT-4QSFP+ Switch
- JG510A HP 5900AF-48G-4XG-2QSFP+ Switch
- JG554A HP 5900AF-48XG-4QSFP+ TAA Switch
- JG555A HP 5920AF-24XG TAA Switch
- JG838A HP FF 5900CP-48XG-4QSFP+ Switch
- JH036A HP FlexFabric 5900CP 48XG 4QSFP+ TAA-Compliant
- JH037A HP 5900AF 48XGT 4QSFP+ TAA-Compliant Switch
- JH038A HP 5900AF 48G 4XG 2QSFP+ TAA-Compliant
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- MSR1000 (Comware 7) - Version: R0306P52
- HP Network Products
- JG875A HP MSR1002-4 AC Router
- JH060A HP MSR1003-8S AC Router
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- MSR2000 (Comware 7) - Version: R0306P52
- HP Network Products
- JG411A HP MSR2003 AC Router
- JG734A HP MSR2004-24 AC Router
- JG735A HP MSR2004-48 Router
- JG866A HP MSR2003 TAA-compliant AC Router
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- MSR3000 (Comware 7) - Version: R0306P52
- HP Network Products
- JG404A HP MSR3064 Router
- JG405A HP MSR3044 Router
- JG406A HP MSR3024 AC Router
- JG407A HP MSR3024 DC Router
- JG408A HP MSR3024 PoE Router
- JG409A HP MSR3012 AC Router
- JG410A HP MSR3012 DC Router
- JG861A HP MSR3024 TAA-compliant AC Router
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- MSR4000 (Comware 7) - Version: R0306P52
- HP Network Products
- JG402A HP MSR4080 Router Chassis
- JG403A HP MSR4060 Router Chassis
- JG412A HP MSR4000 MPU-100 Main Processing Unit
- JG869A HP MSR4000 TAA-compliant MPU-100 Main Processing Unit
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- VSR (Comware 7) - Version: E0324
- HP Network Products
- JG810AAE HP VSR1001 Virtual Services Router 60 Day Evaluation Software
- JG811AAE HP VSR1001 Comware 7 Virtual Services Router
- JG812AAE HP VSR1004 Comware 7 Virtual Services Router
- JG813AAE HP VSR1008 Comware 7 Virtual Services Router
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 7900 (Comware 7) - Version: R2152
- HP Network Products
- JG682A HP FlexFabric 7904 Switch Chassis
- JG841A HP FlexFabric 7910 Switch Chassis
- JG842A HP FlexFabric 7910 7.2Tbps Fabric / Main Processing Unit
- JH001A HP FlexFabric 7910 2.4Tbps Fabric / Main Processing Unit
- JH122A HP FlexFabric 7904 TAA-compliant Switch Chassis
- JH123A HP FlexFabric 7910 TAA-compliant Switch Chassis
- JH124A HP FlexFabric 7910 7.2Tbps TAA-compliant Fabric/Main Processing Unit
- JH125A HP FlexFabric 7910 2.4Tbps TAA-compliant Fabric/Main Processing Unit
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 5130 (Comware 7) - Version: R3115
- HP Network Products
- JG932A HP 5130-24G-4SFP+ EI Switch
- JG933A HP 5130-24G-SFP-4SFP+ EI Switch
- JG934A HP 5130-48G-4SFP+ EI Switch
- JG936A HP 5130-24G-PoE+-4SFP+ (370W) EI Switch
- JG937A HP 5130-48G-PoE+-4SFP+ (370W) EI Switch
- JG938A HP 5130-24G-2SFP+-2XGT EI Switch
- JG939A HP 5130-48G-2SFP+-2XGT EI Switch
- JG940A HP 5130-24G-PoE+-2SFP+-2XGT (370W) EI Switch
- JG941A HP 5130-48G-PoE+-2SFP+-2XGT (370W) EI Switch
- JG975A HP 5130-24G-4SFP+ EI Brazil Switch
- JG976A HP 5130-48G-4SFP+ EI Brazil Switch
- JG977A HP 5130-24G-PoE+-4SFP+ (370W) EI Brazil Switch
- JG978A HP 5130-48G-PoE+-4SFP+ (370W) EI Brazil Switch
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 6125XLG - Version: R2422P02
- HP Network Products
- 711307-B21 HP 6125XLG Blade Switch
- 737230-B21 HP 6125XLG Blade Switch with TAA
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 6127XLG - Version: R2422P02
- HP Network Products
- 787635-B21 HP 6127XLG Blade Switch Opt Kit
- 787635-B22 HP 6127XLG Blade Switch with TAA
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- Moonshot - Version: R2432
- HP Network Products
- 786617-B21 - HP Moonshot-45Gc Switch Module
- 704654-B21 - HP Moonshot-45XGc Switch Module
- 786619-B21 - HP Moonshot-180XGc Switch Module
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 5700 (Comware 7) - Version: R2422P02
- HP Network Products
- JG894A HP FlexFabric 5700-48G-4XG-2QSFP+ Switch
- JG895A HP FlexFabric 5700-48G-4XG-2QSFP+ TAA-compliant Switch
- JG896A HP FlexFabric 5700-40XG-2QSFP+ Switch
- JG897A HP FlexFabric 5700-40XG-2QSFP+ TAA-compliant Switch
- JG898A HP FlexFabric 5700-32XGT-8XG-2QSFP+ Switch
- JG899A HP FlexFabric 5700-32XGT-8XG-2QSFP+ TAA-compliant Switch
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 5930 (Comware 7) - Version: R2422P02
- HP Network Products
- JG726A HP FlexFabric 5930 32QSFP+ Switch
- JG727A HP FlexFabric 5930 32QSFP+ TAA-compliant Switch
- JH178A HP FlexFabric 5930 2QSFP+ 2-slot Switch
- JH179A HP FlexFabric 5930 4-slot Switch
- JH187A HP FlexFabric 5930 2QSFP+ 2-slot TAA-compliant Switch
- JH188A HP FlexFabric 5930 4-slot TAA-compliant Switch
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 1950 (Comware 7) - Version: R3115
- HP Network Products
- JG960A HP 1950-24G-4XG Switch
- JG961A HP 1950-48G-2SFP+-2XGT Switch
- JG962A HP 1950-24G-2SFP+-2XGT-PoE+(370W) Switch
- JG963A HP 1950-48G-2SFP+-2XGT-PoE+(370W) Switch
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 7500 (Comware 7) - Version: R7184
- HP Network Products
- JD238C HP 7510 Switch Chassis
- JD239C HP 7506 Switch Chassis
- JD240C HP 7503 Switch Chassis
- JD242C HP 7502 Switch Chassis
- JH207A HP 7500 1.2Tbps Fabric with 2-port 40GbE QSFP+ for IRF-Only Main Processing Unit
- JH208A HP 7502 Main Processing Unit
- JH209A HP 7500 2.4Tbps Fabric with 8-port 1/10GbE SFP+ and 2-port 40GbE QSFP+ Main Processing Unit
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 5510HI (Comware 7) - Version: R1120P10
- HP Network Products
- JH145A HPE 5510 24G 4SFP+ HI 1-slot Switch
- JH146A HPE 5510 48G 4SFP+ HI 1-slot Switch
- JH147A HPE 5510 24G PoE+ 4SFP+ HI 1-slot Switch
- JH148A HPE 5510 48G PoE+ 4SFP+ HI 1-slot Switch
- JH149A HPE 5510 24G SFP 4SFP+ HI 1-slot Switch
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 5130HI (Comware 7) - Version: R1120P10
- HP Network Products
- JH323A HPE 5130 24G 4SFP+ 1-slot HI Switch
- JH324A HPE 5130 48G 4SFP+ 1-slot HI Switch
- JH325A HPE 5130 24G PoE+ 4SFP+ 1-slot HI Switch
- JH326A HPE 5130 48G PoE+ 4SFP+ 1-slot HI Switch
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 5940 - Version: R2509
- HP Network Products
- JH390A HPE FlexFabric 5940 48SFP+ 6QSFP28 Switch
- JH391A HPE FlexFabric 5940 48XGT 6QSFP28 Switch
- JH394A HPE FlexFabric 5940 48XGT 6QSFP+ Switch
- JH395A HPE FlexFabric 5940 48SFP+ 6QSFP+ Switch
- JH396A HPE FlexFabric 5940 32QSFP+ Switch
- JH397A HPE FlexFabric 5940 2-slot Switch
- JH398A HPE FlexFabric 5940 4-slot Switch
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 5950 - Version: R6123
- HP Network Products
- JH321A HPE FlexFabric 5950 32QSFP28 Switch
- JH402A HPE FlexFabric 5950 48SFP28 8QSFP28 Switch
- JH404A HPE FlexFabric 5950 4-slot Switch
- 12900E (Comware 7) - Version: R2609
- HP Network Products
- JG619A HP FlexFabric 12910 Switch AC Chassis
- JG621A HP FlexFabric 12910 Main Processing Unit
- JG632A HP FlexFabric 12916 Switch AC Chassis
- JG634A HP FlexFabric 12916 Main Processing Unit
- JH104A HP FlexFabric 12900E Main Processing Unit
- JH114A HP FlexFabric 12910 TAA-compliant Main Processing Unit
- JH263A HP FlexFabric 12904E Main Processing Unit
- JH255A HP FlexFabric 12908E Switch Chassis
- JH262A HP FlexFabric 12904E Switch Chassis
- JH113A HP FlexFabric 12910 TAA-compliant Switch AC Chassis
- JH103A HP FlexFabric 12916E Switch Chassis
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
iMC Products
- iNode PC 7.2 (E0410) - Version: 7.2 E0410
- HP Network Products
- JD144A HP A-IMC User Access Management Software Module with 200-user License
- JD147A HP IMC Endpoint Admission Defense Software Module with 200-user License
- JD435A HP A-IMC Endpoint Admission Defense Client Software
- JF388A HP IMC User Authentication Management Software Module with 200-user License
- JF388AAE HP IMC User Authentication Management Software Module with 200-user E-LTU
- JF391A HP IMC Endpoint Admission Defense Software Module with 200-user License
- JF391AAE HP IMC Endpoint Admission Defense Software Module with 200-user E-LTU
- JG752AAE HP IMC User Access Manager Software Module with 50-user E-LTU
- JG754AAE) HP IMC Endpoint Admission Defense Software Module with 50-user E-LTU
- CVEs
- CVE-2016-2106
- CVE-2016-2109
- CVE-2016-2176
- iMC UAM_TAM 7.2-E0409 - Version: 7.2 E0409
- HP Network Products
- JF388A HP IMC UAM S/W MODULE W/200-USER LICENSE
- JF388AAE HP IMC UAM S/W MODULE W/200-USER E-LTU
- JG752AAE HP IMC UAM SW MOD W/ 50-USER E-LTU
- JG483A HP IMC TAM S/W MODULE W/100-NODE LIC
- JG483AAE HP IMC TAM S/W MODULE W/100-NODE E-LTU
- JG764AAE HP IMC TAM SW MOD W/ 50-NODE E-LTU
- CVEs
- CVE-2016-2106
- CVE-2016-2109
- CVE-2016-2176
VCX Products
- VCX - Version: 9.8.19
- HP Network Products
- J9672A HP VCX V7205 Platform w/ DL360 G7 Srvr
- J9668A HP VCX IPC V7005 Pltfrm w/ DL120 G6 Srvr
- JC517A HP VCX V7205 Platform w/DL 360 G6 Server
- JE355A HP VCX V6000 Branch Platform 9.0
- JC516A HP VCX V7005 Platform w/DL 120 G6 Server
- JC518A HP VCX Connect 200 Primry 120 G6 Server
- J9669A HP VCX IPC V7310 Pltfrm w/ DL360 G7 Srvr
- JE341A HP VCX Connect 100 Secondary
- JE252A HP VCX Connect Primary MIM Module
- JE253A HP VCX Connect Secondary MIM Module
- JE254A HP VCX Branch MIM Module
- JE355A HP VCX V6000 Branch Platform 9.0
- JD028A HP MS30-40 RTR w/VCX + T1/FXO/FXS/Mod
- JD023A HP MSR30-40 Router with VCX MIM Module
- JD024A HP MSR30-16 RTR w/VCX Ent Br Com MIM
- JD025A HP MSR30-16 RTR w/VCX + 4FXO/2FXS Mod
- JD026A HP MSR30-16 RTR w/VCX + 8FXO/4FXS Mod
- JD027A HP MSR30-16 RTR w/VCX + 8BRI/4FXS Mod
- JD029A HP MSR30-16 RTR w/VCX + E1/4BRI/4FXS
- JE340A HP VCX Connect 100 Pri Server 9.0
- JE342A HP VCX Connect 100 Sec Server 9.0
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
Note: Please contact HPE Technical Support if any assistance is needed acquiring the software updates.
HISTORY Version:1 (rev.1) - 2 June 2017 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running Hewlett Packard Enterprise (HPE) software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HPE Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hpe.com.
Report: To report a potential security vulnerability for any HPE supported product: Web form: https://www.hpe.com/info/report-security-vulnerability Email: security-alert@hpe.com
Subscribe: To initiate a subscription to receive future HPE Security Bulletin alerts via Email: http://www.hpe.com/support/Subscriber_Choice
Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://www.hpe.com/support/Security_Bulletin_Archive
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HPE General Software HF = HPE Hardware and Firmware MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PV = ProCurve ST = Storage Software UX = HP-UX
Copyright 2016 Hewlett Packard Enterprise
Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett Packard Enterprise and the names of Hewlett Packard Enterprise products referenced herein are trademarks of Hewlett Packard Enterprise in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. Corrected: 2016-05-03 18:54:20 UTC (stable/10, 10.3-STABLE) 2016-05-04 15:25:47 UTC (releng/10.3, 10.3-RELEASE-p2) 2016-05-04 15:26:23 UTC (releng/10.2, 10.2-RELEASE-p16) 2016-05-04 15:27:09 UTC (releng/10.1, 10.1-RELEASE-p33) 2016-05-04 06:53:02 UTC (stable/9, 9.3-STABLE) 2016-05-04 15:27:09 UTC (releng/9.3, 9.3-RELEASE-p41) CVE Name: CVE-2016-2105, CVE-2016-2106, CVE-2016-2107, CVE-2016-2109, CVE-2016-2176
For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . Background
FreeBSD includes software from the OpenSSL Project.
II. Problem Description
The padding check in AES-NI CBC MAC was rewritten to be in constant time by making sure that always the same bytes are read and compared against either the MAC or padding bytes. But it no longer checked that there was enough data to have both the MAC and padding bytes. [CVE-2016-2107]
An overflow can occur in the EVP_EncodeUpdate() function which is used for Base64 encoding of binary data. [CVE-2016-2105]
An overflow can occur in the EVP_EncryptUpdate() function, however it is believed that there can be no overflows in internal code due to this problem. [CVE-2016-2109]
ASN1 Strings that are over 1024 bytes can cause an overread in applications using the X509_NAME_oneline() function on EBCDIC systems. [CVE-2016-2176] FreeBSD does not run on any EBCDIC systems and therefore is not affected.
III. [CVE-2016-2109] TLS applications are not affected.
IV. Workaround
No workaround is available.
V. Solution
Perform one of the following:
1) Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date.
Restart all daemons that use the library, or reboot the system.
2) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility:
freebsd-update fetch
freebsd-update install
Restart all daemons that use the library, or reboot the system.
3) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to the applicable FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.
[FreeBSD 10.x]
fetch https://security.FreeBSD.org/patches/SA-16:17/openssl-10.patch
fetch https://security.FreeBSD.org/patches/SA-16:17/openssl-10.patch.asc
gpg --verify openssl-10.patch.asc
[FreeBSD 9.3]
fetch https://security.FreeBSD.org/patches/SA-16:17/openssl-9.patc
fetch https://security.FreeBSD.org/patches/SA-16:17/openssl-9.patch.asc
gpg --verify openssl-9.patch.asc
b) Apply the patch. Execute the following commands as root:
cd /usr/src
patch < /path/to/patch
c) Recompile the operating system using buildworld and installworld as described in .
Restart all daemons that use the library, or reboot the system.
VI. Correction details
The following list contains the correction revision numbers for each affected branch.
Branch/path Revision
stable/9/ r299053 releng/9.3/ r299068 stable/10/ r298999 releng/10.1/ r299068 releng/10.2/ r299067 releng/10.3/ r299066
To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed:
svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
VII.
Gentoo Linux Security Advisory GLSA 201612-16
https://security.gentoo.org/
Severity: Normal Title: OpenSSL: Multiple vulnerabilities Date: December 07, 2016 Bugs: #581234, #585142, #585276, #591454, #592068, #592074, #592082, #594500, #595186 ID: 201612-16
Synopsis
Multiple vulnerabilities have been found in OpenSSL, the worst of which allows attackers to conduct a time based side-channel attack.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-libs/openssl < 1.0.2j >= 1.0.2j
Description
Multiple vulnerabilities have been discovered in OpenSSL. Please review the CVE identifiers and the International Association for Cryptologic Research's (IACR) paper, "Make Sure DSA Signing Exponentiations Really are Constant-Time" for further details. Additionally, a time based side-channel attack may allow a local attacker to recover a private DSA key.
Resolution
All OpenSSL users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/openssl-1.0.2j"
References
[ 1 ] CVE-2016-2105 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2105 [ 2 ] CVE-2016-2106 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2106 [ 3 ] CVE-2016-2107 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2107 [ 4 ] CVE-2016-2108 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2108 [ 5 ] CVE-2016-2109 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2109 [ 6 ] CVE-2016-2176 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2176 [ 7 ] CVE-2016-2177 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2177 [ 8 ] CVE-2016-2178 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2178 [ 9 ] CVE-2016-2180 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2180 [ 10 ] CVE-2016-2183 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2183 [ 11 ] CVE-2016-6304 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6304 [ 12 ] CVE-2016-6305 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6305 [ 13 ] CVE-2016-6306 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6306 [ 14 ] CVE-2016-7052 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7052 [ 15 ] Make Sure DSA Signing Exponentiations Really are Constant-Time http://eprint.iacr.org/2016/594.pdf
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201612-16
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
.
Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patches/packages/openssl-1.0.1t-i486-1_slack14.1.txz: Upgraded. +--------------------------+
Where to find the new packages: +-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.
Updated packages for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-1.0.1t-i486-1_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-solibs-1.0.1t-i486-1_slack14.0.txz
Updated packages for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-1.0.1t-x86_64-1_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-solibs-1.0.1t-x86_64-1_slack14.0.txz
Updated packages for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-1.0.1t-i486-1_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-solibs-1.0.1t-i486-1_slack14.1.txz
Updated packages for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-1.0.1t-x86_64-1_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-solibs-1.0.1t-x86_64-1_slack14.1.txz
Updated packages for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-1.0.2h-i586-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-1.0.2h-i586-1.txz
Updated packages for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/openssl-solibs-1.0.2h-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssl-1.0.2h-x86_64-1.txz
MD5 signatures: +-------------+
Slackware 14.0 packages: 033bd9509aeb07712e6bb3adf89c18e4 openssl-1.0.1t-i486-1_slack14.0.txz 9e91d781e33f7af80cbad08b245e84ed openssl-solibs-1.0.1t-i486-1_slack14.0.txz
Slackware x86_64 14.0 packages: e5c77ec16e3f2fcb2f1d53d84a6ba951 openssl-1.0.1t-x86_64-1_slack14.0.txz 2de7b6196a905233036d7f38008984bd openssl-solibs-1.0.1t-x86_64-1_slack14.0.txz
Slackware 14.1 packages: 96dcae05ae2f585c30de852a55eb870f openssl-1.0.1t-i486-1_slack14.1.txz 59618b061e62fd9d73ba17df7626b2e7 openssl-solibs-1.0.1t-i486-1_slack14.1.txz
Slackware x86_64 14.1 packages: 3d5ebfce099917703d537ab603e58a9b openssl-1.0.1t-x86_64-1_slack14.1.txz bf3a6bbdbe835dd2ce73333822cc9f06 openssl-solibs-1.0.1t-x86_64-1_slack14.1.txz
Slackware -current packages: 4889a10c5f3aa7104167c7d50eedf7ea a/openssl-solibs-1.0.2h-i586-1.txz 8e3439f35c3cb4e11ca64eebb238a52f n/openssl-1.0.2h-i586-1.txz
Slackware x86_64 -current packages: b4a852bb7e86389ec228288ccb7e79bb a/openssl-solibs-1.0.2h-x86_64-1.txz bcf9dc7bb04173f002644e3ce33ab4ab n/openssl-1.0.2h-x86_64-1.txz
Installation instructions: +------------------------+
Upgrade the packages as root:
upgradepkg openssl-1.0.1t-i486-1_slack14.1.txz openssl-solibs-1.0.1t-i486-1_slack14.1.txz
Then, reboot the machine or restart any network services that use OpenSSL.
+-----+
Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com
+------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: openssl security update Advisory ID: RHSA-2016:0996-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-0996.html Issue date: 2016-05-10 CVE Names: CVE-2016-0799 CVE-2016-2105 CVE-2016-2106 CVE-2016-2107 CVE-2016-2108 CVE-2016-2109 CVE-2016-2842 =====================================================================
- Summary:
An update for openssl is now available for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64
- Description:
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.
Security Fix(es):
-
A flaw was found in the way OpenSSL encoded certain ASN.1 data structures. An attacker could use this flaw to create a specially crafted certificate which, when verified or re-encoded by OpenSSL, could cause it to crash, or execute arbitrary code using the permissions of the user running an application compiled against the OpenSSL library. (CVE-2016-2108)
-
Two integer overflow flaws, leading to buffer overflows, were found in the way the EVP_EncodeUpdate() and EVP_EncryptUpdate() functions of OpenSSL parsed very large amounts of input data. A remote attacker could use these flaws to crash an application using OpenSSL or, possibly, execute arbitrary code with the permissions of the user running that application. (CVE-2016-2105, CVE-2016-2106)
-
It was discovered that OpenSSL leaked timing information when decrypting TLS/SSL and DTLS protocol encrypted records when the connection used the AES CBC cipher suite and the server supported AES-NI. A remote attacker could possibly use this flaw to retrieve plain text from encrypted packets by using a TLS/SSL or DTLS server as a padding oracle. (CVE-2016-2107)
-
Several flaws were found in the way BIO_*printf functions were implemented in OpenSSL. Applications which passed large amounts of untrusted data through these functions could crash or potentially execute code with the permissions of the user running such an application. (CVE-2016-0799, CVE-2016-2842)
-
A denial of service flaw was found in the way OpenSSL parsed certain ASN.1-encoded data from BIO (OpenSSL's I/O abstraction) inputs. An application using OpenSSL that accepts untrusted ASN.1 BIO input could be forced to allocate an excessive amount of data. (CVE-2016-2109)
Red Hat would like to thank the OpenSSL project for reporting CVE-2016-2108, CVE-2016-2842, CVE-2016-2105, CVE-2016-2106, CVE-2016-2107, and CVE-2016-0799. Upstream acknowledges Huzaifa Sidhpurwala (Red Hat), Hanno Böck, and David Benjamin (Google) as the original reporters of CVE-2016-2108; Guido Vranken as the original reporter of CVE-2016-2842, CVE-2016-2105, CVE-2016-2106, and CVE-2016-0799; and Juraj Somorovsky as the original reporter of CVE-2016-2107.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.
- Bugs fixed (https://bugzilla.redhat.com/):
1312219 - CVE-2016-0799 OpenSSL: Fix memory issues in BIO_*printf functions 1314757 - CVE-2016-2842 openssl: doapr_outch function does not verify that certain memory allocation succeeds 1330101 - CVE-2016-2109 openssl: ASN.1 BIO handling of large amounts of data 1331402 - CVE-2016-2108 openssl: Memory corruption in the ASN.1 encoder 1331426 - CVE-2016-2107 openssl: Padding oracle in AES-NI CBC MAC check 1331441 - CVE-2016-2105 openssl: EVP_EncodeUpdate overflow 1331536 - CVE-2016-2106 openssl: EVP_EncryptUpdate overflow
- Package List:
Red Hat Enterprise Linux Desktop (v. 6):
Source: openssl-1.0.1e-48.el6_8.1.src.rpm
i386: openssl-1.0.1e-48.el6_8.1.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.1.i686.rpm
x86_64: openssl-1.0.1e-48.el6_8.1.i686.rpm openssl-1.0.1e-48.el6_8.1.x86_64.rpm openssl-debuginfo-1.0.1e-48.el6_8.1.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.1.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
i386: openssl-debuginfo-1.0.1e-48.el6_8.1.i686.rpm openssl-devel-1.0.1e-48.el6_8.1.i686.rpm openssl-perl-1.0.1e-48.el6_8.1.i686.rpm openssl-static-1.0.1e-48.el6_8.1.i686.rpm
x86_64: openssl-debuginfo-1.0.1e-48.el6_8.1.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.1.x86_64.rpm openssl-devel-1.0.1e-48.el6_8.1.i686.rpm openssl-devel-1.0.1e-48.el6_8.1.x86_64.rpm openssl-perl-1.0.1e-48.el6_8.1.x86_64.rpm openssl-static-1.0.1e-48.el6_8.1.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source: openssl-1.0.1e-48.el6_8.1.src.rpm
x86_64: openssl-1.0.1e-48.el6_8.1.i686.rpm openssl-1.0.1e-48.el6_8.1.x86_64.rpm openssl-debuginfo-1.0.1e-48.el6_8.1.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.1.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
x86_64: openssl-debuginfo-1.0.1e-48.el6_8.1.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.1.x86_64.rpm openssl-devel-1.0.1e-48.el6_8.1.i686.rpm openssl-devel-1.0.1e-48.el6_8.1.x86_64.rpm openssl-perl-1.0.1e-48.el6_8.1.x86_64.rpm openssl-static-1.0.1e-48.el6_8.1.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source: openssl-1.0.1e-48.el6_8.1.src.rpm
i386: openssl-1.0.1e-48.el6_8.1.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.1.i686.rpm openssl-devel-1.0.1e-48.el6_8.1.i686.rpm
ppc64: openssl-1.0.1e-48.el6_8.1.ppc.rpm openssl-1.0.1e-48.el6_8.1.ppc64.rpm openssl-debuginfo-1.0.1e-48.el6_8.1.ppc.rpm openssl-debuginfo-1.0.1e-48.el6_8.1.ppc64.rpm openssl-devel-1.0.1e-48.el6_8.1.ppc.rpm openssl-devel-1.0.1e-48.el6_8.1.ppc64.rpm
s390x: openssl-1.0.1e-48.el6_8.1.s390.rpm openssl-1.0.1e-48.el6_8.1.s390x.rpm openssl-debuginfo-1.0.1e-48.el6_8.1.s390.rpm openssl-debuginfo-1.0.1e-48.el6_8.1.s390x.rpm openssl-devel-1.0.1e-48.el6_8.1.s390.rpm openssl-devel-1.0.1e-48.el6_8.1.s390x.rpm
x86_64: openssl-1.0.1e-48.el6_8.1.i686.rpm openssl-1.0.1e-48.el6_8.1.x86_64.rpm openssl-debuginfo-1.0.1e-48.el6_8.1.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.1.x86_64.rpm openssl-devel-1.0.1e-48.el6_8.1.i686.rpm openssl-devel-1.0.1e-48.el6_8.1.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
i386: openssl-debuginfo-1.0.1e-48.el6_8.1.i686.rpm openssl-perl-1.0.1e-48.el6_8.1.i686.rpm openssl-static-1.0.1e-48.el6_8.1.i686.rpm
ppc64: openssl-debuginfo-1.0.1e-48.el6_8.1.ppc64.rpm openssl-perl-1.0.1e-48.el6_8.1.ppc64.rpm openssl-static-1.0.1e-48.el6_8.1.ppc64.rpm
s390x: openssl-debuginfo-1.0.1e-48.el6_8.1.s390x.rpm openssl-perl-1.0.1e-48.el6_8.1.s390x.rpm openssl-static-1.0.1e-48.el6_8.1.s390x.rpm
x86_64: openssl-debuginfo-1.0.1e-48.el6_8.1.x86_64.rpm openssl-perl-1.0.1e-48.el6_8.1.x86_64.rpm openssl-static-1.0.1e-48.el6_8.1.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source: openssl-1.0.1e-48.el6_8.1.src.rpm
i386: openssl-1.0.1e-48.el6_8.1.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.1.i686.rpm openssl-devel-1.0.1e-48.el6_8.1.i686.rpm
x86_64: openssl-1.0.1e-48.el6_8.1.i686.rpm openssl-1.0.1e-48.el6_8.1.x86_64.rpm openssl-debuginfo-1.0.1e-48.el6_8.1.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.1.x86_64.rpm openssl-devel-1.0.1e-48.el6_8.1.i686.rpm openssl-devel-1.0.1e-48.el6_8.1.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
i386: openssl-debuginfo-1.0.1e-48.el6_8.1.i686.rpm openssl-perl-1.0.1e-48.el6_8.1.i686.rpm openssl-static-1.0.1e-48.el6_8.1.i686.rpm
x86_64: openssl-debuginfo-1.0.1e-48.el6_8.1.x86_64.rpm openssl-perl-1.0.1e-48.el6_8.1.x86_64.rpm openssl-static-1.0.1e-48.el6_8.1.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2016-0799 https://access.redhat.com/security/cve/CVE-2016-2105 https://access.redhat.com/security/cve/CVE-2016-2106 https://access.redhat.com/security/cve/CVE-2016-2107 https://access.redhat.com/security/cve/CVE-2016-2108 https://access.redhat.com/security/cve/CVE-2016-2109 https://access.redhat.com/security/cve/CVE-2016-2842 https://access.redhat.com/security/updates/classification/#important
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFXMXPXXlSAg2UNWIIRAmqpAJ4sxaxPc4fbLjR32h/PW1fxwOZG7ACgtaSz 6dbI0EemYRoHCDagPHSycq4= =g2Zb -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce. This could lead to a heap corruption. This could lead to a heap corruption.
CVE-2016-2108
David Benjamin from Google discovered that two separate bugs in the
ASN.1 encoder, related to handling of negative zero integer values
and large universal tags, could lead to an out-of-bounds write. This could result in arbitrary stack data
being returned in the buffer.
Additional information about these issues can be found in the OpenSSL security advisory at https://www.openssl.org/news/secadv/20160503.txt
For the stable distribution (jessie), these problems have been fixed in version 1.0.1k-3+deb8u5.
For the unstable distribution (sid), these problems have been fixed in version 1.0.2h-1.
We recommend that you upgrade your openssl packages.
References:
- CVE-2016-2107 - OpenSSL, Unauthorized disclosure of information
- CVE-2016-2106 - OpenSSL, Denial of Service (DoS)
- CVE-2016-2109 - OpenSSL, Denial of Service (DoS)
- CVE-2016-2105 - OpenSSL, Denial of Service (DoS)
- CVE-2016-3739 - cURL and libcurl, Remote code execution
- CVE-2016-5388 - "HTTPoxy", Apache Tomcat
- CVE-2016-5387 - "HTTPoxy", Apache HTTP Server
- CVE-2016-5385 - "HTTPoxy", PHP
- CVE-2016-4543 - PHP, multiple impact
- CVE-2016-4071 - PHP, multiple impact
- CVE-2016-4072 - PHP, multiple impact
- CVE-2016-4542 - PHP, multiple impact
- CVE-2016-4541 - PHP, multiple impact
- CVE-2016-4540 - PHP, multiple impact
- CVE-2016-4539 - PHP, multiple impact
- CVE-2016-4538 - PHP, multiple impact
- CVE-2016-4537 - PHP, multiple impact
- CVE-2016-4343 - PHP, multiple impact
- CVE-2016-4342 - PHP, multiple impact
- CVE-2016-4070 - PHP, Denial of Service (DoS)
- CVE-2016-4393 - PSRT110263, XSS vulnerability
- CVE-2016-4394 - PSRT110263, HSTS vulnerability
- CVE-2016-4395 - ZDI-CAN-3722, PSRT110115, Buffer Overflow
- CVE-2016-4396 - ZDI-CAN-3730, PSRT110116, Buffer Overflow
- PSRT110145
- PSRT110263
- PSRT110115
- PSRT110116
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
APPLE-SA-2016-07-18-1 OS X El Capitan v10.11.6 and Security Update 2016-004
OS X El Capitan v10.11.6 and Security Update 2016-004 is now available and addresses the following:
apache_mod_php
Available for:
OS X Yosemite v10.10.5 and OS X El Capitan v10.11 and later
Impact: A remote attacker may be able to execute arbitrary code
Description: Multiple issues existed in PHP versions prior to
5.5.36. These were addressed by updating PHP to version 5.5.36.
CVE-2016-4650
Audio Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed through improved memory handling. CVE-2016-4647 : Juwei Lin (@fuzzerDOTcn) of Trend Micro
Audio Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to determine kernel memory layout Description: An out-of-bounds read was addressed through improved input validation. CVE-2016-4648 : Juwei Lin(@fuzzerDOTcn) of Trend Micro
Audio Available for: OS X El Capitan v10.11 and later Impact: Parsing a maliciously crafted audio file may lead to the disclosure of user information Description: An out-of-bounds read was addressed through improved bounds checking. CVE-2016-4646 : Steven Seeley of Source Incite working with Trend Micro's Zero Day Initiative
Audio Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to cause a system denial of service Description: A null pointer dereference was addressed through improved input validation. CVE-2016-4649 : Juwei Lin(@fuzzerDOTcn) of Trend Micro
bsdiff Available for: OS X El Capitan v10.11 and later Impact: A local attacker may be able to cause unexpected application termination or arbitrary code execution Description: An integer overflow existed in bspatch. This issue was addressed through improved bounds checking. CVE-2014-9862 : an anonymous researcher
CFNetwork Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to view sensitive user information Description: A permissions issue existed in the handling of web browser cookies. This issue was addressed through improved restrictions. CVE-2016-4645 : Abhinav Bansal of Zscaler Inc.
CoreGraphics Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later Impact: A remote attacker may be able to execute arbitrary code Description: A memory corruption issue was addressed through improved memory handling. CVE-2016-4637 : Tyler Bohan of Cisco Talos (talosintel.com /vulnerability-reports)
CoreGraphics Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to elevate privileges Description: An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed through improved input validation. CVE-2016-4652 : Yubin Fu of Tencent KeenLab working with Trend Micro's Zero Day Initiative
FaceTime Available for: OS X El Capitan v10.11 and later Impact: An attacker in a privileged network position may be able to cause a relayed call to continue transmitting audio while appearing as if the call terminated Description: User interface inconsistencies existed in the handling of relayed calls. These issues were addressed through improved FaceTime display logic. CVE-2016-4635 : Martin Vigo
Graphics Drivers Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed through improved input validation. CVE-2016-4634 : Stefan Esser of SektionEins
ImageIO Available for: OS X El Capitan v10.11 and later Impact: A remote attacker may be able to cause a denial of service Description: A memory consumption issue was addressed through improved memory handling. CVE-2016-4632 : Evgeny Sidorov of Yandex
ImageIO Available for: OS X El Capitan v10.11 and later Impact: A remote attacker may be able to execute arbitrary code Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-4631 : Tyler Bohan of Cisco Talos (talosintel.com /vulnerability-reports)
ImageIO Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later Impact: A remote attacker may be able to execute arbitrary code Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-4629 : Tyler Bohan of Cisco Talos (talosintel.com /vulnerability-reports) CVE-2016-4630 : Tyler Bohan of Cisco Talos (talosintel.com /vulnerability-reports)
Intel Graphics Driver Available for: OS X El Capitan v10.11 and later Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-4633 : an anonymous researcher
IOHIDFamily Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A null pointer dereference was addressed through improved input validation. CVE-2016-4626 : Stefan Esser of SektionEins
IOSurface Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A use-after-free was addressed through improved memory management. CVE-2016-4625 : Ian Beer of Google Project Zero
Kernel Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-1863 : Ian Beer of Google Project Zero CVE-2016-1864 : Ju Zhu of Trend Micro CVE-2016-4582 : Shrek_wzw and Proteas of Qihoo 360 Nirvan Team
Kernel Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to cause a system denial of service Description: A null pointer dereference was addressed through improved input validation. CVE-2016-1865 : CESG, Marco Grassi (@marcograss) of KeenLab (@keen_lab), Tencent
libc++abi Available for: OS X El Capitan v10.11 and later Impact: An application may be able to execute arbitrary code with root privileges Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-4621 : an anonymous researcher
libexpat Available for: OS X El Capitan v10.11 and later Impact: Processing maliciously crafted XML may lead to unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-0718 : Gustavo Grieco
LibreSSL Available for: OS X El Capitan v10.11 and later Impact: A remote attacker may be able to execute arbitrary code Description: Multiple issues existed in LibreSSL before 2.2.7. These were addressed by updating LibreSSL to version 2.2.7. CVE-2016-2108 : Huzaifa Sidhpurwala (Red Hat), Hanno Boeck, David Benjamin (Google) Mark Brand, Ian Beer of Google Project Zero CVE-2016-2109 : Brian Carpenter
libxml2 Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later Impact: Parsing a maliciously crafted XML document may lead to disclosure of user information Description: An access issue existed in the parsing of maliciously crafted XML files. This issue was addressed through improved input validation. CVE-2016-4449 : Kostya Serebryany
libxml2 Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later Impact: Multiple vulnerabilities in libxml2 Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-1836 : Wei Lei and Liu Yang of Nanyang Technological University CVE-2016-4447 : Wei Lei and Liu Yang of Nanyang Technological University CVE-2016-4448 : Apple CVE-2016-4483 : Gustavo Grieco CVE-2016-4614 : Nick Wellnhofe CVE-2016-4615 : Nick Wellnhofer CVE-2016-4616 : Michael Paddon CVE-2016-4619 : Hanno Boeck
libxslt Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later Impact: Multiple vulnerabilities in libxslt Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-1684 : Nicolas GrA(c)goire CVE-2016-4607 : Nick Wellnhofer CVE-2016-4608 : Nicolas GrA(c)goire CVE-2016-4609 : Nick Wellnhofer CVE-2016-4610 : Nick Wellnhofer CVE-2016-4612 : Nicolas GrA(c)goire
Login Window Available for: OS X El Capitan v10.11 and later Impact: A malicious application may be able to execute arbitrary code leading to compromise of user information Description: A memory corruption issue was addressed through improved input validation. CVE-2016-4640 : Yubin Fu of Tencent KeenLab working with Trend Micro's Zero Day Initiative
Login Window Available for: OS X El Capitan v10.11 and later Impact: A malicious application may be able to execute arbitrary code leading to the compromise of user information Description: A type confusion issue was addressed through improved memory handling. CVE-2016-4641 : Yubin Fu of Tencent KeenLab working with Trend Micro's Zero Day Initiative
Login Window Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to cause a denial of service Description: A memory initialization issue was addressed through improved memory handling. CVE-2016-4639 : Yubin Fu of Tencent KeenLab working with Trend Micro's Zero Day Initiative
Login Window Available for: OS X El Capitan v10.11 and later Impact: A malicious application may be able to gain root privileges Description: A type confusion issue was addressed through improved memory handling. CVE-2016-4638 : Yubin Fu of Tencent KeenLab working with Trend Micro's Zero Day Initiative
OpenSSL Available for: OS X El Capitan v10.11 and later Impact: A remote attacker may be able to execute arbitrary code Description: Multiple issues existed in OpenSSL. These issues were resolved by backporting the fixes from OpenSSL 1.0.2h/1.0.1 to OpenSSL 0.9.8. CVE-2016-2105 : Guido Vranken CVE-2016-2106 : Guido Vranken CVE-2016-2107 : Juraj Somorovsky CVE-2016-2108 : Huzaifa Sidhpurwala (Red Hat), Hanno Boeck, David Benjamin (Google), Mark Brand and Ian Beer of Google Project Zero CVE-2016-2109 : Brian Carpenter CVE-2016-2176 : Guido Vranken
QuickTime Available for: OS X El Capitan v10.11 and later Impact: Processing a maliciously crafted FlashPix Bitmap Image may lead to unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-4596 : Ke Liu of Tencent's Xuanwu Lab CVE-2016-4597 : Ke Liu of Tencent's Xuanwu Lab CVE-2016-4600 : Ke Liu of Tencent's Xuanwu Lab CVE-2016-4602 : Ke Liu of Tencent's Xuanwu Lab
QuickTime Available for: OS X El Capitan v10.11 and later Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved input validation. CVE-2016-4598 : Ke Liu of Tencent's Xuanwu Lab
QuickTime Available for: OS X El Capitan v10.11 and later Impact: Processing a maliciously crafted SGI file may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved input validation. CVE-2016-4601 : Ke Liu of Tencent's Xuanwu Lab
QuickTime Available for: OS X El Capitan v10.11 and later Impact: Processing a maliciously crafted Photoshop document may lead to unexpected application termination or arbitrary code execution Description: A memory corruption issue was addressed through improved input validation. CVE-2016-4599 : Ke Liu of Tencent's Xuanwu Lab
Safari Login AutoFill Available for: OS X El Capitan v10.11 and later Impact: A user's password may be visible on screen Description: An issue existed in Safari's password auto-fill. This issue was addressed through improved matching of form fields. CVE-2016-4595 : Jonathan Lewis from DeARX Services (PTY) LTD
Sandbox Profiles Available for: OS X El Capitan v10.11 and later Impact: A local application may be able to access the process list Description: An access issue existed with privileged API calls. This issue was addressed through additional restrictions. CVE-2016-4594 : Stefan Esser of SektionEins
Note: OS X El Capitan 10.11.6 includes the security content of Safari 9.1.2. For further details see https://support.apple.com/kb/HT206900
OS X El Capitan v10.11.6 and Security Update 2016-004 may be obtained from the Mac App Store or Apple's Software Downloads web site: http://www.apple.com/support/downloads/
Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org
iQIcBAEBCgAGBQJXjXAvAAoJEIOj74w0bLRG/5EP/2v9SJTrO+/4b3A1gqC1ch8y +cJ04tXRsO7rvjKT5nCylo30U0Sanz/bUbDx4559YS7/P/IyeyZVheaTJwK8wzEy pSOPpy35hUuVIw0/p4YsuHDThSBPFMmDljTxH7elkfuBV1lPSrCkyDXc0re2HxWV xj68zAxtM0jkkhgcxb2ApZSZVXhrjUZtbY0xEVOoWKKFwbMvKfx+4xSqunwQeS1u wevs1EbxfvsZbc3pG+xYcOonbegBzOy9aCvNO1Yv1zG+AYXC5ERMq1vk3PsWOTQN ZVY1I7mvCaEfvmjq2isRw8XYapAIKISDLwMKBSYrZDQFwPQLRi1VXxQZ67Kq1M3k ah04/lr0RIcoosIcBqxD2+1UAFjUzEUNFkYivjhuaeegN2QdL7Ujegf1QjdAt8lk mmKduxYUDOaRX50Kw7n14ZveJqzE1D5I6QSItaZ9M1vR60a7u91DSj9D87vbt1YC JM/Rvf/4vonp1NjwA2JQwCiZfYliBDdn9iiCl8mzxdsSRD/wXcZCs05nnKmKsCfc 55ET7IwdG3622lVheOJGQZuucwJiTn36zC11XVzZysQd/hLD5rUKUQNX1WOgZdzs xPsslXF5MWx9jcdyWVSWxDrN0sFk+GpQFQDuVozP60xuxqR3qQ0TXir2NP39uIF5 YozOGPQFmX0OviWCQsX6 =ng+m -----END PGP SIGNATURE----- . Description:
This release of Red Hat JBoss Core Services httpd 2.4.23 serves as a replacement for JBoss Core Services Apache HTTP Server 2.4.6. (CVE-2014-8176, CVE-2015-0209, CVE-2015-0286, CVE-2015-3194, CVE-2015-3195, CVE-2015-3196, CVE-2015-3216, CVE-2016-0702, CVE-2016-0705, CVE-2016-0797, CVE-2016-0799, CVE-2016-2105, CVE-2016-2106, CVE-2016-2107, CVE-2016-2108, CVE-2016-2109, CVE-2016-2177, CVE-2016-2178, CVE-2016-2842)
-
This update fixes several flaws in libxml2. (CVE-2016-1762, CVE-2016-1833, CVE-2016-1834, CVE-2016-1835, CVE-2016-1836, CVE-2016-1837, CVE-2016-1838, CVE-2016-1839, CVE-2016-1840, CVE-2016-3627, CVE-2016-3705, CVE-2016-4447, CVE-2016-4448, CVE-2016-4449, CVE-2016-4483)
-
This update fixes three flaws in curl. (CVE-2016-5419, CVE-2016-5420, CVE-2016-7141)
-
This update fixes two flaws in httpd. (CVE-2014-3523, CVE-2015-3185)
-
This update fixes two flaws in mod_cluster. (CVE-2016-4459, CVE-2016-8612)
-
A buffer overflow flaw when concatenating virtual host names and URIs was fixed in mod_jk. (CVE-2016-6808)
-
A memory leak flaw was fixed in expat.
See the corresponding CVE pages linked to in the References section for more information about each of the flaws listed in this advisory. Solution:
The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).
After installing the updated packages, the httpd daemon will be restarted automatically. JIRA issues fixed (https://issues.jboss.org/):
JBCS-50 - CVE-2012-1148 CVE-2012-0876 expat: various flaws [jbews-3.0.0] JBCS-95 - CVE-2014-3523 httpd: WinNT MPM denial of service
6
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201605-0079",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "enterprise linux hpc node eus",
"scope": "eq",
"trust": 1.9,
"vendor": "redhat",
"version": "7.2"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.9,
"vendor": "redhat",
"version": "7.2"
},
{
"model": "enterprise linux server eus",
"scope": "eq",
"trust": 1.9,
"vendor": "redhat",
"version": "7.2"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.6,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.6,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.6,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.6,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 1.6,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.6,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.6,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2a"
},
{
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2g"
},
{
"model": "openssl",
"scope": "lte",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1s"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2d"
},
{
"model": "esmpro/serveragentservice",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "all versions (linux)"
},
{
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "express"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "enterprise v8.2 to v9.4"
},
{
"model": "cosminexus primary server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 6"
},
{
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "professional for plug-in"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v8.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "(v. 7)"
},
{
"model": "ip38x/3000",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "web server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "none"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "foundation v8.2 to v8.5"
},
{
"model": "web server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "- security enhancement"
},
{
"model": "ucosminexus service platform",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "- messaging"
},
{
"model": "websam",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "6.2"
},
{
"model": "cosminexus application server version 5",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "(v. 7)"
},
{
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "(v. 6)"
},
{
"model": "ip38x/3500",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "ucosminexus developer standard",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ip38x/fw120",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "enterprise linux hpc node eus",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "(v. 7.2)"
},
{
"model": "ip38x/1200",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v3.0"
},
{
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "01"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "st ard v8.2 to v9.4"
},
{
"model": "openssl",
"scope": "lt",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "enterprisedirectoryserver",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "ver6.1 to v8.0"
},
{
"model": "ucosminexus application server smart edition",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "secureware/pki application development kit",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "ver3.2"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v3.1"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v6.2"
},
{
"model": "websam",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "netvisorpro 6.1"
},
{
"model": "ip38x/810",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "webotx enterprise service bus",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v8.2 to v9.3"
},
{
"model": "ip38x/n500",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "ucosminexus developer light",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "/sg series sg3600lm/lg/lj v6.1"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v7.0"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "/sg series intersecvm/sg v1.2"
},
{
"model": "ip38x/1210",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "(v. 6)"
},
{
"model": "cosminexus developer version 5",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "express v8.2 to v9.4"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "(v. 7)"
},
{
"model": "cosminexus developer light version 6",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v7.1"
},
{
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "st ard-r"
},
{
"model": "ucosminexus primary server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "base"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "(v. 6)"
},
{
"model": "ucosminexus service platform",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "none"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.1t"
},
{
"model": "capssuite",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v3.0 to v4.0"
},
{
"model": "cosminexus primary server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "base version 6"
},
{
"model": "ucosminexus service architect",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "univerge",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "business connect v7.1.1"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v4.0"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "(v. 7.2)"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "10.11 and later"
},
{
"model": "ucosminexus application server enterprise",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "openssl",
"scope": "lt",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.2"
},
{
"model": "ip38x/5000",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "(v. 7)"
},
{
"model": "enterprise linux server eus",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "(v. 7.2)"
},
{
"model": "websam",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "7.0"
},
{
"model": "ip38x/sr100",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "cosminexus application server standard",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 6"
},
{
"model": "ucosminexus application server standard",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus application server enterprise",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 6"
},
{
"model": "cosminexus developer standard version 6",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus developer professional version 6",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "professional"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.2h"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v8.2"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "/sg series univerge sg3000lg/lj"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "(v. 6)"
},
{
"model": "registered envelope service",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence video communication server",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "0"
},
{
"model": "paging server",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": "11.5.1"
},
{
"model": "nexus series switches 5.2 sv3",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": "1000v"
},
{
"model": "network performance analytics",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "0"
},
{
"model": "ironport encryption appliance",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "0"
},
{
"model": "spa51x series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mate collector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ata series analog terminal adaptor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1900"
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "network health framework",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence server on virtual machine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "spa232d multi-line dect ata",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2"
},
{
"model": "show and share",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(1)"
},
{
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.2.1"
},
{
"model": "unified series ip phones",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "780011.5.2"
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.3.0.0"
},
{
"model": "clean access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "lancope stealthwatch flowcollector netflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8"
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(3.10000.9)"
},
{
"model": "hosted collaboration mediation fulfillment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.6(3)"
},
{
"model": "10.2-release-p8",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.3"
},
{
"model": "proactive network operations center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence server mr2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "87104.2"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.40"
},
{
"model": "emergency responder",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"model": "video distribution suite for internet streaming",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3.2"
},
{
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.2"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.53"
},
{
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.6.0"
},
{
"model": "video surveillance media server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11"
},
{
"model": "project openssl 1.0.1e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "lancope stealthwatch udp director",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.2"
},
{
"model": "nexus series blade switches 0.9.8zf",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4000"
},
{
"model": "telepresence isdn link",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.1.6"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.5"
},
{
"model": "project openssl 1.0.2g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0.1"
},
{
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32400"
},
{
"model": "telepresence sx series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.3.7"
},
{
"model": "project openssl 1.0.1a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5.1.6"
},
{
"model": "unified intelligent contact management enterprise",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.51"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "85100"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5.1.131"
},
{
"model": "unified workforce optimization",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.1"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1.4"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"model": "lancope stealthwatch flowcollector netflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.1"
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.2"
},
{
"model": "mediasense 9.0",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "abyp-4tl-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "powerkvm",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"model": "cognos business intelligence interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.119"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1209"
},
{
"model": "asr series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50000"
},
{
"model": "aspera shares",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.9.6"
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4.0.0"
},
{
"model": "10.1-release-p26",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "edge digital media player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3400"
},
{
"model": "enterprise content delivery system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.8"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.2"
},
{
"model": "prime collaboration assurance sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"model": "tivoli netcool system service monitors fp3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(1)"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.3"
},
{
"model": "workload deployer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.16"
},
{
"model": "unified contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5"
},
{
"model": "intelligent automation for cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jabber guest",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0(2)"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3361"
},
{
"model": "10.1-release-p5",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "unified ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "69010"
},
{
"model": "prime security manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9.5.4.3"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.13-34"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"model": "im and presence service",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"model": "ata analog telephone adaptor",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1879.2.5"
},
{
"model": "jabber guest",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ucs central 1.5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "show and share",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5(2)"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.1"
},
{
"model": "real-time compression appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.2"
},
{
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.4.0.1"
},
{
"model": "cloud manager with openstack interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.3"
},
{
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "prime license manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime collaboration deployment",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"model": "series ip phones vpn feature",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8800-11.5.2"
},
{
"model": "mobile foundation consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.0.1"
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3394"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.2"
},
{
"model": "visual quality experience server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "filenet system monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"model": "project openssl 1.0.1t",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "anyconnect secure mobility client for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3"
},
{
"model": "content security management appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "10.1-release-p28",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "agent for openflow",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.4.0"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.1"
},
{
"model": "image construction and composition tool",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.1.0"
},
{
"model": "webex recording playback client",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime collaboration assurance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "asa next-generation firewall services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "9.3-release-p38",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "telepresence content server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tandberg codian mse model",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83200"
},
{
"model": "local collector appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2.8"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.2"
},
{
"model": "9.3-release-p10",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.3-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "digital media players series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44000"
},
{
"model": "mds series multilayer switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "90008.3"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.16-37"
},
{
"model": "10.2-release-p13",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "nexus series switches 7.3.1nx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.1"
},
{
"model": "opensuse evergreen",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.4"
},
{
"model": "prime infrastructure standalone plug and play gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "spa50x series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings for blackberry",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tivoli netcool system service monitors interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.014-01"
},
{
"model": "security identity manager virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.3"
},
{
"model": "lancope stealthwatch flowcollector sflow",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 1.0.1g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "media experience engines",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.5.1"
},
{
"model": "exalogic infrastructure",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2.0"
},
{
"model": "tivoli netcool system service monitors fp1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.4"
},
{
"model": "telepresence integrator c series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.3.7"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "anyconnect secure mobility client",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.1"
},
{
"model": "workload deployer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"model": "telepresence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "87100"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.1"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.4-23"
},
{
"model": "10.2-release-p14",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "10.1-release-p17",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.25-57"
},
{
"model": "sterling connect:express for unix ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.6.1146-109"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.18-43"
},
{
"model": "cloud manager with openstack interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.5"
},
{
"model": "workload deployer if12",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.7"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"model": "media services interface",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus intercloud",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1000v0"
},
{
"model": "media experience engines",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.5"
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.0"
},
{
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.1"
},
{
"model": "ips",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 1.0.1i",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.4.2"
},
{
"model": "unified workforce optimization quality management sr3 es5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.0"
},
{
"model": "qradar",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "meetingplace",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.7"
},
{
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0.1"
},
{
"model": "security identity manager virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.2"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.2"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.913"
},
{
"model": "unified attendant console advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime access registrar",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.0.1.7"
},
{
"model": "anyconnect secure mobility client for ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "webex messenger service ep1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.9.9"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.3"
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "mediasense",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5.1"
},
{
"model": "unified ip phone 9.4.2sr3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8961"
},
{
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.1.1"
},
{
"model": "10.2-release-p9",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "unified wireless ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 1.0.1s",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "10.1-release-p27",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "spa122 ata with router",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.4.5"
},
{
"model": "media experience engines",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.6"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.2"
},
{
"model": "webex meeting center",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.9.1"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "lancope stealthwatch flowcollector netflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.2"
},
{
"model": "webex node for mcs",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.12.9.8"
},
{
"model": "jabber for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance 4300e/4500e high-definition ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2.8"
},
{
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.0.0"
},
{
"model": "10.2-release-p6",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "cloud manager with openstack interix fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.3"
},
{
"model": "unified sip proxy",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "virtual security gateway for microsoft hyper-v",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(1)"
},
{
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32100"
},
{
"model": "unified attendant console premium edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "digital media players series 5.4 rb",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4300"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.11-28"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"model": "qradar",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.31"
},
{
"model": "prime optical for sps",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "pureapplication system",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1"
},
{
"model": "abyp-2t-1s-1l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "mds series multilayer switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "90006.2.17"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.19"
},
{
"model": "project openssl 1.0.1r",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "anyconnect secure mobility client for linux",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3"
},
{
"model": "vm server for",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "x863.3"
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0.0"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.03"
},
{
"model": "aspera console",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.1"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.0.997"
},
{
"model": "anyconnect secure mobility client for os",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x4.3"
},
{
"model": "unified ip phone series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "79000"
},
{
"model": "anyconnect secure mobility client for android",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3"
},
{
"model": "lancope stealthwatch flowsensor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0.0"
},
{
"model": "connected analytics for collaboration 1.0.1q",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.20"
},
{
"model": "jabber guest",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.0"
},
{
"model": "abyp-2t-1s-1l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "show and share",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(2)"
},
{
"model": "lancope stealthwatch flowcollector sflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.7.3"
},
{
"model": "mmp server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "13.2"
},
{
"model": "tivoli provisioning manager for images",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.19"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.30.0-13"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1"
},
{
"model": "abyp-10g-2sr-2lr-1-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "tivoli provisioning manager for images build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.20280.6"
},
{
"model": "computer telephony integration object server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.51"
},
{
"model": "unified communications for microsoft lync",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.6.7"
},
{
"model": "prime security manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.3.4.2-4"
},
{
"model": "anyres live",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.14"
},
{
"model": "ons series multiservice provisioning platforms",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1545410.6.1"
},
{
"model": "telepresence isdn link",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70104.4"
},
{
"model": "packet tracer",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2"
},
{
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.7.0"
},
{
"model": "openssh for gpfs for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.0.31"
},
{
"model": "unified attendant console business edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "agent for openflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0.7"
},
{
"model": "cloud manager with openstack interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.5"
},
{
"model": "cognos business intelligence interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.117"
},
{
"model": "unified contact center enterprise",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.51"
},
{
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32200"
},
{
"model": "show and share",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(3)"
},
{
"model": "globalprotect agent",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "3.1.0"
},
{
"model": "webex meetings for wp8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.54"
},
{
"model": "abyp-2t-2s-0l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "powerkvm",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "webex meetings for android",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1"
},
{
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.5.0"
},
{
"model": "mds series multilayer switches 7.3.1nx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9000"
},
{
"model": "mds series multilayer switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"model": "ios software and cisco ios xe software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "16.3.1"
},
{
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.2"
},
{
"model": "webex meeting center",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.9.0.5"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.15-36"
},
{
"model": "ace application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "300"
},
{
"model": "lancope stealthwatch flowsensor",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.7.3"
},
{
"model": "exalogic infrastructure",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0"
},
{
"model": "proventia network enterprise scanner",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.4"
},
{
"model": "tivoli provisioning manager for os deployment build",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1051.08"
},
{
"model": "nac guest server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "local collector appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2.10"
},
{
"model": "enterprise content delivery system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(1)"
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.11"
},
{
"model": "mobile foundation consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.0.0"
},
{
"model": "prime collaboration deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings client hosted t31r1sp6",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cloud manager with openstack interim fix1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.6"
},
{
"model": "9.3-release-p35",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "dx series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "virtualization experience media engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance series ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "60002.8"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3x000"
},
{
"model": "packet tracer",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3"
},
{
"model": "unified sip proxy",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0"
},
{
"model": "10.2-release-p10",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "aspera shares",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.9.3"
},
{
"model": "abyp-0t-4s-0l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.0.1"
},
{
"model": "spa50x series ip phones",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.6.5"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "abyp-4ts-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.5"
},
{
"model": "ata series analog terminal adaptor",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1901.3"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.0"
},
{
"model": "digital media players series 5.4 rb",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4400"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.4"
},
{
"model": "virtualization experience media engine",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5.1"
},
{
"model": "abyp-10g-4lr-1-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3200"
},
{
"model": "abyp-10g-4lr-1-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "video surveillance ptz ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8"
},
{
"model": "9.3-release-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.6"
},
{
"model": "unified communications for microsoft lync",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jabber software development kit",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "spa122 ata with router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "10.1-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.3-stable",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "tivoli composite application manager for transactions if03",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.4.0.1"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.4"
},
{
"model": "identity services engine",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2.1"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.2"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.1"
},
{
"model": "tivoli provisioning manager for os deployment build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.151.05"
},
{
"model": "10.1-release-p9",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "webex meetings server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.7"
},
{
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3"
},
{
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.2.2"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(2.10000.5)"
},
{
"model": "project openssl 1.0.1c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.1.0"
},
{
"model": "telepresence mx series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.3.7"
},
{
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"model": "telepresence server on multiparty media",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3204.4"
},
{
"model": "lancope stealthwatch flowcollector sflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8"
},
{
"model": "qradar siem/qrif/qrm/qvm patch",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.71"
},
{
"model": "digital media players series 5.3 rb",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4300"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1768"
},
{
"model": "telepresence profile series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.3.7"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.41"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.1"
},
{
"model": "openssh for gpfs for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5"
},
{
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.6"
},
{
"model": "abyp-0t-0s-4l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.5"
},
{
"model": "project openssl 1.0.1f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "nexus series switches 7.3.1nx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7000"
},
{
"model": "jabber for android mr",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6"
},
{
"model": "project openssl 1.0.2a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "abyp-4t-0s-0l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "algo audit and compliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "project openssl 1.0.2f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.5"
},
{
"model": "connected grid router-cgos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.2919"
},
{
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.0"
},
{
"model": "lancope stealthwatch smc",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tivoli provisioning manager for images",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.0"
},
{
"model": "telepresence server on virtual machine mr2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"model": "anyconnect secure mobility client",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3"
},
{
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.4"
},
{
"model": "unified ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "69450"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "60008.3"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.30.2-9"
},
{
"model": "abyp-0t-2s-2l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70008.3"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.2"
},
{
"model": "webex meetings server ssl gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "sterling connect:express for unix ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.6.1146-110"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"model": "messagesight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2"
},
{
"model": "prime network services controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "lancope stealthwatch flowcollector sflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.1"
},
{
"model": "ironport email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "9.3-release-p3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "prime collaboration provisioning",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.2"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.12"
},
{
"model": "sterling connect:express for unix ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.6.1146-113"
},
{
"model": "lancope stealthwatch flowsensor",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.3"
},
{
"model": "spa30x series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.2"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.30-12"
},
{
"model": "webex meetings client on premises",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "tivoli netcool system service monitors",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.3"
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.19"
},
{
"model": "telepresence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70100"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.3(1)"
},
{
"model": "hosted collaboration mediation fulfillment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "digital media manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.4"
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.2"
},
{
"model": "bm security identity governance and intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"model": "security manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.12"
},
{
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.0"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.7"
},
{
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.2.2"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5(.1.131)"
},
{
"model": "project openssl 1.0.2d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "10.3"
},
{
"model": "prime access registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "onepk all-in-one vm",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1(1)"
},
{
"model": "prime lan management solution",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "algo audit and compliance if",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0.32"
},
{
"model": "spa525g",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cloud manager with openstack interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.4"
},
{
"model": "lancope stealthwatch flowsensor",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.1"
},
{
"model": "9.3-release-p25",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "abyp-0t-2s-2l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "unified attendant console department edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified ip phone 9.4.2sr3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9971"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.1"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.29-9"
},
{
"model": "series ip phones vpn feature",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8800-0"
},
{
"model": "nexus series switches 7.3.1dx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6000"
},
{
"model": "abyp-2t-0s-2l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "spa112 2-port phone adapter",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.4.5"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.6"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3387"
},
{
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.1.1"
},
{
"model": "telepresence server mr2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70104.2"
},
{
"model": "webex messenger service",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.20"
},
{
"model": "abyp-10g-4sr-1-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "media experience engines",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.0"
},
{
"model": "10.3-stable",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.1.4"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.2.2"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2"
},
{
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.3.1"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "video distribution suite for internet streaming",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "connected grid router 15.6.2.15t",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "digital media players series 5.4 rb",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4300"
},
{
"model": "telepresence server on multiparty media mr2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3204.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5"
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.116"
},
{
"model": "cloupia unified infrastructure controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "hosted collaboration mediation fulfillment",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5:20"
},
{
"model": "jabber for mac",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.7"
},
{
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.20"
},
{
"model": "agent desktop for cisco unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1"
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"model": "counter fraud management for safer payments",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.0"
},
{
"model": "telepresence server on multiparty media mr2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3104.2"
},
{
"model": "adaptive security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70006.2.17"
},
{
"model": "digital media players series 5.3 rb",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4400"
},
{
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.1.0"
},
{
"model": "project openssl 1.0.1n",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3204.1"
},
{
"model": "lancope stealthwatch smc",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.7.3"
},
{
"model": "packet tracer",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.0"
},
{
"model": "network analysis module",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.3.1"
},
{
"model": "project openssl 1.0.1o",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"model": "unified wireless ip phone",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5.1"
},
{
"model": "anyconnect secure mobility client for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "security access manager for web",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.4"
},
{
"model": "virtual security gateway vsg2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.1.0"
},
{
"model": "linux x86 64 -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "workload deployer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.17"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "10.1"
},
{
"model": "policy suite",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"model": "webex meetings client on premises",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "-2.7"
},
{
"model": "10.2-release-p12",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "spa51x series ip phones",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.6.5"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.55"
},
{
"model": "unified ip conference phone for third-party call control",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"model": "unified intelligence center",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5.1"
},
{
"model": "telepresence server on virtual machine",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.4"
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.0.0"
},
{
"model": "common services platform collector",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.9.1"
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.7"
},
{
"model": "project openssl 1.0.2e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.2"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(3.10000.9)"
},
{
"model": "hosted collaboration mediation fulfillment",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"model": "project openssl 1.0.1q",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "dcm series 9900-digital content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.3"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.16"
},
{
"model": "digital media manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3"
},
{
"model": "anyconnect secure mobility client for ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.1.2"
},
{
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.0"
},
{
"model": "tivoli provisioning manager for os deployment intirim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.133"
},
{
"model": "telepresence sx series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.1.2"
},
{
"model": "lancope stealthwatch flowcollector sflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.2"
},
{
"model": "anyconnect secure mobility client for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2"
},
{
"model": "webex meetings client hosted",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "webex meetings for wp8",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.13"
},
{
"model": "sterling connect:express for unix ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.6.1146-108"
},
{
"model": "sterling connect:express for unix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.13"
},
{
"model": "show and share",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(2.1)"
},
{
"model": "webex meetings for wp8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.1"
},
{
"model": "physical access control gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "wide area application services",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.5.7"
},
{
"model": "9.3-release-p24",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "webex messenger service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security privileged identity manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"model": "10.1-release-p19",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "mmp server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.10"
},
{
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.1"
},
{
"model": "prime ip express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "application and content networking system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.5.41"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.0"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"model": "10.1-release-p30",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.3-release-p13",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.2.1"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "intelligent automation for cloud",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "0.9.8"
},
{
"model": "cognos business intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "edge digital media player 1.6rb4 5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "300"
},
{
"model": "mds series multilayer switches 7.3.1dx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9000"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "99510"
},
{
"model": "abyp-10g-4sr-1-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "9.3-release-p36",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89450"
},
{
"model": "digital media manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.4.1"
},
{
"model": "tivoli provisioning manager for os deployment build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.20280.6"
},
{
"model": "lancope stealthwatch flowsensor",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.2"
},
{
"model": "video surveillance series ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30002.8"
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.2"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.12"
},
{
"model": "webex meeting center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.11"
},
{
"model": "partner supporting service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.11"
},
{
"model": "mobility services engine",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.0"
},
{
"model": "edge digital media player",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3401.2.0.20"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.1"
},
{
"model": "abyp-0t-4s-0l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "spa30x series ip phones",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.6.5"
},
{
"model": "unified series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "78000"
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.8"
},
{
"model": "digital media players series 5.4 rb",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4400"
},
{
"model": "10.2-release-p11",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.2"
},
{
"model": "enterprise content management system monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "42000"
},
{
"model": "security access manager for web",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.1.0"
},
{
"model": "socialminer",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "standalone rack server cimc",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5"
},
{
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.2.1"
},
{
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.0.0"
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.0.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "spa112 2-port phone adapter",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tivoli netcool system service monitors fp14",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "intracer",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "lancope stealthwatch smc",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8"
},
{
"model": "jabber for apple ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6.2"
},
{
"model": "video surveillance series high-definition ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "40002.4.7"
},
{
"model": "video surveillance media server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.7"
},
{
"model": "9.3-release-p33",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.5"
},
{
"model": "tivoli provisioning manager for os deployment build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1051.07"
},
{
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "84200"
},
{
"model": "jabber for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ironport email security appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "10.2"
},
{
"model": "anyconnect secure mobility client for linux",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.112"
},
{
"model": "meetingplace",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "spa525g",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.6.5"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.3"
},
{
"model": "mmp server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.9.0.5"
},
{
"model": "9.3-release-p41",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "tivoli netcool system service monitors fp1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "telepresence integrator c series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.1.2"
},
{
"model": "lancope stealthwatch udp director",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime network registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cloud object store",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.8"
},
{
"model": "anyconnect secure mobility client for android",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "cognos business intelligence fixpack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.12"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.1.4"
},
{
"model": "telepresence sx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "10.1-release-p25",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "enterprise content management system monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.1.5"
},
{
"model": "registered envelope service",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"model": "lancope stealthwatch smc",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.1"
},
{
"model": "mq appliance m2001",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "tivoli netcool system service monitors fp2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "cognos business intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "99710"
},
{
"model": "telepresence content server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.2"
},
{
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.5(4)"
},
{
"model": "meetingplace",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence server on multiparty media",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3104.4"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.4"
},
{
"model": "security guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.0.2"
},
{
"model": "anyconnect secure mobility client for linux",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.6"
},
{
"model": "ata analog telephone adaptor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1870"
},
{
"model": "asa cx and prime security manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "universal small cell series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "50003.5.12.21"
},
{
"model": "project openssl 1.0.1m",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "13.1"
},
{
"model": "expressway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"model": "anyconnect secure mobility client for android",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0(1)"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "50007.3.1"
},
{
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.5(3)"
},
{
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.3.0"
},
{
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"model": "10.1-release-p6",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "security identity manager virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.0"
},
{
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0.2"
},
{
"model": "edge digital media player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3000"
},
{
"model": "unified ip phone 9.4.2sr3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8945"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.18-49"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0(1.10000.12)"
},
{
"model": "mq appliance m2000",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "telepresence ex series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.1.2"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1000v0"
},
{
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.3"
},
{
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.3"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.6"
},
{
"model": "mate design",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.1"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.5"
},
{
"model": "10.3-rc2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.13-41"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "aspera console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"model": "show and share",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "network admission control",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified communications for microsoft lync",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6"
},
{
"model": "identity services engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.4"
},
{
"model": "project openssl 1.0.1j",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "universal small cell series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70003.4.2.0"
},
{
"model": "10.1-release-p33",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "nexus series switches 7.3.1dx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"model": "telepresence conductor",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"model": "abyp-0t-0s-4l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "unified attendant console standard",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.115"
},
{
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.4.0.0"
},
{
"model": "security identity manager virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.1"
},
{
"model": "jazz reporting service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "connected grid routers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mate live",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.13"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5(.1.6)"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1"
},
{
"model": "telepresence integrator c series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified workforce optimization sr3 es5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.0"
},
{
"model": "project openssl 1.0.1d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.2"
},
{
"model": "unified communications manager 10.5 su3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "jazz reporting service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "aspera shares",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.9.4"
},
{
"model": "abyp-2t-2s-0l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "abyp-4tl-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "nac server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "lancope stealthwatch udp director",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.7.3"
},
{
"model": "application policy infrastructure controller",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0(0.400)"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3381"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.9-34"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.3.2"
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.3"
},
{
"model": "abyp-4ts-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "digital media players series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "43000"
},
{
"model": "workload deployer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.11"
},
{
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.3"
},
{
"model": "9.3-release-p31",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3100"
},
{
"model": "security proventia network active bypass 0343c3c",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "cloud manager with openstack interim fix1",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.6"
},
{
"model": "unified ip phones 9.3 sr3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6901"
},
{
"model": "digital media manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3.6"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.3"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11.0(0.98000.225)"
},
{
"model": "prime network",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "anyconnect secure mobility client for ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3"
},
{
"model": "prime performance manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.02"
},
{
"model": "prime collaboration provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "network analysis module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "websphere application server liberty profile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5"
},
{
"model": "vm server for",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "x863.4"
},
{
"model": "unity connection",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"model": "telepresence video communication server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.8"
},
{
"model": "lancope stealthwatch flowcollector netflow",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "lancope stealthwatch smc",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.2"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(1.98991.13)"
},
{
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.2.0"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "abyp-10g-2sr-2lr-1-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "prime optical for sps",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.6"
},
{
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "45000"
},
{
"model": "telepresence server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "87104.4"
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1.0.0"
},
{
"model": "telepresence isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32410"
},
{
"model": "aspera console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.4"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "50008.3"
},
{
"model": "10.1-release-p31",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.0"
},
{
"model": "tivoli netcool system service monitors interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.12-04"
},
{
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.2.1"
},
{
"model": "netflow generation appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "pureapplication system",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.2.3"
},
{
"model": "aspera shares",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.9.2"
},
{
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3104.1"
},
{
"model": "telepresence ex series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings server ssl gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "-2.7"
},
{
"model": "telepresence server on virtual machine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.6"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.5"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5"
},
{
"model": "webex meetings for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(1.10000.5)"
},
{
"model": "aspera console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.6"
},
{
"model": "tivoli composite application manager for transactions if37",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0.1"
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.6"
},
{
"model": "tivoli network manager ip edition fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.94"
},
{
"model": "prime license manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.0"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3376"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "messagesight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.3"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.18-42"
},
{
"model": "video surveillance series ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70002.8"
},
{
"model": "expressway series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.8"
},
{
"model": "abyp-4t-0s-0l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "email security appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.2"
},
{
"model": "virtual security gateway for microsoft hyper-v vsg2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "connected grid router cgos 15.6.2.15t",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "wide area application services",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2.3"
},
{
"model": "9.3-release-p5",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "tivoli netcool system service monitors interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.12-01"
},
{
"model": "unified intelligent contact management enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security identity manager virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.1"
},
{
"model": "nexus series switches 7.3.1nx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6000"
},
{
"model": "application and content networking system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mmp server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.9.1"
},
{
"model": "project openssl 1.0.1k",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "9.3-release-p39",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "anyconnect secure mobility client for ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "sterling connect:express for unix ifix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.6.1146-114"
},
{
"model": "telepresence mx series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.1.2"
},
{
"model": "aspera console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.5"
},
{
"model": "spa232d multi-line dect ata",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.4.5"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "tivoli provisioning manager for images build",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.20290.1"
},
{
"model": "project openssl 1.0.1b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "telepresence profile series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.1.2"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.13"
},
{
"model": "anyconnect secure mobility client for os",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x4.2"
},
{
"model": "tivoli netcool system service monitors interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.014-08"
},
{
"model": "lancope stealthwatch udp director",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8"
},
{
"model": "universal small cell series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70003.5.12.21"
},
{
"model": "telepresence conductor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "application policy infrastructure controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jabber for mac",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "globalprotect agent",
"scope": "ne",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "3.1.1"
},
{
"model": "dcm series 9900-digital content manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "19.0"
},
{
"model": "image construction and composition tool",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.2.0"
},
{
"model": "10.3-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"model": "security access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "video surveillance 4300e/4500e high-definition ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1876"
},
{
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0"
},
{
"model": "10.3-release-p2",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "unified ip phone 9.4.2sr3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9951"
},
{
"model": "local collector appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2.12"
},
{
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.1"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.32"
},
{
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0.0"
},
{
"model": "content security appliance updater servers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "10.1-release-p29",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "connected analytics for collaboration",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "multicast manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "10.1-release-p23",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "lancope stealthwatch flowcollector netflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.7.3"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"model": "telepresence ex series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.3.7"
},
{
"model": "mac os security update",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x2016"
},
{
"model": "10.1-release-p16",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "jazz reporting service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "50006.2.17"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.30.4-12"
},
{
"model": "webex node for mcs",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "emergency responder 10.5",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "security identity manager virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.0"
},
{
"model": "qradar siem mr2 patch",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.113"
},
{
"model": "unified communications manager session management edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "900012.0"
},
{
"model": "lancope stealthwatch udp director",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.1"
},
{
"model": "9.3-release-p6",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "video surveillance ptz ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "virtualization experience media engine",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.7(0)"
},
{
"model": "telepresence serial gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "9.3-release-p9",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "aspera console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.3"
},
{
"model": "project openssl 1.0.2c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "webex meetings server 2.5mr2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "virtual security gateway for microsoft hyper-v",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "services analytic platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jabber for apple ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.7"
},
{
"model": "unified ip phone series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "79009.4(2)"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89610"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "60006.2.17"
},
{
"model": "workload deployer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.12"
},
{
"model": "tivoli netcool system service monitors",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.2"
},
{
"model": "unified series ip conference phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"model": "video surveillance media server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.9"
},
{
"model": "unified communications manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "agent for openflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1.5"
},
{
"model": "10.2-release-p16",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "project openssl 1.0.2h",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "virtual security gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(1)"
},
{
"model": "unified attendant console enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3379"
},
{
"model": "policy suite",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0"
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2"
},
{
"model": "project openssl 1.0.2b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "prime data center network manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "unified communications manager session management edition",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"model": "videoscape control suite",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "53000"
},
{
"model": "prime access registrar",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.1"
},
{
"model": "anyres live",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9.4.5"
},
{
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.3.0"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.0"
},
{
"model": "9.3-release-p34",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0(1)"
},
{
"model": "tivoli provisioning manager for images system edition build",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "x7.1.1.20290.1"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.10"
},
{
"model": "jabber software development kit",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.7"
},
{
"model": "unified contact center express",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"model": "webex meetings server mr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.0.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.99.2"
},
{
"model": "telepresence mx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.1"
},
{
"model": "jazz reporting service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "telepresence isdn gw mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83210"
},
{
"model": "telepresence profile series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "abyp-2t-0s-2l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "visual quality experience tools server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cloud manager with openstack interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.3"
},
{
"model": "prime access registrar",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.2"
},
{
"model": "nexus series switches 7.3.1dx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7000"
},
{
"model": "asa cx and cisco prime security manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9.5.4.3"
},
{
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "project openssl 1.0.1l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "im and presence service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3"
},
{
"model": "9.3-release-p29",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "firesight system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "management appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vm server for",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "x863.2"
},
{
"model": "aspera console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.2"
},
{
"model": "tivoli provisioning manager for images system edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x7.1.1.0"
},
{
"model": "unity connection",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.1"
},
{
"model": "cloud object store",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "anyconnect secure mobility client for os",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x4.0"
},
{
"model": "project openssl 1.0.1h",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(2.13900.9)"
},
{
"model": "ip interoperability and collaboration system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(0.98000.88)"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.1"
},
{
"model": "project openssl 1.0.1p",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "87940"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002476"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-083"
},
{
"db": "NVD",
"id": "CVE-2016-2109"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2g:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2:beta3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.0.1s",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2:beta2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-2109"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Brian Carpenter",
"sources": [
{
"db": "BID",
"id": "87940"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-083"
}
],
"trust": 0.9
},
"cve": "CVE-2016-2109",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.8,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2016-2109",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2016-2109",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-2109",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201605-083",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2016-2109",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-2109"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002476"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-083"
},
{
"db": "NVD",
"id": "CVE-2016-2109"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in the ASN.1 BIO implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (memory consumption) via a short invalid encoding. OpenSSL is prone to a local denial-of-service vulnerability. \nAn attacker may exploit this issue to crash the application or consume excessive amount of data, resulting in denial-of-service conditions. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03756en_us\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: hpesbhf03756en_us\nVersion: 1\n\nHPESBHF03756 rev.1 - HPE Network Products including Comware 7, iMC, and VCX\nrunning OpenSSL, Remote Denial of Service (DoS), Disclosure of Sensitive\nInformation\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2017-06-05\nLast Updated: 2017-06-05\n\nPotential Security Impact: Remote: Denial of Service (DoS), Disclosure of\nSensitive Information\n\nSource: Hewlett Packard Enterprise, Product Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities with OpenSSL have been addressed for HPE\nnetwork products including Comware 7, iMC, and VCX. The vulnerabilities could\nbe remotely exploited resulting in Denial of Service (DoS) or disclosure of\nsensitive information. \n\nReferences:\n\n - CVE-2016-2105 - Remote Denial of Service (DoS)\n - CVE-2016-2106 - Remote Denial of Service (DoS)\n - CVE-2016-2107 - Remote disclosure of sensitive information\n - CVE-2016-2108 - Remote Denial of Service (DoS)\n - CVE-2016-2109 - Remote Denial of Service (DoS)\n - CVE-2016-2176 - Remote Denial of Service (DoS)\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \n\n - VCX Products All versions - Please refer to the RESOLUTION below for a\nlist of updated products. \n - Comware v7 (CW7) Products All versions - Please refer to the RESOLUTION\nbelow for a list of updated products. \n - HP Intelligent Management Center (iMC) All versions - Please refer to the\nRESOLUTION below for a list of updated products. \n\nBACKGROUND\n\n CVSS Base Metrics\n =================\n Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector\n\n CVE-2016-2105\n 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\n 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n CVE-2016-2106\n 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\n 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n CVE-2016-2107\n 3.7 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N\n 2.6 (AV:N/AC:H/Au:N/C:P/I:N/A:N)\n\n CVE-2016-2108\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2016-2109\n 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\n 7.8 (AV:N/AC:L/Au:N/C:N/I:N/A:C)\n\n CVE-2016-2176\n 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L\n 6.4 (AV:N/AC:L/Au:N/C:P/I:N/A:P)\n\n Information on CVSS is documented in\n HPE Customer Notice HPSN-2008-002 here:\n\nhttps://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499\n\nRESOLUTION\n\nHPE has made the following software updates available to resolve the\nvulnerabilities in the Comware 7, iMC and VCX products running OpenSSL. \n\n**COMWARE 7 Products**\n\n + 12500 (Comware 7) - Version: R7377P02\n * HP Network Products\n - JC072B HP 12500 Main Processing Unit\n - JC085A HP A12518 Switch Chassis\n - JC086A HP A12508 Switch Chassis\n - JC652A HP 12508 DC Switch Chassis\n - JC653A HP 12518 DC Switch Chassis\n - JC654A HP 12504 AC Switch Chassis\n - JC655A HP 12504 DC Switch Chassis\n - JF430A HP A12518 Switch Chassis\n - JF430B HP 12518 Switch Chassis\n - JF430C HP 12518 AC Switch Chassis\n - JF431A HP A12508 Switch Chassis\n - JF431B HP 12508 Switch Chassis\n - JF431C HP 12508 AC Switch Chassis\n - JG497A HP 12500 MPU w/Comware V7 OS\n - JG782A HP FF 12508E AC Switch Chassis\n - JG783A HP FF 12508E DC Switch Chassis\n - JG784A HP FF 12518E AC Switch Chassis\n - JG785A HP FF 12518E DC Switch Chassis\n - JG802A HP FF 12500E MPU\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 10500 (Comware 7) - Version: R7184\n * HP Network Products\n - JC611A HP 10508-V Switch Chassis\n - JC612A HP 10508 Switch Chassis\n - JC613A HP 10504 Switch Chassis\n - JC748A HP 10512 Switch Chassis\n - JG608A HP FlexFabric 11908-V Switch Chassis\n - JG609A HP FlexFabric 11900 Main Processing Unit\n - JG820A HP 10504 TAA Switch Chassis\n - JG821A HP 10508 TAA Switch Chassis\n - JG822A HP 10508-V TAA Switch Chassis\n - JG823A HP 10512 TAA Switch Chassis\n - JG496A HP 10500 Type A MPU w/Comware v7 OS\n - JH198A HP 10500 Type D Main Processing Unit with Comware v7 Operating\nSystem\n - JH206A HP 10500 Type D TAA-compliant with Comware v7 Operating System\nMain Processing Unit\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 5900/5920 (Comware 7) - Version: R2422P02\n * HP Network Products\n - JC772A HP 5900AF-48XG-4QSFP+ Switch\n - JG296A HP 5920AF-24XG Switch\n - JG336A HP 5900AF-48XGT-4QSFP+ Switch\n - JG510A HP 5900AF-48G-4XG-2QSFP+ Switch\n - JG554A HP 5900AF-48XG-4QSFP+ TAA Switch\n - JG555A HP 5920AF-24XG TAA Switch\n - JG838A HP FF 5900CP-48XG-4QSFP+ Switch\n - JH036A HP FlexFabric 5900CP 48XG 4QSFP+ TAA-Compliant\n - JH037A HP 5900AF 48XGT 4QSFP+ TAA-Compliant Switch\n - JH038A HP 5900AF 48G 4XG 2QSFP+ TAA-Compliant\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + MSR1000 (Comware 7) - Version: R0306P52\n * HP Network Products\n - JG875A HP MSR1002-4 AC Router\n - JH060A HP MSR1003-8S AC Router\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + MSR2000 (Comware 7) - Version: R0306P52\n * HP Network Products\n - JG411A HP MSR2003 AC Router\n - JG734A HP MSR2004-24 AC Router\n - JG735A HP MSR2004-48 Router\n - JG866A HP MSR2003 TAA-compliant AC Router\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + MSR3000 (Comware 7) - Version: R0306P52\n * HP Network Products\n - JG404A HP MSR3064 Router\n - JG405A HP MSR3044 Router\n - JG406A HP MSR3024 AC Router\n - JG407A HP MSR3024 DC Router\n - JG408A HP MSR3024 PoE Router\n - JG409A HP MSR3012 AC Router\n - JG410A HP MSR3012 DC Router\n - JG861A HP MSR3024 TAA-compliant AC Router\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + MSR4000 (Comware 7) - Version: R0306P52\n * HP Network Products\n - JG402A HP MSR4080 Router Chassis\n - JG403A HP MSR4060 Router Chassis\n - JG412A HP MSR4000 MPU-100 Main Processing Unit\n - JG869A HP MSR4000 TAA-compliant MPU-100 Main Processing Unit\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + VSR (Comware 7) - Version: E0324\n * HP Network Products\n - JG810AAE HP VSR1001 Virtual Services Router 60 Day Evaluation\nSoftware\n - JG811AAE HP VSR1001 Comware 7 Virtual Services Router\n - JG812AAE HP VSR1004 Comware 7 Virtual Services Router\n - JG813AAE HP VSR1008 Comware 7 Virtual Services Router\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 7900 (Comware 7) - Version: R2152\n * HP Network Products\n - JG682A HP FlexFabric 7904 Switch Chassis\n - JG841A HP FlexFabric 7910 Switch Chassis\n - JG842A HP FlexFabric 7910 7.2Tbps Fabric / Main Processing Unit\n - JH001A HP FlexFabric 7910 2.4Tbps Fabric / Main Processing Unit\n - JH122A HP FlexFabric 7904 TAA-compliant Switch Chassis\n - JH123A HP FlexFabric 7910 TAA-compliant Switch Chassis\n - JH124A HP FlexFabric 7910 7.2Tbps TAA-compliant Fabric/Main\nProcessing Unit\n - JH125A HP FlexFabric 7910 2.4Tbps TAA-compliant Fabric/Main\nProcessing Unit\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 5130 (Comware 7) - Version: R3115\n * HP Network Products\n - JG932A HP 5130-24G-4SFP+ EI Switch\n - JG933A HP 5130-24G-SFP-4SFP+ EI Switch\n - JG934A HP 5130-48G-4SFP+ EI Switch\n - JG936A HP 5130-24G-PoE+-4SFP+ (370W) EI Switch\n - JG937A HP 5130-48G-PoE+-4SFP+ (370W) EI Switch\n - JG938A HP 5130-24G-2SFP+-2XGT EI Switch\n - JG939A HP 5130-48G-2SFP+-2XGT EI Switch\n - JG940A HP 5130-24G-PoE+-2SFP+-2XGT (370W) EI Switch\n - JG941A HP 5130-48G-PoE+-2SFP+-2XGT (370W) EI Switch\n - JG975A HP 5130-24G-4SFP+ EI Brazil Switch\n - JG976A HP 5130-48G-4SFP+ EI Brazil Switch\n - JG977A HP 5130-24G-PoE+-4SFP+ (370W) EI Brazil Switch\n - JG978A HP 5130-48G-PoE+-4SFP+ (370W) EI Brazil Switch\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 6125XLG - Version: R2422P02\n * HP Network Products\n - 711307-B21 HP 6125XLG Blade Switch\n - 737230-B21 HP 6125XLG Blade Switch with TAA\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 6127XLG - Version: R2422P02\n * HP Network Products\n - 787635-B21 HP 6127XLG Blade Switch Opt Kit\n - 787635-B22 HP 6127XLG Blade Switch with TAA\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + Moonshot - Version: R2432\n * HP Network Products\n - 786617-B21 - HP Moonshot-45Gc Switch Module\n - 704654-B21 - HP Moonshot-45XGc Switch Module\n - 786619-B21 - HP Moonshot-180XGc Switch Module\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 5700 (Comware 7) - Version: R2422P02\n * HP Network Products\n - JG894A HP FlexFabric 5700-48G-4XG-2QSFP+ Switch\n - JG895A HP FlexFabric 5700-48G-4XG-2QSFP+ TAA-compliant Switch\n - JG896A HP FlexFabric 5700-40XG-2QSFP+ Switch\n - JG897A HP FlexFabric 5700-40XG-2QSFP+ TAA-compliant Switch\n - JG898A HP FlexFabric 5700-32XGT-8XG-2QSFP+ Switch\n - JG899A HP FlexFabric 5700-32XGT-8XG-2QSFP+ TAA-compliant Switch\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 5930 (Comware 7) - Version: R2422P02\n * HP Network Products\n - JG726A HP FlexFabric 5930 32QSFP+ Switch\n - JG727A HP FlexFabric 5930 32QSFP+ TAA-compliant Switch\n - JH178A HP FlexFabric 5930 2QSFP+ 2-slot Switch\n - JH179A HP FlexFabric 5930 4-slot Switch\n - JH187A HP FlexFabric 5930 2QSFP+ 2-slot TAA-compliant Switch\n - JH188A HP FlexFabric 5930 4-slot TAA-compliant Switch\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 1950 (Comware 7) - Version: R3115\n * HP Network Products\n - JG960A HP 1950-24G-4XG Switch\n - JG961A HP 1950-48G-2SFP+-2XGT Switch\n - JG962A HP 1950-24G-2SFP+-2XGT-PoE+(370W) Switch\n - JG963A HP 1950-48G-2SFP+-2XGT-PoE+(370W) Switch\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 7500 (Comware 7) - Version: R7184\n * HP Network Products\n - JD238C HP 7510 Switch Chassis\n - JD239C HP 7506 Switch Chassis\n - JD240C HP 7503 Switch Chassis\n - JD242C HP 7502 Switch Chassis\n - JH207A HP 7500 1.2Tbps Fabric with 2-port 40GbE QSFP+ for IRF-Only\nMain Processing Unit\n - JH208A HP 7502 Main Processing Unit\n - JH209A HP 7500 2.4Tbps Fabric with 8-port 1/10GbE SFP+ and 2-port\n40GbE QSFP+ Main Processing Unit\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 5510HI (Comware 7) - Version: R1120P10\n * HP Network Products\n - JH145A HPE 5510 24G 4SFP+ HI 1-slot Switch\n - JH146A HPE 5510 48G 4SFP+ HI 1-slot Switch\n - JH147A HPE 5510 24G PoE+ 4SFP+ HI 1-slot Switch\n - JH148A HPE 5510 48G PoE+ 4SFP+ HI 1-slot Switch\n - JH149A HPE 5510 24G SFP 4SFP+ HI 1-slot Switch\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 5130HI (Comware 7) - Version: R1120P10\n * HP Network Products\n - JH323A HPE 5130 24G 4SFP+ 1-slot HI Switch\n - JH324A HPE 5130 48G 4SFP+ 1-slot HI Switch\n - JH325A HPE 5130 24G PoE+ 4SFP+ 1-slot HI Switch\n - JH326A HPE 5130 48G PoE+ 4SFP+ 1-slot HI Switch\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 5940 - Version: R2509\n * HP Network Products\n - JH390A HPE FlexFabric 5940 48SFP+ 6QSFP28 Switch\n - JH391A HPE FlexFabric 5940 48XGT 6QSFP28 Switch\n - JH394A HPE FlexFabric 5940 48XGT 6QSFP+ Switch\n - JH395A HPE FlexFabric 5940 48SFP+ 6QSFP+ Switch\n - JH396A HPE FlexFabric 5940 32QSFP+ Switch\n - JH397A HPE FlexFabric 5940 2-slot Switch\n - JH398A HPE FlexFabric 5940 4-slot Switch\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 5950 - Version: R6123\n * HP Network Products\n - JH321A HPE FlexFabric 5950 32QSFP28 Switch\n - JH402A HPE FlexFabric 5950 48SFP28 8QSFP28 Switch\n - JH404A HPE FlexFabric 5950 4-slot Switch\n + 12900E (Comware 7) - Version: R2609\n * HP Network Products\n - JG619A HP FlexFabric 12910 Switch AC Chassis\n - JG621A HP FlexFabric 12910 Main Processing Unit\n - JG632A HP FlexFabric 12916 Switch AC Chassis\n - JG634A HP FlexFabric 12916 Main Processing Unit\n - JH104A HP FlexFabric 12900E Main Processing Unit\n - JH114A HP FlexFabric 12910 TAA-compliant Main Processing Unit\n - JH263A HP FlexFabric 12904E Main Processing Unit\n - JH255A HP FlexFabric 12908E Switch Chassis\n - JH262A HP FlexFabric 12904E Switch Chassis\n - JH113A HP FlexFabric 12910 TAA-compliant Switch AC Chassis\n - JH103A HP FlexFabric 12916E Switch Chassis\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n\n\n**iMC Products**\n\n + iNode PC 7.2 (E0410) - Version: 7.2 E0410\n * HP Network Products\n - JD144A HP A-IMC User Access Management Software Module with 200-user\nLicense\n - JD147A HP IMC Endpoint Admission Defense Software Module with\n200-user License\n - JD435A HP A-IMC Endpoint Admission Defense Client Software\n - JF388A HP IMC User Authentication Management Software Module with\n200-user License\n - JF388AAE HP IMC User Authentication Management Software Module with\n200-user E-LTU\n - JF391A HP IMC Endpoint Admission Defense Software Module with\n200-user License\n - JF391AAE HP IMC Endpoint Admission Defense Software Module with\n200-user E-LTU\n - JG752AAE HP IMC User Access Manager Software Module with 50-user\nE-LTU\n - JG754AAE) HP IMC Endpoint Admission Defense Software Module with\n50-user E-LTU\n * CVEs\n - CVE-2016-2106\n - CVE-2016-2109\n - CVE-2016-2176\n + iMC UAM_TAM 7.2-E0409 - Version: 7.2 E0409\n * HP Network Products\n - JF388A HP IMC UAM S/W MODULE W/200-USER LICENSE\n - JF388AAE HP IMC UAM S/W MODULE W/200-USER E-LTU\n - JG752AAE HP IMC UAM SW MOD W/ 50-USER E-LTU\n - JG483A HP IMC TAM S/W MODULE W/100-NODE LIC\n - JG483AAE HP IMC TAM S/W MODULE W/100-NODE E-LTU\n - JG764AAE HP IMC TAM SW MOD W/ 50-NODE E-LTU\n * CVEs\n - CVE-2016-2106\n - CVE-2016-2109\n - CVE-2016-2176\n\n\n**VCX Products**\n\n + VCX - Version: 9.8.19\n * HP Network Products\n - J9672A HP VCX V7205 Platform w/ DL360 G7 Srvr\n - J9668A HP VCX IPC V7005 Pltfrm w/ DL120 G6 Srvr\n - JC517A HP VCX V7205 Platform w/DL 360 G6 Server\n - JE355A HP VCX V6000 Branch Platform 9.0\n - JC516A HP VCX V7005 Platform w/DL 120 G6 Server\n - JC518A HP VCX Connect 200 Primry 120 G6 Server\n - J9669A HP VCX IPC V7310 Pltfrm w/ DL360 G7 Srvr\n - JE341A HP VCX Connect 100 Secondary\n - JE252A HP VCX Connect Primary MIM Module\n - JE253A HP VCX Connect Secondary MIM Module\n - JE254A HP VCX Branch MIM Module\n - JE355A HP VCX V6000 Branch Platform 9.0\n - JD028A HP MS30-40 RTR w/VCX + T1/FXO/FXS/Mod\n - JD023A HP MSR30-40 Router with VCX MIM Module\n - JD024A HP MSR30-16 RTR w/VCX Ent Br Com MIM\n - JD025A HP MSR30-16 RTR w/VCX + 4FXO/2FXS Mod\n - JD026A HP MSR30-16 RTR w/VCX + 8FXO/4FXS Mod\n - JD027A HP MSR30-16 RTR w/VCX + 8BRI/4FXS Mod\n - JD029A HP MSR30-16 RTR w/VCX + E1/4BRI/4FXS\n - JE340A HP VCX Connect 100 Pri Server 9.0\n - JE342A HP VCX Connect 100 Sec Server 9.0\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n\n**Note:** Please contact HPE Technical Support if any assistance is needed\nacquiring the software updates. \n\nHISTORY\nVersion:1 (rev.1) - 2 June 2017 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running Hewlett Packard Enterprise (HPE) software\nproducts should be applied in accordance with the customer\u0027s patch management\npolicy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HPE Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hpe.com. \n\nReport: To report a potential security vulnerability for any HPE supported\nproduct:\n Web form: https://www.hpe.com/info/report-security-vulnerability\n Email: security-alert@hpe.com\n\nSubscribe: To initiate a subscription to receive future HPE Security Bulletin\nalerts via Email: http://www.hpe.com/support/Subscriber_Choice\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here: http://www.hpe.com/support/Security_Bulletin_Archive\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HPE General Software\nHF = HPE Hardware and Firmware\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPV = ProCurve\nST = Storage Software\nUX = HP-UX\n\nCopyright 2016 Hewlett Packard Enterprise\n\nHewlett Packard Enterprise shall not be liable for technical or editorial\nerrors or omissions contained herein. The information provided is provided\n\"as is\" without warranty of any kind. To the extent permitted by law, neither\nHP or its affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. Hewlett\nPackard Enterprise and the names of Hewlett Packard Enterprise products\nreferenced herein are trademarks of Hewlett Packard Enterprise in the United\nStates and other countries. Other product and company names mentioned herein\nmay be trademarks of their respective owners. \nCorrected: 2016-05-03 18:54:20 UTC (stable/10, 10.3-STABLE)\n 2016-05-04 15:25:47 UTC (releng/10.3, 10.3-RELEASE-p2)\n 2016-05-04 15:26:23 UTC (releng/10.2, 10.2-RELEASE-p16)\n 2016-05-04 15:27:09 UTC (releng/10.1, 10.1-RELEASE-p33)\n 2016-05-04 06:53:02 UTC (stable/9, 9.3-STABLE)\n 2016-05-04 15:27:09 UTC (releng/9.3, 9.3-RELEASE-p41)\nCVE Name: CVE-2016-2105, CVE-2016-2106, CVE-2016-2107, CVE-2016-2109,\n CVE-2016-2176\n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit \u003cURL:https://security.FreeBSD.org/\u003e. Background\n\nFreeBSD includes software from the OpenSSL Project. \n\nII. Problem Description\n\nThe padding check in AES-NI CBC MAC was rewritten to be in constant time\nby making sure that always the same bytes are read and compared against\neither the MAC or padding bytes. But it no longer checked that there was\nenough data to have both the MAC and padding bytes. [CVE-2016-2107]\n\nAn overflow can occur in the EVP_EncodeUpdate() function which is used for\nBase64 encoding of binary data. [CVE-2016-2105]\n\nAn overflow can occur in the EVP_EncryptUpdate() function, however it is\nbelieved that there can be no overflows in internal code due to this problem. \n[CVE-2016-2109]\n\nASN1 Strings that are over 1024 bytes can cause an overread in applications\nusing the X509_NAME_oneline() function on EBCDIC systems. [CVE-2016-2176]\nFreeBSD does not run on any EBCDIC systems and therefore is not affected. \n\nIII. [CVE-2016-2109] TLS applications are not affected. \n\nIV. Workaround\n\nNo workaround is available. \n\nV. Solution\n\nPerform one of the following:\n\n1) Upgrade your vulnerable system to a supported FreeBSD stable or\nrelease / security branch (releng) dated after the correction date. \n\nRestart all daemons that use the library, or reboot the system. \n\n2) To update your vulnerable system via a binary patch:\n\nSystems running a RELEASE version of FreeBSD on the i386 or amd64\nplatforms can be updated via the freebsd-update(8) utility:\n\n# freebsd-update fetch\n# freebsd-update install\n\nRestart all daemons that use the library, or reboot the system. \n\n3) To update your vulnerable system via a source code patch:\n\nThe following patches have been verified to apply to the applicable\nFreeBSD release branches. \n\na) Download the relevant patch from the location below, and verify the\ndetached PGP signature using your PGP utility. \n\n[FreeBSD 10.x]\n# fetch https://security.FreeBSD.org/patches/SA-16:17/openssl-10.patch\n# fetch https://security.FreeBSD.org/patches/SA-16:17/openssl-10.patch.asc\n# gpg --verify openssl-10.patch.asc\n\n[FreeBSD 9.3]\n# fetch https://security.FreeBSD.org/patches/SA-16:17/openssl-9.patc\n# fetch https://security.FreeBSD.org/patches/SA-16:17/openssl-9.patch.asc\n# gpg --verify openssl-9.patch.asc\n\nb) Apply the patch. Execute the following commands as root:\n\n# cd /usr/src\n# patch \u003c /path/to/patch\n\nc) Recompile the operating system using buildworld and installworld as\ndescribed in \u003cURL:https://www.FreeBSD.org/handbook/makeworld.html\u003e. \n\nRestart all daemons that use the library, or reboot the system. \n\nVI. Correction details\n\nThe following list contains the correction revision numbers for each\naffected branch. \n\nBranch/path Revision\n- -------------------------------------------------------------------------\nstable/9/ r299053\nreleng/9.3/ r299068\nstable/10/ r298999\nreleng/10.1/ r299068\nreleng/10.2/ r299067\nreleng/10.3/ r299066\n- -------------------------------------------------------------------------\n\nTo see which files were modified by a particular revision, run the\nfollowing command, replacing NNNNNN with the revision number, on a\nmachine with Subversion installed:\n\n# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base\n\nOr visit the following URL, replacing NNNNNN with the revision number:\n\n\u003cURL:https://svnweb.freebsd.org/base?view=revision\u0026revision=NNNNNN\u003e\n\nVII. \n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201612-16\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: OpenSSL: Multiple vulnerabilities\n Date: December 07, 2016\n Bugs: #581234, #585142, #585276, #591454, #592068, #592074,\n #592082, #594500, #595186\n ID: 201612-16\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in OpenSSL, the worst of which\nallows attackers to conduct a time based side-channel attack. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 dev-libs/openssl \u003c 1.0.2j \u003e= 1.0.2j\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in OpenSSL. Please review\nthe CVE identifiers and the International Association for Cryptologic\nResearch\u0027s (IACR) paper, \"Make Sure DSA Signing Exponentiations Really\nare Constant-Time\" for further details. Additionally, a time based side-channel\nattack may allow a local attacker to recover a private DSA key. \n\nResolution\n==========\n\nAll OpenSSL users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-1.0.2j\"\n\nReferences\n==========\n\n[ 1 ] CVE-2016-2105\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2105\n[ 2 ] CVE-2016-2106\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2106\n[ 3 ] CVE-2016-2107\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2107\n[ 4 ] CVE-2016-2108\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2108\n[ 5 ] CVE-2016-2109\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2109\n[ 6 ] CVE-2016-2176\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2176\n[ 7 ] CVE-2016-2177\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2177\n[ 8 ] CVE-2016-2178\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2178\n[ 9 ] CVE-2016-2180\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2180\n[ 10 ] CVE-2016-2183\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2183\n[ 11 ] CVE-2016-6304\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6304\n[ 12 ] CVE-2016-6305\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6305\n[ 13 ] CVE-2016-6306\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6306\n[ 14 ] CVE-2016-7052\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7052\n[ 15 ] Make Sure DSA Signing Exponentiations Really are Constant-Time\n http://eprint.iacr.org/2016/594.pdf\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201612-16\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2016 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n\n. \n\n\nHere are the details from the Slackware 14.1 ChangeLog:\n+--------------------------+\npatches/packages/openssl-1.0.1t-i486-1_slack14.1.txz: Upgraded. \n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated packages for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-1.0.1t-i486-1_slack14.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-solibs-1.0.1t-i486-1_slack14.0.txz\n\nUpdated packages for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-1.0.1t-x86_64-1_slack14.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-solibs-1.0.1t-x86_64-1_slack14.0.txz\n\nUpdated packages for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-1.0.1t-i486-1_slack14.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-solibs-1.0.1t-i486-1_slack14.1.txz\n\nUpdated packages for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-1.0.1t-x86_64-1_slack14.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-solibs-1.0.1t-x86_64-1_slack14.1.txz\n\nUpdated packages for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-1.0.2h-i586-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-1.0.2h-i586-1.txz\n\nUpdated packages for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/openssl-solibs-1.0.2h-x86_64-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssl-1.0.2h-x86_64-1.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 14.0 packages:\n033bd9509aeb07712e6bb3adf89c18e4 openssl-1.0.1t-i486-1_slack14.0.txz\n9e91d781e33f7af80cbad08b245e84ed openssl-solibs-1.0.1t-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 packages:\ne5c77ec16e3f2fcb2f1d53d84a6ba951 openssl-1.0.1t-x86_64-1_slack14.0.txz\n2de7b6196a905233036d7f38008984bd openssl-solibs-1.0.1t-x86_64-1_slack14.0.txz\n\nSlackware 14.1 packages:\n96dcae05ae2f585c30de852a55eb870f openssl-1.0.1t-i486-1_slack14.1.txz\n59618b061e62fd9d73ba17df7626b2e7 openssl-solibs-1.0.1t-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 packages:\n3d5ebfce099917703d537ab603e58a9b openssl-1.0.1t-x86_64-1_slack14.1.txz\nbf3a6bbdbe835dd2ce73333822cc9f06 openssl-solibs-1.0.1t-x86_64-1_slack14.1.txz\n\nSlackware -current packages:\n4889a10c5f3aa7104167c7d50eedf7ea a/openssl-solibs-1.0.2h-i586-1.txz\n8e3439f35c3cb4e11ca64eebb238a52f n/openssl-1.0.2h-i586-1.txz\n\nSlackware x86_64 -current packages:\nb4a852bb7e86389ec228288ccb7e79bb a/openssl-solibs-1.0.2h-x86_64-1.txz\nbcf9dc7bb04173f002644e3ce33ab4ab n/openssl-1.0.2h-x86_64-1.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the packages as root:\n# upgradepkg openssl-1.0.1t-i486-1_slack14.1.txz openssl-solibs-1.0.1t-i486-1_slack14.1.txz \n\nThen, reboot the machine or restart any network services that use OpenSSL. \n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list: |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message: |\n| |\n| unsubscribe slackware-security |\n| |\n| You will get a confirmation message back containing instructions to |\n| complete the process. Please do not reply to this email address. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: openssl security update\nAdvisory ID: RHSA-2016:0996-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2016-0996.html\nIssue date: 2016-05-10\nCVE Names: CVE-2016-0799 CVE-2016-2105 CVE-2016-2106 \n CVE-2016-2107 CVE-2016-2108 CVE-2016-2109 \n CVE-2016-2842 \n=====================================================================\n\n1. Summary:\n\nAn update for openssl is now available for Red Hat Enterprise Linux 6. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux HPC Node (v. 6) - x86_64\nRed Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64\nRed Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64\n\n3. Description:\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and\nTransport Layer Security (TLS) protocols, as well as a full-strength\ngeneral-purpose cryptography library. \n\nSecurity Fix(es):\n\n* A flaw was found in the way OpenSSL encoded certain ASN.1 data\nstructures. An attacker could use this flaw to create a specially crafted\ncertificate which, when verified or re-encoded by OpenSSL, could cause it\nto crash, or execute arbitrary code using the permissions of the user\nrunning an application compiled against the OpenSSL library. \n(CVE-2016-2108)\n\n* Two integer overflow flaws, leading to buffer overflows, were found in\nthe way the EVP_EncodeUpdate() and EVP_EncryptUpdate() functions of OpenSSL\nparsed very large amounts of input data. A remote attacker could use these\nflaws to crash an application using OpenSSL or, possibly, execute arbitrary\ncode with the permissions of the user running that application. \n(CVE-2016-2105, CVE-2016-2106)\n\n* It was discovered that OpenSSL leaked timing information when decrypting\nTLS/SSL and DTLS protocol encrypted records when the connection used the\nAES CBC cipher suite and the server supported AES-NI. A remote attacker\ncould possibly use this flaw to retrieve plain text from encrypted packets\nby using a TLS/SSL or DTLS server as a padding oracle. (CVE-2016-2107)\n\n* Several flaws were found in the way BIO_*printf functions were\nimplemented in OpenSSL. Applications which passed large amounts of\nuntrusted data through these functions could crash or potentially execute\ncode with the permissions of the user running such an application. \n(CVE-2016-0799, CVE-2016-2842)\n\n* A denial of service flaw was found in the way OpenSSL parsed certain\nASN.1-encoded data from BIO (OpenSSL\u0027s I/O abstraction) inputs. An\napplication using OpenSSL that accepts untrusted ASN.1 BIO input could be\nforced to allocate an excessive amount of data. (CVE-2016-2109)\n\nRed Hat would like to thank the OpenSSL project for reporting\nCVE-2016-2108, CVE-2016-2842, CVE-2016-2105, CVE-2016-2106, CVE-2016-2107,\nand CVE-2016-0799. Upstream acknowledges Huzaifa Sidhpurwala (Red Hat),\nHanno B\u00f6ck, and David Benjamin (Google) as the original reporters of\nCVE-2016-2108; Guido Vranken as the original reporter of CVE-2016-2842,\nCVE-2016-2105, CVE-2016-2106, and CVE-2016-0799; and Juraj Somorovsky as\nthe original reporter of CVE-2016-2107. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library\nmust be restarted, or the system rebooted. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1312219 - CVE-2016-0799 OpenSSL: Fix memory issues in BIO_*printf functions\n1314757 - CVE-2016-2842 openssl: doapr_outch function does not verify that certain memory allocation succeeds\n1330101 - CVE-2016-2109 openssl: ASN.1 BIO handling of large amounts of data\n1331402 - CVE-2016-2108 openssl: Memory corruption in the ASN.1 encoder\n1331426 - CVE-2016-2107 openssl: Padding oracle in AES-NI CBC MAC check\n1331441 - CVE-2016-2105 openssl: EVP_EncodeUpdate overflow\n1331536 - CVE-2016-2106 openssl: EVP_EncryptUpdate overflow\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 6):\n\nSource:\nopenssl-1.0.1e-48.el6_8.1.src.rpm\n\ni386:\nopenssl-1.0.1e-48.el6_8.1.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.1.i686.rpm\n\nx86_64:\nopenssl-1.0.1e-48.el6_8.1.i686.rpm\nopenssl-1.0.1e-48.el6_8.1.x86_64.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.1.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.1.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Optional (v. 6):\n\ni386:\nopenssl-debuginfo-1.0.1e-48.el6_8.1.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.1.i686.rpm\nopenssl-perl-1.0.1e-48.el6_8.1.i686.rpm\nopenssl-static-1.0.1e-48.el6_8.1.i686.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-48.el6_8.1.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.1.x86_64.rpm\nopenssl-devel-1.0.1e-48.el6_8.1.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.1.x86_64.rpm\nopenssl-perl-1.0.1e-48.el6_8.1.x86_64.rpm\nopenssl-static-1.0.1e-48.el6_8.1.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node (v. 6):\n\nSource:\nopenssl-1.0.1e-48.el6_8.1.src.rpm\n\nx86_64:\nopenssl-1.0.1e-48.el6_8.1.i686.rpm\nopenssl-1.0.1e-48.el6_8.1.x86_64.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.1.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.1.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Optional (v. 6):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-48.el6_8.1.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.1.x86_64.rpm\nopenssl-devel-1.0.1e-48.el6_8.1.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.1.x86_64.rpm\nopenssl-perl-1.0.1e-48.el6_8.1.x86_64.rpm\nopenssl-static-1.0.1e-48.el6_8.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 6):\n\nSource:\nopenssl-1.0.1e-48.el6_8.1.src.rpm\n\ni386:\nopenssl-1.0.1e-48.el6_8.1.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.1.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.1.i686.rpm\n\nppc64:\nopenssl-1.0.1e-48.el6_8.1.ppc.rpm\nopenssl-1.0.1e-48.el6_8.1.ppc64.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.1.ppc.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.1.ppc64.rpm\nopenssl-devel-1.0.1e-48.el6_8.1.ppc.rpm\nopenssl-devel-1.0.1e-48.el6_8.1.ppc64.rpm\n\ns390x:\nopenssl-1.0.1e-48.el6_8.1.s390.rpm\nopenssl-1.0.1e-48.el6_8.1.s390x.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.1.s390.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.1.s390x.rpm\nopenssl-devel-1.0.1e-48.el6_8.1.s390.rpm\nopenssl-devel-1.0.1e-48.el6_8.1.s390x.rpm\n\nx86_64:\nopenssl-1.0.1e-48.el6_8.1.i686.rpm\nopenssl-1.0.1e-48.el6_8.1.x86_64.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.1.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.1.x86_64.rpm\nopenssl-devel-1.0.1e-48.el6_8.1.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 6):\n\ni386:\nopenssl-debuginfo-1.0.1e-48.el6_8.1.i686.rpm\nopenssl-perl-1.0.1e-48.el6_8.1.i686.rpm\nopenssl-static-1.0.1e-48.el6_8.1.i686.rpm\n\nppc64:\nopenssl-debuginfo-1.0.1e-48.el6_8.1.ppc64.rpm\nopenssl-perl-1.0.1e-48.el6_8.1.ppc64.rpm\nopenssl-static-1.0.1e-48.el6_8.1.ppc64.rpm\n\ns390x:\nopenssl-debuginfo-1.0.1e-48.el6_8.1.s390x.rpm\nopenssl-perl-1.0.1e-48.el6_8.1.s390x.rpm\nopenssl-static-1.0.1e-48.el6_8.1.s390x.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-48.el6_8.1.x86_64.rpm\nopenssl-perl-1.0.1e-48.el6_8.1.x86_64.rpm\nopenssl-static-1.0.1e-48.el6_8.1.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 6):\n\nSource:\nopenssl-1.0.1e-48.el6_8.1.src.rpm\n\ni386:\nopenssl-1.0.1e-48.el6_8.1.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.1.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.1.i686.rpm\n\nx86_64:\nopenssl-1.0.1e-48.el6_8.1.i686.rpm\nopenssl-1.0.1e-48.el6_8.1.x86_64.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.1.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.1.x86_64.rpm\nopenssl-devel-1.0.1e-48.el6_8.1.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.1.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 6):\n\ni386:\nopenssl-debuginfo-1.0.1e-48.el6_8.1.i686.rpm\nopenssl-perl-1.0.1e-48.el6_8.1.i686.rpm\nopenssl-static-1.0.1e-48.el6_8.1.i686.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-48.el6_8.1.x86_64.rpm\nopenssl-perl-1.0.1e-48.el6_8.1.x86_64.rpm\nopenssl-static-1.0.1e-48.el6_8.1.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2016-0799\nhttps://access.redhat.com/security/cve/CVE-2016-2105\nhttps://access.redhat.com/security/cve/CVE-2016-2106\nhttps://access.redhat.com/security/cve/CVE-2016-2107\nhttps://access.redhat.com/security/cve/CVE-2016-2108\nhttps://access.redhat.com/security/cve/CVE-2016-2109\nhttps://access.redhat.com/security/cve/CVE-2016-2842\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFXMXPXXlSAg2UNWIIRAmqpAJ4sxaxPc4fbLjR32h/PW1fxwOZG7ACgtaSz\n6dbI0EemYRoHCDagPHSycq4=\n=g2Zb\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce. This could lead to a heap corruption. \n This could lead to a heap corruption. \n\nCVE-2016-2108\n\n David Benjamin from Google discovered that two separate bugs in the\n ASN.1 encoder, related to handling of negative zero integer values\n and large universal tags, could lead to an out-of-bounds write. This could result in arbitrary stack data\n being returned in the buffer. \n\nAdditional information about these issues can be found in the OpenSSL\nsecurity advisory at https://www.openssl.org/news/secadv/20160503.txt\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 1.0.1k-3+deb8u5. \n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.0.2h-1. \n\nWe recommend that you upgrade your openssl packages. \n\nReferences:\n\n - CVE-2016-2107 - OpenSSL, Unauthorized disclosure of information\n - CVE-2016-2106 - OpenSSL, Denial of Service (DoS)\n - CVE-2016-2109 - OpenSSL, Denial of Service (DoS)\n - CVE-2016-2105 - OpenSSL, Denial of Service (DoS)\n - CVE-2016-3739 - cURL and libcurl, Remote code execution\n - CVE-2016-5388 - \"HTTPoxy\", Apache Tomcat\n - CVE-2016-5387 - \"HTTPoxy\", Apache HTTP Server\n - CVE-2016-5385 - \"HTTPoxy\", PHP \n - CVE-2016-4543 - PHP, multiple impact\n - CVE-2016-4071 - PHP, multiple impact\n - CVE-2016-4072 - PHP, multiple impact\n - CVE-2016-4542 - PHP, multiple impact\n - CVE-2016-4541 - PHP, multiple impact\n - CVE-2016-4540 - PHP, multiple impact\n - CVE-2016-4539 - PHP, multiple impact\n - CVE-2016-4538 - PHP, multiple impact\n - CVE-2016-4537 - PHP, multiple impact\n - CVE-2016-4343 - PHP, multiple impact\n - CVE-2016-4342 - PHP, multiple impact\n - CVE-2016-4070 - PHP, Denial of Service (DoS)\n - CVE-2016-4393 - PSRT110263, XSS vulnerability\n - CVE-2016-4394 - PSRT110263, HSTS vulnerability\n - CVE-2016-4395 - ZDI-CAN-3722, PSRT110115, Buffer Overflow\n - CVE-2016-4396 - ZDI-CAN-3730, PSRT110116, Buffer Overflow\n - PSRT110145\n - PSRT110263\n - PSRT110115\n - PSRT110116\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\nAPPLE-SA-2016-07-18-1 OS X El Capitan v10.11.6 and Security Update\n2016-004\n\nOS X El Capitan v10.11.6 and Security Update 2016-004 is now\navailable and addresses the following:\n\napache_mod_php\nAvailable for: \nOS X Yosemite v10.10.5 and OS X El Capitan v10.11 and later\nImpact: A remote attacker may be able to execute arbitrary code\nDescription: Multiple issues existed in PHP versions prior to\n5.5.36. These were addressed by updating PHP to version 5.5.36. \nCVE-2016-4650\n\nAudio\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed through\nimproved memory handling. \nCVE-2016-4647 : Juwei Lin (@fuzzerDOTcn) of Trend Micro\n\nAudio\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to determine kernel memory layout\nDescription: An out-of-bounds read was addressed through improved\ninput validation. \nCVE-2016-4648 : Juwei Lin(@fuzzerDOTcn) of Trend Micro\n\nAudio\nAvailable for: OS X El Capitan v10.11 and later\nImpact: Parsing a maliciously crafted audio file may lead to the\ndisclosure of user information\nDescription: An out-of-bounds read was addressed through improved\nbounds checking. \nCVE-2016-4646 : Steven Seeley of Source Incite working with Trend\nMicro\u0027s Zero Day Initiative\n\nAudio\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to cause a system denial of service\nDescription: A null pointer dereference was addressed through\nimproved input validation. \nCVE-2016-4649 : Juwei Lin(@fuzzerDOTcn) of Trend Micro\n\nbsdiff\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local attacker may be able to cause unexpected application\ntermination or arbitrary code execution\nDescription: An integer overflow existed in bspatch. This issue was\naddressed through improved bounds checking. \nCVE-2014-9862 : an anonymous researcher\n\nCFNetwork\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to view sensitive user information\nDescription: A permissions issue existed in the handling of web\nbrowser cookies. This issue was addressed through improved\nrestrictions. \nCVE-2016-4645 : Abhinav Bansal of Zscaler Inc. \n\nCoreGraphics\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nand OS X El Capitan v10.11 and later\nImpact: A remote attacker may be able to execute arbitrary code\nDescription: A memory corruption issue was addressed through\nimproved memory handling. \nCVE-2016-4637 : Tyler Bohan of Cisco Talos (talosintel.com\n/vulnerability-reports)\n\nCoreGraphics\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to elevate privileges\nDescription: An out-of-bounds read issue existed that led to the\ndisclosure of kernel memory. This was addressed through improved\ninput validation. \nCVE-2016-4652 : Yubin Fu of Tencent KeenLab working with Trend\nMicro\u0027s Zero Day Initiative\n\nFaceTime\nAvailable for: OS X El Capitan v10.11 and later\nImpact: An attacker in a privileged network position may be able to\ncause a relayed call to continue transmitting audio while appearing\nas if the call terminated\nDescription: User interface inconsistencies existed in the handling\nof relayed calls. These issues were addressed through improved\nFaceTime display logic. \nCVE-2016-4635 : Martin Vigo\n\nGraphics Drivers\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed through\nimproved input validation. \nCVE-2016-4634 : Stefan Esser of SektionEins\n\nImageIO\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A remote attacker may be able to cause a denial of service\nDescription: A memory consumption issue was addressed through\nimproved memory handling. \nCVE-2016-4632 : Evgeny Sidorov of Yandex\n\nImageIO\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A remote attacker may be able to execute arbitrary code\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-4631 : Tyler Bohan of Cisco Talos (talosintel.com\n/vulnerability-reports)\n\nImageIO\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nand OS X El Capitan v10.11 and later\nImpact: A remote attacker may be able to execute arbitrary code\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-4629 : Tyler Bohan of Cisco Talos (talosintel.com\n/vulnerability-reports)\nCVE-2016-4630 : Tyler Bohan of Cisco Talos (talosintel.com\n/vulnerability-reports)\n\nIntel Graphics Driver\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A malicious application may be able to execute arbitrary\ncode with kernel privileges\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-4633 : an anonymous researcher\n\nIOHIDFamily\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: A null pointer dereference was addressed through\nimproved input validation. \nCVE-2016-4626 : Stefan Esser of SektionEins\n\nIOSurface\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: A use-after-free was addressed through improved memory\nmanagement. \nCVE-2016-4625 : Ian Beer of Google Project Zero\n\nKernel\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-1863 : Ian Beer of Google Project Zero\nCVE-2016-1864 : Ju Zhu of Trend Micro\nCVE-2016-4582 : Shrek_wzw and Proteas of Qihoo 360 Nirvan Team\n\nKernel\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to cause a system denial of service\nDescription: A null pointer dereference was addressed through\nimproved input validation. \nCVE-2016-1865 : CESG, Marco Grassi (@marcograss) of KeenLab\n(@keen_lab), Tencent\n\nlibc++abi\nAvailable for: OS X El Capitan v10.11 and later\nImpact: An application may be able to execute arbitrary code with\nroot privileges\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-4621 : an anonymous researcher\n\nlibexpat\nAvailable for: OS X El Capitan v10.11 and later\nImpact: Processing maliciously crafted XML may lead to unexpected\napplication termination or arbitrary code execution\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-0718 : Gustavo Grieco\n\nLibreSSL\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A remote attacker may be able to execute arbitrary code\nDescription: Multiple issues existed in LibreSSL before 2.2.7. These\nwere addressed by updating LibreSSL to version 2.2.7. \nCVE-2016-2108 : Huzaifa Sidhpurwala (Red Hat), Hanno Boeck, David Benjamin (Google) Mark Brand,\nIan Beer of Google Project Zero\nCVE-2016-2109 : Brian Carpenter\n\nlibxml2\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nand OS X El Capitan v10.11 and later\nImpact: Parsing a maliciously crafted XML document may lead to\ndisclosure of user information\nDescription: An access issue existed in the parsing of maliciously\ncrafted XML files. This issue was addressed through improved input\nvalidation. \nCVE-2016-4449 : Kostya Serebryany\n\nlibxml2\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nand OS X El Capitan v10.11 and later\nImpact: Multiple vulnerabilities in libxml2\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-1836 : Wei Lei and Liu Yang of Nanyang Technological\nUniversity\nCVE-2016-4447 : Wei Lei and Liu Yang of Nanyang Technological\nUniversity\nCVE-2016-4448 : Apple\nCVE-2016-4483 : Gustavo Grieco\nCVE-2016-4614 : Nick Wellnhofe\nCVE-2016-4615 : Nick Wellnhofer\nCVE-2016-4616 : Michael Paddon\nCVE-2016-4619 : Hanno Boeck\n\nlibxslt\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nand OS X El Capitan v10.11 and later\nImpact: Multiple vulnerabilities in libxslt\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-1684 : Nicolas GrA(c)goire\nCVE-2016-4607 : Nick Wellnhofer\nCVE-2016-4608 : Nicolas GrA(c)goire\nCVE-2016-4609 : Nick Wellnhofer\nCVE-2016-4610 : Nick Wellnhofer\nCVE-2016-4612 : Nicolas GrA(c)goire\n\nLogin Window\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A malicious application may be able to execute arbitrary\ncode leading to compromise of user information\nDescription: A memory corruption issue was addressed through\nimproved input validation. \nCVE-2016-4640 : Yubin Fu of Tencent KeenLab working with Trend\nMicro\u0027s Zero Day Initiative\n\nLogin Window\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A malicious application may be able to execute arbitrary\ncode leading to the compromise of user information\nDescription: A type confusion issue was addressed through improved\nmemory handling. \nCVE-2016-4641 : Yubin Fu of Tencent KeenLab working with Trend\nMicro\u0027s Zero Day Initiative\n\nLogin Window\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to cause a denial of service\nDescription: A memory initialization issue was addressed through\nimproved memory handling. \nCVE-2016-4639 : Yubin Fu of Tencent KeenLab working with Trend\nMicro\u0027s Zero Day Initiative\n\nLogin Window\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A malicious application may be able to gain root privileges\nDescription: A type confusion issue was addressed through improved\nmemory handling. \nCVE-2016-4638 : Yubin Fu of Tencent KeenLab working with Trend\nMicro\u0027s Zero Day Initiative\n\nOpenSSL\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A remote attacker may be able to execute arbitrary code\nDescription: Multiple issues existed in OpenSSL. These issues were resolved by backporting the fixes from OpenSSL 1.0.2h/1.0.1 to OpenSSL 0.9.8. \nCVE-2016-2105 : Guido Vranken\nCVE-2016-2106 : Guido Vranken\nCVE-2016-2107 : Juraj Somorovsky\nCVE-2016-2108 : Huzaifa Sidhpurwala (Red Hat), Hanno Boeck, David Benjamin (Google), Mark Brand and Ian Beer of Google Project Zero\nCVE-2016-2109 : Brian Carpenter\nCVE-2016-2176 : Guido Vranken\n\nQuickTime\nAvailable for: OS X El Capitan v10.11 and later\nImpact: Processing a maliciously crafted FlashPix Bitmap Image may\nlead to unexpected application termination or arbitrary code\nexecution\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-4596 : Ke Liu of Tencent\u0027s Xuanwu Lab\nCVE-2016-4597 : Ke Liu of Tencent\u0027s Xuanwu Lab\nCVE-2016-4600 : Ke Liu of Tencent\u0027s Xuanwu Lab\nCVE-2016-4602 : Ke Liu of Tencent\u0027s Xuanwu Lab\n\nQuickTime\nAvailable for: OS X El Capitan v10.11 and later\nImpact: Processing a maliciously crafted image may lead to arbitrary\ncode execution\nDescription: A memory corruption issue was addressed through\nimproved input validation. \nCVE-2016-4598 : Ke Liu of Tencent\u0027s Xuanwu Lab\n\nQuickTime\nAvailable for: OS X El Capitan v10.11 and later\nImpact: Processing a maliciously crafted SGI file may lead to\narbitrary code execution\nDescription: A memory corruption issue was addressed through\nimproved input validation. \nCVE-2016-4601 : Ke Liu of Tencent\u0027s Xuanwu Lab\n\nQuickTime\nAvailable for: OS X El Capitan v10.11 and later\nImpact: Processing a maliciously crafted Photoshop document may lead\nto unexpected application termination or arbitrary code execution\nDescription: A memory corruption issue was addressed through\nimproved input validation. \nCVE-2016-4599 : Ke Liu of Tencent\u0027s Xuanwu Lab\n\nSafari Login AutoFill\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A user\u0027s password may be visible on screen\nDescription: An issue existed in Safari\u0027s password auto-fill. This\nissue was addressed through improved matching of form fields. \nCVE-2016-4595 : Jonathan Lewis from DeARX Services (PTY) LTD\n\nSandbox Profiles\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local application may be able to access the process list\nDescription: An access issue existed with privileged API calls. This\nissue was addressed through additional restrictions. \nCVE-2016-4594 : Stefan Esser of SektionEins\n\nNote: OS X El Capitan 10.11.6 includes the security content of Safari\n9.1.2. For further details see https://support.apple.com/kb/HT206900\n\n\nOS X El Capitan v10.11.6 and Security Update 2016-004 may be obtained\nfrom the Mac App Store or Apple\u0027s Software Downloads web site:\nhttp://www.apple.com/support/downloads/\n\nInformation will also be posted to the Apple Security Updates\nweb site: http://support.apple.com/kb/HT201222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n-----BEGIN PGP SIGNATURE-----\nComment: GPGTools - https://gpgtools.org\n\niQIcBAEBCgAGBQJXjXAvAAoJEIOj74w0bLRG/5EP/2v9SJTrO+/4b3A1gqC1ch8y\n+cJ04tXRsO7rvjKT5nCylo30U0Sanz/bUbDx4559YS7/P/IyeyZVheaTJwK8wzEy\npSOPpy35hUuVIw0/p4YsuHDThSBPFMmDljTxH7elkfuBV1lPSrCkyDXc0re2HxWV\nxj68zAxtM0jkkhgcxb2ApZSZVXhrjUZtbY0xEVOoWKKFwbMvKfx+4xSqunwQeS1u\nwevs1EbxfvsZbc3pG+xYcOonbegBzOy9aCvNO1Yv1zG+AYXC5ERMq1vk3PsWOTQN\nZVY1I7mvCaEfvmjq2isRw8XYapAIKISDLwMKBSYrZDQFwPQLRi1VXxQZ67Kq1M3k\nah04/lr0RIcoosIcBqxD2+1UAFjUzEUNFkYivjhuaeegN2QdL7Ujegf1QjdAt8lk\nmmKduxYUDOaRX50Kw7n14ZveJqzE1D5I6QSItaZ9M1vR60a7u91DSj9D87vbt1YC\nJM/Rvf/4vonp1NjwA2JQwCiZfYliBDdn9iiCl8mzxdsSRD/wXcZCs05nnKmKsCfc\n55ET7IwdG3622lVheOJGQZuucwJiTn36zC11XVzZysQd/hLD5rUKUQNX1WOgZdzs\nxPsslXF5MWx9jcdyWVSWxDrN0sFk+GpQFQDuVozP60xuxqR3qQ0TXir2NP39uIF5\nYozOGPQFmX0OviWCQsX6\n=ng+m\n-----END PGP SIGNATURE-----\n. Description:\n\nThis release of Red Hat JBoss Core Services httpd 2.4.23 serves as a\nreplacement for JBoss Core Services Apache HTTP Server 2.4.6. (CVE-2014-8176,\nCVE-2015-0209, CVE-2015-0286, CVE-2015-3194, CVE-2015-3195, CVE-2015-3196,\nCVE-2015-3216, CVE-2016-0702, CVE-2016-0705, CVE-2016-0797, CVE-2016-0799,\nCVE-2016-2105, CVE-2016-2106, CVE-2016-2107, CVE-2016-2108, CVE-2016-2109,\nCVE-2016-2177, CVE-2016-2178, CVE-2016-2842)\n\n* This update fixes several flaws in libxml2. (CVE-2016-1762,\nCVE-2016-1833, CVE-2016-1834, CVE-2016-1835, CVE-2016-1836, CVE-2016-1837,\nCVE-2016-1838, CVE-2016-1839, CVE-2016-1840, CVE-2016-3627, CVE-2016-3705,\nCVE-2016-4447, CVE-2016-4448, CVE-2016-4449, CVE-2016-4483)\n\n* This update fixes three flaws in curl. (CVE-2016-5419, CVE-2016-5420,\nCVE-2016-7141)\n\n* This update fixes two flaws in httpd. (CVE-2014-3523, CVE-2015-3185)\n\n* This update fixes two flaws in mod_cluster. (CVE-2016-4459,\nCVE-2016-8612)\n\n* A buffer overflow flaw when concatenating virtual host names and URIs was\nfixed in mod_jk. (CVE-2016-6808)\n\n* A memory leak flaw was fixed in expat. \n\nSee the corresponding CVE pages linked to in the References section for\nmore information about each of the flaws listed in this advisory. Solution:\n\nThe References section of this erratum contains a download link (you must\nlog in to download the update). Before applying the update, back up your\nexisting Red Hat JBoss Web Server installation (including all applications\nand configuration files). \n\nAfter installing the updated packages, the httpd daemon will be restarted\nautomatically. JIRA issues fixed (https://issues.jboss.org/):\n\nJBCS-50 - CVE-2012-1148 CVE-2012-0876 expat: various flaws [jbews-3.0.0]\nJBCS-95 - CVE-2014-3523 httpd: WinNT MPM denial of service\n\n6",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-2109"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002476"
},
{
"db": "BID",
"id": "87940"
},
{
"db": "VULMON",
"id": "CVE-2016-2109"
},
{
"db": "PACKETSTORM",
"id": "142803"
},
{
"db": "PACKETSTORM",
"id": "136919"
},
{
"db": "PACKETSTORM",
"id": "140056"
},
{
"db": "PACKETSTORM",
"id": "136912"
},
{
"db": "PACKETSTORM",
"id": "136958"
},
{
"db": "PACKETSTORM",
"id": "136893"
},
{
"db": "PACKETSTORM",
"id": "139379"
},
{
"db": "PACKETSTORM",
"id": "143513"
},
{
"db": "PACKETSTORM",
"id": "137958"
},
{
"db": "PACKETSTORM",
"id": "140182"
}
],
"trust": 2.88
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-2109",
"trust": 3.8
},
{
"db": "BID",
"id": "87940",
"trust": 2.0
},
{
"db": "PACKETSTORM",
"id": "136912",
"trust": 1.8
},
{
"db": "BID",
"id": "91787",
"trust": 1.7
},
{
"db": "MCAFEE",
"id": "SB10160",
"trust": 1.7
},
{
"db": "TENABLE",
"id": "TNS-2016-18",
"trust": 1.7
},
{
"db": "PULSESECURE",
"id": "SA40202",
"trust": 1.7
},
{
"db": "SIEMENS",
"id": "SSA-412672",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1035721",
"trust": 1.7
},
{
"db": "JUNIPER",
"id": "JSA10759",
"trust": 1.7
},
{
"db": "JVN",
"id": "JVNVU93163809",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU94844193",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002476",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2022.0696",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.2148",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201605-083",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-22-349-21",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-2109",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "142803",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136919",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "140056",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136958",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136893",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "139379",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "143513",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "137958",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "140182",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-2109"
},
{
"db": "BID",
"id": "87940"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002476"
},
{
"db": "PACKETSTORM",
"id": "142803"
},
{
"db": "PACKETSTORM",
"id": "136919"
},
{
"db": "PACKETSTORM",
"id": "140056"
},
{
"db": "PACKETSTORM",
"id": "136912"
},
{
"db": "PACKETSTORM",
"id": "136958"
},
{
"db": "PACKETSTORM",
"id": "136893"
},
{
"db": "PACKETSTORM",
"id": "139379"
},
{
"db": "PACKETSTORM",
"id": "143513"
},
{
"db": "PACKETSTORM",
"id": "137958"
},
{
"db": "PACKETSTORM",
"id": "140182"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-083"
},
{
"db": "NVD",
"id": "CVE-2016-2109"
}
]
},
"id": "VAR-201605-0079",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.43052093714285716
},
"last_update_date": "2024-07-23T20:50:53.695000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APPLE-SA-2016-07-18-1 OS X El Capitan v10.11.6 and Security Update 2016-004",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce/2016/jul/msg00000.html"
},
{
"title": "HT206903",
"trust": 0.8,
"url": "https://support.apple.com/en-us/ht206903"
},
{
"title": "HT206903",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/ht206903"
},
{
"title": "HPSBMU03691",
"trust": 0.8,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05390722"
},
{
"title": "SB10160",
"trust": 0.8,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10160"
},
{
"title": "NV16-015",
"trust": 0.8,
"url": "http://jpn.nec.com/security-info/secinfo/nv16-015.html"
},
{
"title": "Major changes between OpenSSL 1.0.1s and OpenSSL 1.0.1t [3 May 2016]",
"trust": 0.8,
"url": "https://www.openssl.org/news/openssl-1.0.1-notes.html"
},
{
"title": "Major changes between OpenSSL 1.0.2g and OpenSSL 1.0.2h [3 May 2016]",
"trust": 0.8,
"url": "https://www.openssl.org/news/openssl-1.0.2-notes.html"
},
{
"title": "Harden ASN.1 BIO handling of large amounts of data.",
"trust": 0.8,
"url": "https://git.openssl.org/?p=openssl.git;a=commit;h=c62981390d6cf9e3d612c489b8b77c2913b25807"
},
{
"title": "ASN.1 BIO excessive memory allocation (CVE-2016-2109)",
"trust": 0.8,
"url": "https://www.openssl.org/news/secadv/20160503.txt"
},
{
"title": "Oracle Critical Patch Update Advisory - October 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"title": "Oracle Critical Patch Update Advisory - July 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"title": "Oracle Linux Bulletin - July 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
},
{
"title": "Oracle Linux Bulletin - April 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
},
{
"title": "Oracle Solaris Third Party Bulletin - April 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"title": "Oracle VM Server for x86 Bulletin - July 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
},
{
"title": "RHSA-2016:0722",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/rhsa-2016-0722.html"
},
{
"title": "RHSA-2016:0996",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/rhsa-2016-0996.html"
},
{
"title": "SA40202",
"trust": 0.8,
"url": "https://kb.pulsesecure.net/articles/pulse_security_advisories/sa40202"
},
{
"title": "JSA10759",
"trust": 0.8,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10759"
},
{
"title": "TLSA-2016-14",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2016/tlsa-2016-14j.html"
},
{
"title": "HS16-023",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/prod/comp/soft1/security/info/vuls/hs16-023/index.html"
},
{
"title": "OpenSSL ASN.1 BIO Fixes to implement a denial of service vulnerability",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=61408"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2016/05/03/openssl_patches/"
},
{
"title": "Red Hat: Important: openssl security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20162073 - security advisory"
},
{
"title": "Red Hat: CVE-2016-2109",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2016-2109"
},
{
"title": "Ubuntu Security Notice: openssl vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-2959-1"
},
{
"title": "Debian Security Advisories: DSA-3566-1 openssl -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=055972eb84483959232c972f757685e0"
},
{
"title": "Amazon Linux AMI: ALAS-2016-695",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2016-695"
},
{
"title": "Tenable Security Advisories: [R5] OpenSSL \u002720160503\u0027 Advisory Affects Tenable Products",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=tns-2016-10"
},
{
"title": "Red Hat: Important: Red Hat JBoss Core Services Apache HTTP 2.4.23 Release",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20162957 - security advisory"
},
{
"title": "IBM: IBM Security Bulletin: Fabric OS firmware for Brocade 8Gb SAN Switch Module for BladeCenter is affected by vulnerabilities in OpenSSL and OpenSSH",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=b7f5b1e7edcafce07f28205855d4db49"
},
{
"title": "Tenable Security Advisories: [R3] PVS 5.1.0 Fixes Multiple Third-party Library Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=tns-2016-13"
},
{
"title": "Symantec Security Advisories: SA123 : OpenSSL Vulnerabilities 3-May-2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=5d65f6765e60e5fe9e6998a5bde1aadc"
},
{
"title": "Forcepoint Security Advisories: CVE-2016-2105, 2106, 2107, 2108, 2109, 2176 -- Security Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=forcepoint_security_advisories\u0026qid=01fd01e3d154696ffabfde89f4142310"
},
{
"title": "Oracle Linux Bulletins: Oracle Linux Bulletin - April 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=83bbd91f8369c8f064e6d68dac68400f"
},
{
"title": "Android Security Bulletins: Android Security Bulletin\u2014July 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=8c840629bfabaea20b649ca3c4988587"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - April 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=976a4da35d55283870dbb31b88a6c655"
},
{
"title": "Oracle Linux Bulletins: Oracle Linux Bulletin - July 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=0bd8c924b56aac98dda0f5b45f425f38"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - July 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=3a04485ebb79f7fbc2472bf9af5ce489"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - April 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=143b3fb255063c81571469eaa3cf0a87"
},
{
"title": "Tenable Security Advisories: [R7] LCE 4.8.1 Fixes Multiple Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=tns-2016-18"
},
{
"title": "Oracle VM Server for x86 Bulletins: Oracle VM Server for x86 Bulletin - July 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_vm_server_for_x86_bulletins\u0026qid=6c15273f6bf4a785175f27073b98a1ce"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=05aabe19d38058b7814ef5514aab4c0c"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - January 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=e2a7f287e9acc8c64ab3df71130bc64d"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - July 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=2f446a7e1ea263c0c3a365776c6713f2"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - July 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=5f8c525f1408011628af1792207b2099"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-2109 "
},
{
"title": "alpine-cvecheck",
"trust": 0.1,
"url": "https://github.com/tomwillfixit/alpine-cvecheck "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/imhunterand/hackerone-publicy-disclosed "
},
{
"title": "satellite-host-cve",
"trust": 0.1,
"url": "https://github.com/redhatsatellite/satellite-host-cve "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-2109"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002476"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-083"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-002476"
},
{
"db": "NVD",
"id": "CVE-2016-2109"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "https://www.openssl.org/news/secadv/20160503.txt"
},
{
"trust": 2.0,
"url": "http://rhn.redhat.com/errata/rhsa-2016-0722.html"
},
{
"trust": 2.0,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"trust": 2.0,
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
},
{
"trust": 2.0,
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
},
{
"trust": 2.0,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"trust": 2.0,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160504-openssl"
},
{
"trust": 1.8,
"url": "http://rhn.redhat.com/errata/rhsa-2016-0996.html"
},
{
"trust": 1.8,
"url": "http://rhn.redhat.com/errata/rhsa-2016-2957.html"
},
{
"trust": 1.8,
"url": "https://security.gentoo.org/glsa/201612-16"
},
{
"trust": 1.7,
"url": "https://kb.pulsesecure.net/articles/pulse_security_advisories/sa40202"
},
{
"trust": 1.7,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10160"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2016/jul/msg00000.html"
},
{
"trust": 1.7,
"url": "https://support.apple.com/ht206903"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/91787"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"trust": 1.7,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05320149"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/87940"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00016.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00014.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00018.html"
},
{
"trust": 1.7,
"url": "https://www.freebsd.org/security/advisories/freebsd-sa-16:17.openssl.asc"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00010.html"
},
{
"trust": 1.7,
"url": "http://www.ubuntu.com/usn/usn-2959-1"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00036.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00015.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00017.html"
},
{
"trust": 1.7,
"url": "http://rhn.redhat.com/errata/rhsa-2016-2073.html"
},
{
"trust": 1.7,
"url": "http://rhn.redhat.com/errata/rhsa-2016-2056.html"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"trust": 1.7,
"url": "https://security.netapp.com/advisory/ntap-20160504-0001/"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"trust": 1.7,
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03765en_us"
},
{
"trust": 1.7,
"url": "https://source.android.com/security/bulletin/2017-07-01"
},
{
"trust": 1.7,
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03756en_us"
},
{
"trust": 1.7,
"url": "https://www.tenable.com/security/tns-2016-18"
},
{
"trust": 1.7,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05390722"
},
{
"trust": 1.7,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10759"
},
{
"trust": 1.7,
"url": "http://packetstormsecurity.com/files/136912/slackware-security-advisory-openssl-updates.html"
},
{
"trust": 1.7,
"url": "https://bto.bluecoat.com/security-advisory/sa123"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00029.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00008.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00011.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00030.html"
},
{
"trust": 1.7,
"url": "http://www.debian.org/security/2016/dsa-3566"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1035721"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00055.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00019.html"
},
{
"trust": 1.7,
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2016\u0026m=slackware-security.542103"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00013.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00001.html"
},
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
},
{
"trust": 1.1,
"url": "https://git.openssl.org/?p=openssl.git%3ba=commit%3bh=c62981390d6cf9e3d612c489b8b77c2913b25807"
},
{
"trust": 1.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2107"
},
{
"trust": 1.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2109"
},
{
"trust": 1.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2106"
},
{
"trust": 1.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2105"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2109"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu93163809/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu94844193/"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-2109"
},
{
"trust": 0.8,
"url": "http://www.aratana.jp/security/detail.php?id=16"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2108"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2176"
},
{
"trust": 0.6,
"url": "https://git.openssl.org/?p=openssl.git;a=commit;h=c62981390d6cf9e3d612c489b8b77c2913b25807"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
},
{
"trust": 0.6,
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10887855"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.2148/"
},
{
"trust": 0.4,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05320149"
},
{
"trust": 0.3,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1330101"
},
{
"trust": 0.3,
"url": "https://git.openssl.org/?p=openssl.git;a=commitdiff;h=c62981390d6cf9e3d612c489b8b77c2913b25807"
},
{
"trust": 0.3,
"url": "http://openssl.org/"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2016/may/25"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1023779"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1023814"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1024078"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1024319"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1024507"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg2c1000158"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1021361"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1021376"
},
{
"trust": 0.3,
"url": "https://securityadvisories.paloaltonetworks.com/home/detail/56?aspxautodetectcookiesupport=1"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21987903"
},
{
"trust": 0.3,
"url": "https://support.asperasoft.com/hc/en-us/articles/229505687-security-bulletin-multiple-openssl-vulnerabilities-affect-ibm-aspera-shares-1-9-2-or-earlier-%20-ibm-aspera-console-3-0-6-or-earlier"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1024066"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21988007"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1009147"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21983158"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21984323"
},
{
"trust": 0.3,
"url": "https://www-01.ibm.com/support/docview.wss?uid=swg21984483"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21984583"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21984609"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21984794"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21984920"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21984977"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21985736"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986068"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986123"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986152"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986260"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986473"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986506"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986563"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986564"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986669"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21987671"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21987779"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21987968"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21988055"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21988071"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21988189"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21988350"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21988383"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21988976"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21989046"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21992493"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg2c1000192"
},
{
"trust": 0.3,
"url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory20.asc"
},
{
"trust": 0.3,
"url": "http://www.hpe.com/support/security_bulletin_archive"
},
{
"trust": 0.3,
"url": "https://www.hpe.com/info/report-security-vulnerability"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c01345499"
},
{
"trust": 0.3,
"url": "http://www.hpe.com/support/subscriber_choice"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-2109"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-2107"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0799"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-2106"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-2105"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.2,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-2842"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-0799"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-2108"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1836"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/399.html"
},
{
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-2109"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2016:2073"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/2959-1/"
},
{
"trust": 0.1,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-21"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=49332"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-hpesbhf03756en_us"
},
{
"trust": 0.1,
"url": "https://www.freebsd.org/handbook/makeworld.html\u003e."
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-16:17/openssl-9.patch.asc"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/\u003e."
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-16:17/openssl-9.patc"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-16:17/openssl-10.patch"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2105\u003e"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2106\u003e"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2176\u003e"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/news/secadv/20160503.txt\u003e"
},
{
"trust": 0.1,
"url": "https://svnweb.freebsd.org/base?view=revision\u0026revision=nnnnnn\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/advisories/freebsd-sa-16:17.openssl.asc\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-16:17/openssl-10.patch.asc"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2109\u003e"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2107\u003e"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2180"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2105"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2178"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2183"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2107"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2178"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2176"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2177"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-7052"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-6304"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-6305"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2106"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2108"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7052"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6306"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2109"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6304"
},
{
"trust": 0.1,
"url": "http://eprint.iacr.org/2016/594.pdf"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6305"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2180"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2177"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2183"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-6306"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2107"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2176"
},
{
"trust": 0.1,
"url": "http://slackware.com"
},
{
"trust": 0.1,
"url": "http://osuosl.org)"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2108"
},
{
"trust": 0.1,
"url": "http://slackware.com/gpg-key"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2105"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2106"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2842"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-5387"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4393"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4396"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4537"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-3739"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4395"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4542"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4538"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-5385"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4070"
},
{
"trust": 0.1,
"url": "https://www.hpe.com/us/en/product-catalog/detail/pip.344313.html\u003e"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4072"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4071"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4343"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4543"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4541"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4394"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4539"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4540"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-5388"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4342"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-hpesbhf03765en_us"
},
{
"trust": 0.1,
"url": "http://h20565.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-a00006123en_"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0718"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4599"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4601"
},
{
"trust": 0.1,
"url": "https://gpgtools.org"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4449"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4483"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4600"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1865"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4597"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4596"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4447"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1863"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4582"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4595"
},
{
"trust": 0.1,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1864"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-9862"
},
{
"trust": 0.1,
"url": "http://support.apple.com/kb/ht201222"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4607"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4448"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4598"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1684"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4602"
},
{
"trust": 0.1,
"url": "https://support.apple.com/kb/ht206900"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4594"
},
{
"trust": 0.1,
"url": "https://issues.jboss.org/):"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0705"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-3196"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-4448"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3216"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0702"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0797"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-8176"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-6808"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1835"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en/red-hat-jboss-core-services-apache-http-server/version-2.4.23/apache-http-server-2423-release-notes/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-3705"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1838"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3196"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1839"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3523"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2177"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-4483"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-3523"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-8612"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1148"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1840"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0797"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3185"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0705"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-3185"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-3194"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1833"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?product=core.service.apachehttp\u0026downloadtype=distributions\u0026version=2.4.23"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8176"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1840"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1836"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1762"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1835"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-4449"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-0286"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1762"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-5420"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2178"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0286"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-3627"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2012-1148"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1837"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1834"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3195"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0209"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1837"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1839"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-5419"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-4459"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-0209"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-3195"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0702"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-3216"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1838"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1833"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1834"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-4447"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-7141"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-2109"
},
{
"db": "BID",
"id": "87940"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002476"
},
{
"db": "PACKETSTORM",
"id": "142803"
},
{
"db": "PACKETSTORM",
"id": "136919"
},
{
"db": "PACKETSTORM",
"id": "140056"
},
{
"db": "PACKETSTORM",
"id": "136912"
},
{
"db": "PACKETSTORM",
"id": "136958"
},
{
"db": "PACKETSTORM",
"id": "136893"
},
{
"db": "PACKETSTORM",
"id": "139379"
},
{
"db": "PACKETSTORM",
"id": "143513"
},
{
"db": "PACKETSTORM",
"id": "137958"
},
{
"db": "PACKETSTORM",
"id": "140182"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-083"
},
{
"db": "NVD",
"id": "CVE-2016-2109"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2016-2109"
},
{
"db": "BID",
"id": "87940"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002476"
},
{
"db": "PACKETSTORM",
"id": "142803"
},
{
"db": "PACKETSTORM",
"id": "136919"
},
{
"db": "PACKETSTORM",
"id": "140056"
},
{
"db": "PACKETSTORM",
"id": "136912"
},
{
"db": "PACKETSTORM",
"id": "136958"
},
{
"db": "PACKETSTORM",
"id": "136893"
},
{
"db": "PACKETSTORM",
"id": "139379"
},
{
"db": "PACKETSTORM",
"id": "143513"
},
{
"db": "PACKETSTORM",
"id": "137958"
},
{
"db": "PACKETSTORM",
"id": "140182"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-083"
},
{
"db": "NVD",
"id": "CVE-2016-2109"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-05-05T00:00:00",
"db": "VULMON",
"id": "CVE-2016-2109"
},
{
"date": "2016-04-26T00:00:00",
"db": "BID",
"id": "87940"
},
{
"date": "2016-05-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-002476"
},
{
"date": "2017-06-05T18:18:00",
"db": "PACKETSTORM",
"id": "142803"
},
{
"date": "2016-05-05T16:11:49",
"db": "PACKETSTORM",
"id": "136919"
},
{
"date": "2016-12-07T16:37:31",
"db": "PACKETSTORM",
"id": "140056"
},
{
"date": "2016-05-04T14:53:10",
"db": "PACKETSTORM",
"id": "136912"
},
{
"date": "2016-05-10T17:01:56",
"db": "PACKETSTORM",
"id": "136958"
},
{
"date": "2016-05-03T22:55:47",
"db": "PACKETSTORM",
"id": "136893"
},
{
"date": "2016-10-27T19:22:00",
"db": "PACKETSTORM",
"id": "139379"
},
{
"date": "2017-07-26T17:44:00",
"db": "PACKETSTORM",
"id": "143513"
},
{
"date": "2016-07-19T19:45:20",
"db": "PACKETSTORM",
"id": "137958"
},
{
"date": "2016-12-16T16:34:49",
"db": "PACKETSTORM",
"id": "140182"
},
{
"date": "2016-05-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201605-083"
},
{
"date": "2016-05-05T01:59:05.357000",
"db": "NVD",
"id": "CVE-2016-2109"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2016-2109"
},
{
"date": "2017-05-02T01:10:00",
"db": "BID",
"id": "87940"
},
{
"date": "2017-10-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-002476"
},
{
"date": "2022-12-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201605-083"
},
{
"date": "2023-11-07T02:30:56.300000",
"db": "NVD",
"id": "CVE-2016-2109"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201605-083"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL of ASN.1 BIO Implementation of crypto/asn1/a_d2i_fp.c of asn1_d2i_read_bio Service disruption in functions (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-002476"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201605-083"
}
],
"trust": 0.6
}
}
VAR-201605-0075
Vulnerability from variot - Updated: 2024-07-23 20:50Integer overflow in the EVP_EncodeUpdate function in crypto/evp/encode.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of binary data. OpenSSL is prone to a buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it into an insufficiently sized buffer.. Attackers can exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will result in denial-of-service conditions. Following product versions are affected: OpenSSL versions 1.0.2 prior to 1.0.2h OpenSSL versions 1.0.1 prior to 1.0.1t. It supports a variety of encryption algorithms, including symmetric ciphers, hash algorithms, security hashing algorithm, etc. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: openssl security update Advisory ID: RHSA-2016:0996-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-0996.html Issue date: 2016-05-10 CVE Names: CVE-2016-0799 CVE-2016-2105 CVE-2016-2106 CVE-2016-2107 CVE-2016-2108 CVE-2016-2109 CVE-2016-2842 =====================================================================
- Summary:
An update for openssl is now available for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64
- Description:
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.
Security Fix(es):
-
A flaw was found in the way OpenSSL encoded certain ASN.1 data structures. An attacker could use this flaw to create a specially crafted certificate which, when verified or re-encoded by OpenSSL, could cause it to crash, or execute arbitrary code using the permissions of the user running an application compiled against the OpenSSL library. (CVE-2016-2105, CVE-2016-2106)
-
It was discovered that OpenSSL leaked timing information when decrypting TLS/SSL and DTLS protocol encrypted records when the connection used the AES CBC cipher suite and the server supported AES-NI. A remote attacker could possibly use this flaw to retrieve plain text from encrypted packets by using a TLS/SSL or DTLS server as a padding oracle. (CVE-2016-2107)
-
Several flaws were found in the way BIO_*printf functions were implemented in OpenSSL. Applications which passed large amounts of untrusted data through these functions could crash or potentially execute code with the permissions of the user running such an application. (CVE-2016-0799, CVE-2016-2842)
-
A denial of service flaw was found in the way OpenSSL parsed certain ASN.1-encoded data from BIO (OpenSSL's I/O abstraction) inputs. An application using OpenSSL that accepts untrusted ASN.1 BIO input could be forced to allocate an excessive amount of data. (CVE-2016-2109)
Red Hat would like to thank the OpenSSL project for reporting CVE-2016-2108, CVE-2016-2842, CVE-2016-2105, CVE-2016-2106, CVE-2016-2107, and CVE-2016-0799. Upstream acknowledges Huzaifa Sidhpurwala (Red Hat), Hanno Böck, and David Benjamin (Google) as the original reporters of CVE-2016-2108; Guido Vranken as the original reporter of CVE-2016-2842, CVE-2016-2105, CVE-2016-2106, and CVE-2016-0799; and Juraj Somorovsky as the original reporter of CVE-2016-2107.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.
- Package List:
Red Hat Enterprise Linux Desktop (v. 6):
Source: openssl-1.0.1e-48.el6_8.1.src.rpm
i386: openssl-1.0.1e-48.el6_8.1.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.1.i686.rpm
x86_64: openssl-1.0.1e-48.el6_8.1.i686.rpm openssl-1.0.1e-48.el6_8.1.x86_64.rpm openssl-debuginfo-1.0.1e-48.el6_8.1.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.1.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
i386: openssl-debuginfo-1.0.1e-48.el6_8.1.i686.rpm openssl-devel-1.0.1e-48.el6_8.1.i686.rpm openssl-perl-1.0.1e-48.el6_8.1.i686.rpm openssl-static-1.0.1e-48.el6_8.1.i686.rpm
x86_64: openssl-debuginfo-1.0.1e-48.el6_8.1.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.1.x86_64.rpm openssl-devel-1.0.1e-48.el6_8.1.i686.rpm openssl-devel-1.0.1e-48.el6_8.1.x86_64.rpm openssl-perl-1.0.1e-48.el6_8.1.x86_64.rpm openssl-static-1.0.1e-48.el6_8.1.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source: openssl-1.0.1e-48.el6_8.1.src.rpm
x86_64: openssl-1.0.1e-48.el6_8.1.i686.rpm openssl-1.0.1e-48.el6_8.1.x86_64.rpm openssl-debuginfo-1.0.1e-48.el6_8.1.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.1.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
x86_64: openssl-debuginfo-1.0.1e-48.el6_8.1.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.1.x86_64.rpm openssl-devel-1.0.1e-48.el6_8.1.i686.rpm openssl-devel-1.0.1e-48.el6_8.1.x86_64.rpm openssl-perl-1.0.1e-48.el6_8.1.x86_64.rpm openssl-static-1.0.1e-48.el6_8.1.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source: openssl-1.0.1e-48.el6_8.1.src.rpm
i386: openssl-1.0.1e-48.el6_8.1.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.1.i686.rpm openssl-devel-1.0.1e-48.el6_8.1.i686.rpm
ppc64: openssl-1.0.1e-48.el6_8.1.ppc.rpm openssl-1.0.1e-48.el6_8.1.ppc64.rpm openssl-debuginfo-1.0.1e-48.el6_8.1.ppc.rpm openssl-debuginfo-1.0.1e-48.el6_8.1.ppc64.rpm openssl-devel-1.0.1e-48.el6_8.1.ppc.rpm openssl-devel-1.0.1e-48.el6_8.1.ppc64.rpm
s390x: openssl-1.0.1e-48.el6_8.1.s390.rpm openssl-1.0.1e-48.el6_8.1.s390x.rpm openssl-debuginfo-1.0.1e-48.el6_8.1.s390.rpm openssl-debuginfo-1.0.1e-48.el6_8.1.s390x.rpm openssl-devel-1.0.1e-48.el6_8.1.s390.rpm openssl-devel-1.0.1e-48.el6_8.1.s390x.rpm
x86_64: openssl-1.0.1e-48.el6_8.1.i686.rpm openssl-1.0.1e-48.el6_8.1.x86_64.rpm openssl-debuginfo-1.0.1e-48.el6_8.1.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.1.x86_64.rpm openssl-devel-1.0.1e-48.el6_8.1.i686.rpm openssl-devel-1.0.1e-48.el6_8.1.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
i386: openssl-debuginfo-1.0.1e-48.el6_8.1.i686.rpm openssl-perl-1.0.1e-48.el6_8.1.i686.rpm openssl-static-1.0.1e-48.el6_8.1.i686.rpm
ppc64: openssl-debuginfo-1.0.1e-48.el6_8.1.ppc64.rpm openssl-perl-1.0.1e-48.el6_8.1.ppc64.rpm openssl-static-1.0.1e-48.el6_8.1.ppc64.rpm
s390x: openssl-debuginfo-1.0.1e-48.el6_8.1.s390x.rpm openssl-perl-1.0.1e-48.el6_8.1.s390x.rpm openssl-static-1.0.1e-48.el6_8.1.s390x.rpm
x86_64: openssl-debuginfo-1.0.1e-48.el6_8.1.x86_64.rpm openssl-perl-1.0.1e-48.el6_8.1.x86_64.rpm openssl-static-1.0.1e-48.el6_8.1.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source: openssl-1.0.1e-48.el6_8.1.src.rpm
i386: openssl-1.0.1e-48.el6_8.1.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.1.i686.rpm openssl-devel-1.0.1e-48.el6_8.1.i686.rpm
x86_64: openssl-1.0.1e-48.el6_8.1.i686.rpm openssl-1.0.1e-48.el6_8.1.x86_64.rpm openssl-debuginfo-1.0.1e-48.el6_8.1.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.1.x86_64.rpm openssl-devel-1.0.1e-48.el6_8.1.i686.rpm openssl-devel-1.0.1e-48.el6_8.1.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
i386: openssl-debuginfo-1.0.1e-48.el6_8.1.i686.rpm openssl-perl-1.0.1e-48.el6_8.1.i686.rpm openssl-static-1.0.1e-48.el6_8.1.i686.rpm
x86_64: openssl-debuginfo-1.0.1e-48.el6_8.1.x86_64.rpm openssl-perl-1.0.1e-48.el6_8.1.x86_64.rpm openssl-static-1.0.1e-48.el6_8.1.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2016-0799 https://access.redhat.com/security/cve/CVE-2016-2105 https://access.redhat.com/security/cve/CVE-2016-2106 https://access.redhat.com/security/cve/CVE-2016-2107 https://access.redhat.com/security/cve/CVE-2016-2108 https://access.redhat.com/security/cve/CVE-2016-2109 https://access.redhat.com/security/cve/CVE-2016-2842 https://access.redhat.com/security/updates/classification/#important
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFXMXPXXlSAg2UNWIIRAmqpAJ4sxaxPc4fbLjR32h/PW1fxwOZG7ACgtaSz 6dbI0EemYRoHCDagPHSycq4= =g2Zb -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
APPLE-SA-2016-07-18-1 OS X El Capitan v10.11.6 and Security Update 2016-004
OS X El Capitan v10.11.6 and Security Update 2016-004 is now available and addresses the following:
apache_mod_php
Available for:
OS X Yosemite v10.10.5 and OS X El Capitan v10.11 and later
Impact: A remote attacker may be able to execute arbitrary code
Description: Multiple issues existed in PHP versions prior to
5.5.36. These were addressed by updating PHP to version 5.5.36.
CVE-2016-4650
Audio Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed through improved memory handling. CVE-2016-4647 : Juwei Lin (@fuzzerDOTcn) of Trend Micro
Audio Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to determine kernel memory layout Description: An out-of-bounds read was addressed through improved input validation. CVE-2016-4648 : Juwei Lin(@fuzzerDOTcn) of Trend Micro
Audio Available for: OS X El Capitan v10.11 and later Impact: Parsing a maliciously crafted audio file may lead to the disclosure of user information Description: An out-of-bounds read was addressed through improved bounds checking. CVE-2016-4646 : Steven Seeley of Source Incite working with Trend Micro's Zero Day Initiative
Audio Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to cause a system denial of service Description: A null pointer dereference was addressed through improved input validation. CVE-2016-4649 : Juwei Lin(@fuzzerDOTcn) of Trend Micro
bsdiff Available for: OS X El Capitan v10.11 and later Impact: A local attacker may be able to cause unexpected application termination or arbitrary code execution Description: An integer overflow existed in bspatch. This issue was addressed through improved bounds checking. CVE-2014-9862 : an anonymous researcher
CFNetwork Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to view sensitive user information Description: A permissions issue existed in the handling of web browser cookies. This issue was addressed through improved restrictions. CVE-2016-4645 : Abhinav Bansal of Zscaler Inc.
CoreGraphics Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later Impact: A remote attacker may be able to execute arbitrary code Description: A memory corruption issue was addressed through improved memory handling. CVE-2016-4637 : Tyler Bohan of Cisco Talos (talosintel.com /vulnerability-reports)
CoreGraphics Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to elevate privileges Description: An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed through improved input validation. CVE-2016-4652 : Yubin Fu of Tencent KeenLab working with Trend Micro's Zero Day Initiative
FaceTime Available for: OS X El Capitan v10.11 and later Impact: An attacker in a privileged network position may be able to cause a relayed call to continue transmitting audio while appearing as if the call terminated Description: User interface inconsistencies existed in the handling of relayed calls. These issues were addressed through improved FaceTime display logic. CVE-2016-4635 : Martin Vigo
Graphics Drivers Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed through improved input validation. CVE-2016-4634 : Stefan Esser of SektionEins
ImageIO Available for: OS X El Capitan v10.11 and later Impact: A remote attacker may be able to cause a denial of service Description: A memory consumption issue was addressed through improved memory handling. CVE-2016-4632 : Evgeny Sidorov of Yandex
ImageIO Available for: OS X El Capitan v10.11 and later Impact: A remote attacker may be able to execute arbitrary code Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-4631 : Tyler Bohan of Cisco Talos (talosintel.com /vulnerability-reports)
ImageIO Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later Impact: A remote attacker may be able to execute arbitrary code Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-4629 : Tyler Bohan of Cisco Talos (talosintel.com /vulnerability-reports) CVE-2016-4630 : Tyler Bohan of Cisco Talos (talosintel.com /vulnerability-reports)
Intel Graphics Driver Available for: OS X El Capitan v10.11 and later Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-4633 : an anonymous researcher
IOHIDFamily Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A null pointer dereference was addressed through improved input validation. CVE-2016-4626 : Stefan Esser of SektionEins
IOSurface Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A use-after-free was addressed through improved memory management. CVE-2016-4625 : Ian Beer of Google Project Zero
Kernel Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-1863 : Ian Beer of Google Project Zero CVE-2016-1864 : Ju Zhu of Trend Micro CVE-2016-4582 : Shrek_wzw and Proteas of Qihoo 360 Nirvan Team
Kernel Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to cause a system denial of service Description: A null pointer dereference was addressed through improved input validation. CVE-2016-1865 : CESG, Marco Grassi (@marcograss) of KeenLab (@keen_lab), Tencent
libc++abi Available for: OS X El Capitan v10.11 and later Impact: An application may be able to execute arbitrary code with root privileges Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-4621 : an anonymous researcher
libexpat Available for: OS X El Capitan v10.11 and later Impact: Processing maliciously crafted XML may lead to unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-0718 : Gustavo Grieco
LibreSSL Available for: OS X El Capitan v10.11 and later Impact: A remote attacker may be able to execute arbitrary code Description: Multiple issues existed in LibreSSL before 2.2.7. These were addressed by updating LibreSSL to version 2.2.7. CVE-2016-2108 : Huzaifa Sidhpurwala (Red Hat), Hanno Boeck, David Benjamin (Google) Mark Brand, Ian Beer of Google Project Zero CVE-2016-2109 : Brian Carpenter
libxml2 Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later Impact: Parsing a maliciously crafted XML document may lead to disclosure of user information Description: An access issue existed in the parsing of maliciously crafted XML files. This issue was addressed through improved input validation. CVE-2016-4449 : Kostya Serebryany
libxml2 Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later Impact: Multiple vulnerabilities in libxml2 Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-1836 : Wei Lei and Liu Yang of Nanyang Technological University CVE-2016-4447 : Wei Lei and Liu Yang of Nanyang Technological University CVE-2016-4448 : Apple CVE-2016-4483 : Gustavo Grieco CVE-2016-4614 : Nick Wellnhofe CVE-2016-4615 : Nick Wellnhofer CVE-2016-4616 : Michael Paddon CVE-2016-4619 : Hanno Boeck
libxslt Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later Impact: Multiple vulnerabilities in libxslt Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-1684 : Nicolas GrA(c)goire CVE-2016-4607 : Nick Wellnhofer CVE-2016-4608 : Nicolas GrA(c)goire CVE-2016-4609 : Nick Wellnhofer CVE-2016-4610 : Nick Wellnhofer CVE-2016-4612 : Nicolas GrA(c)goire
Login Window Available for: OS X El Capitan v10.11 and later Impact: A malicious application may be able to execute arbitrary code leading to compromise of user information Description: A memory corruption issue was addressed through improved input validation. CVE-2016-4640 : Yubin Fu of Tencent KeenLab working with Trend Micro's Zero Day Initiative
Login Window Available for: OS X El Capitan v10.11 and later Impact: A malicious application may be able to execute arbitrary code leading to the compromise of user information Description: A type confusion issue was addressed through improved memory handling. CVE-2016-4641 : Yubin Fu of Tencent KeenLab working with Trend Micro's Zero Day Initiative
Login Window Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to cause a denial of service Description: A memory initialization issue was addressed through improved memory handling. CVE-2016-4639 : Yubin Fu of Tencent KeenLab working with Trend Micro's Zero Day Initiative
Login Window Available for: OS X El Capitan v10.11 and later Impact: A malicious application may be able to gain root privileges Description: A type confusion issue was addressed through improved memory handling. CVE-2016-4638 : Yubin Fu of Tencent KeenLab working with Trend Micro's Zero Day Initiative
OpenSSL Available for: OS X El Capitan v10.11 and later Impact: A remote attacker may be able to execute arbitrary code Description: Multiple issues existed in OpenSSL. These issues were resolved by backporting the fixes from OpenSSL 1.0.2h/1.0.1 to OpenSSL 0.9.8. CVE-2016-2105 : Guido Vranken CVE-2016-2106 : Guido Vranken CVE-2016-2107 : Juraj Somorovsky CVE-2016-2108 : Huzaifa Sidhpurwala (Red Hat), Hanno Boeck, David Benjamin (Google), Mark Brand and Ian Beer of Google Project Zero CVE-2016-2109 : Brian Carpenter CVE-2016-2176 : Guido Vranken
QuickTime Available for: OS X El Capitan v10.11 and later Impact: Processing a maliciously crafted FlashPix Bitmap Image may lead to unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-4596 : Ke Liu of Tencent's Xuanwu Lab CVE-2016-4597 : Ke Liu of Tencent's Xuanwu Lab CVE-2016-4600 : Ke Liu of Tencent's Xuanwu Lab CVE-2016-4602 : Ke Liu of Tencent's Xuanwu Lab
QuickTime Available for: OS X El Capitan v10.11 and later Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved input validation. CVE-2016-4598 : Ke Liu of Tencent's Xuanwu Lab
QuickTime Available for: OS X El Capitan v10.11 and later Impact: Processing a maliciously crafted SGI file may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved input validation. CVE-2016-4601 : Ke Liu of Tencent's Xuanwu Lab
QuickTime Available for: OS X El Capitan v10.11 and later Impact: Processing a maliciously crafted Photoshop document may lead to unexpected application termination or arbitrary code execution Description: A memory corruption issue was addressed through improved input validation. CVE-2016-4599 : Ke Liu of Tencent's Xuanwu Lab
Safari Login AutoFill Available for: OS X El Capitan v10.11 and later Impact: A user's password may be visible on screen Description: An issue existed in Safari's password auto-fill. This issue was addressed through improved matching of form fields. CVE-2016-4595 : Jonathan Lewis from DeARX Services (PTY) LTD
Sandbox Profiles Available for: OS X El Capitan v10.11 and later Impact: A local application may be able to access the process list Description: An access issue existed with privileged API calls. This issue was addressed through additional restrictions. CVE-2016-4594 : Stefan Esser of SektionEins
Note: OS X El Capitan 10.11.6 includes the security content of Safari 9.1.2. For further details see https://support.apple.com/kb/HT206900
OS X El Capitan v10.11.6 and Security Update 2016-004 may be obtained from the Mac App Store or Apple's Software Downloads web site: http://www.apple.com/support/downloads/
Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org
iQIcBAEBCgAGBQJXjXAvAAoJEIOj74w0bLRG/5EP/2v9SJTrO+/4b3A1gqC1ch8y +cJ04tXRsO7rvjKT5nCylo30U0Sanz/bUbDx4559YS7/P/IyeyZVheaTJwK8wzEy pSOPpy35hUuVIw0/p4YsuHDThSBPFMmDljTxH7elkfuBV1lPSrCkyDXc0re2HxWV xj68zAxtM0jkkhgcxb2ApZSZVXhrjUZtbY0xEVOoWKKFwbMvKfx+4xSqunwQeS1u wevs1EbxfvsZbc3pG+xYcOonbegBzOy9aCvNO1Yv1zG+AYXC5ERMq1vk3PsWOTQN ZVY1I7mvCaEfvmjq2isRw8XYapAIKISDLwMKBSYrZDQFwPQLRi1VXxQZ67Kq1M3k ah04/lr0RIcoosIcBqxD2+1UAFjUzEUNFkYivjhuaeegN2QdL7Ujegf1QjdAt8lk mmKduxYUDOaRX50Kw7n14ZveJqzE1D5I6QSItaZ9M1vR60a7u91DSj9D87vbt1YC JM/Rvf/4vonp1NjwA2JQwCiZfYliBDdn9iiCl8mzxdsSRD/wXcZCs05nnKmKsCfc 55ET7IwdG3622lVheOJGQZuucwJiTn36zC11XVzZysQd/hLD5rUKUQNX1WOgZdzs xPsslXF5MWx9jcdyWVSWxDrN0sFk+GpQFQDuVozP60xuxqR3qQ0TXir2NP39uIF5 YozOGPQFmX0OviWCQsX6 =ng+m -----END PGP SIGNATURE----- . Description:
Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7.
This release includes bug fixes and enhancements, as well as a new release of OpenSSL that addresses a number of outstanding security flaws. For further information, see the knowledge base article linked to in the References section. (CVE-2016-2108)
-
Multiple flaws were found in the way httpd parsed HTTP requests and responses using chunked transfer encoding. A remote attacker could use these flaws to create a specially crafted request, which httpd would decode differently from an HTTP proxy software in front of it, possibly leading to HTTP request smuggling attacks. (CVE-2015-3195)
-
A flaw was found in the way the TLS protocol composes the Diffie-Hellman exchange (for both export and non-export grade cipher suites). An attacker could use this flaw to downgrade a DHE connection to use export-grade key sizes, which could then be broken by sufficient pre-computation. This can lead to a passive man-in-the-middle attack in which the attacker is able to decrypt all traffic. (CVE-2016-2106)
-
It was discovered that it is possible to remotely Segfault Apache http server with a specially crafted string sent to the mod_cluster via service messages (MCMP). (CVE-2016-2109)
-
It was discovered that specifying configuration with a JVMRoute path longer than 80 characters will cause segmentation fault leading to a server crash.
The References section of this erratum contains a download link (you must log in to download the update)
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201605-0075",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.2d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.2c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.2e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.2f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.2"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.2a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.2b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.2g"
},
{
"model": "enterprise linux hpc node eus",
"scope": "eq",
"trust": 1.3,
"vendor": "redhat",
"version": "7.2"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.3,
"vendor": "redhat",
"version": "7.2"
},
{
"model": "enterprise linux server eus",
"scope": "eq",
"trust": 1.3,
"vendor": "redhat",
"version": "7.2"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "8.53"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "8.54"
},
{
"model": "secure global desktop",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "4.63"
},
{
"model": "secure global desktop",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "5.2"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "8.55"
},
{
"model": "secure global desktop",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "4.71"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1q"
},
{
"model": "mysql",
"scope": "gte",
"trust": 1.0,
"vendor": "oracle",
"version": "5.7.0"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "node.js",
"scope": "lt",
"trust": 1.0,
"vendor": "nodejs",
"version": "0.12.14"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "15.10"
},
{
"model": "node.js",
"scope": "gte",
"trust": 1.0,
"vendor": "nodejs",
"version": "5.0.0"
},
{
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "node.js",
"scope": "eq",
"trust": 1.0,
"vendor": "nodejs",
"version": "6.0.0"
},
{
"model": "mysql",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "5.6.30"
},
{
"model": "mysql",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "5.7.12"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1m"
},
{
"model": "node.js",
"scope": "lt",
"trust": 1.0,
"vendor": "nodejs",
"version": "5.11.1"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1b"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "14.04"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "8.0"
},
{
"model": "node.js",
"scope": "lt",
"trust": 1.0,
"vendor": "nodejs",
"version": "0.10.45"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1r"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "12.04"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1p"
},
{
"model": "mysql",
"scope": "gte",
"trust": 1.0,
"vendor": "oracle",
"version": "5.6.0"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1a"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "node.js",
"scope": "gte",
"trust": 1.0,
"vendor": "nodejs",
"version": "0.10.0"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1o"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1n"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "13.2"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1f"
},
{
"model": "node.js",
"scope": "lt",
"trust": 1.0,
"vendor": "nodejs",
"version": "4.4.4"
},
{
"model": "node.js",
"scope": "gte",
"trust": 1.0,
"vendor": "nodejs",
"version": "4.0.0"
},
{
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6"
},
{
"model": "node.js",
"scope": "gte",
"trust": 1.0,
"vendor": "nodejs",
"version": "4.2.0"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.11.5"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1e"
},
{
"model": "leap",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "42.1"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1s"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1l"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1c"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "16.04"
},
{
"model": "node.js",
"scope": "lte",
"trust": 1.0,
"vendor": "nodejs",
"version": "4.1.2"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "node.js",
"scope": "gte",
"trust": 1.0,
"vendor": "nodejs",
"version": "0.12.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "esmpro/serveragentservice",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "all versions (linux)"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "(v. 7)"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "foundation v8.2 to v8.5"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "(v. 7)"
},
{
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "(v. 6)"
},
{
"model": "ucosminexus developer standard",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "enterprise linux hpc node eus",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "(v. 7.2)"
},
{
"model": "fusion middleware",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "of oracle access manager 11.1.1.7"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v3.0"
},
{
"model": "ucosminexus application server smart edition",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v6.2"
},
{
"model": "cosminexus developer version 5",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "(v. 7)"
},
{
"model": "exalogic infrastructure",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "1.x"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v7.1"
},
{
"model": "mysql",
"scope": "lte",
"trust": 0.8,
"vendor": "oracle",
"version": "5.7.12 and earlier"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.1t"
},
{
"model": "cosminexus primary server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "base version 6"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "(v. 7.2)"
},
{
"model": "openssl",
"scope": "lt",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.2"
},
{
"model": "leap",
"scope": null,
"trust": 0.8,
"vendor": "opensuse",
"version": null
},
{
"model": "websam",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "7.0"
},
{
"model": "cosminexus developer standard version 6",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus developer professional version 6",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "professional for plug-in"
},
{
"model": "web server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "none"
},
{
"model": "ucosminexus service platform",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "- messaging"
},
{
"model": "ip38x/3000",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "cosminexus application server version 5",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ip38x/1200",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "st ard v8.2 to v9.4"
},
{
"model": "mysql",
"scope": "lte",
"trust": 0.8,
"vendor": "oracle",
"version": "5.6.30 and earlier"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v3.1"
},
{
"model": "websam",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "netvisorpro 6.1"
},
{
"model": "ip38x/810",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "webotx enterprise service bus",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v8.2 to v9.3"
},
{
"model": "ip38x/n500",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "ucosminexus developer light",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "/sg series sg3600lm/lg/lj v6.1"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "(v. 6)"
},
{
"model": "cosminexus developer light version 6",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "st ard-r"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "(v. 6)"
},
{
"model": "ucosminexus service platform",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "none"
},
{
"model": "capssuite",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v3.0 to v4.0"
},
{
"model": "univerge",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "business connect v7.1.1"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v4.0"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "10.11 and later"
},
{
"model": "enterprise linux server eus",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "(v. 7.2)"
},
{
"model": "ip38x/sr100",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "cosminexus application server enterprise",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 6"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.2h"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "(v. 6)"
},
{
"model": "cosminexus primary server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 6"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v8.0"
},
{
"model": "websam",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "6.2"
},
{
"model": "enterprisedirectoryserver",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "ver6.1 to v8.0"
},
{
"model": "secureware/pki application development kit",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "ver3.2"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v7.0"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "/sg series intersecvm/sg v1.2"
},
{
"model": "ip38x/1210",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "ucosminexus primary server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "base"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "express v8.2 to v9.4"
},
{
"model": "exalogic infrastructure",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "2.x"
},
{
"model": "ucosminexus service architect",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server enterprise",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "(v. 7)"
},
{
"model": "cosminexus application server standard",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 6"
},
{
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "express"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "enterprise v8.2 to v9.4"
},
{
"model": "web server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "- security enhancement"
},
{
"model": "ip38x/3500",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "ip38x/fw120",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "01"
},
{
"model": "openssl",
"scope": "lt",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "opensuse",
"scope": null,
"trust": 0.8,
"vendor": "opensuse",
"version": null
},
{
"model": "ip38x/5000",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "ucosminexus application server standard",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "professional"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v8.2"
},
{
"model": "fusion middleware",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "of oracle access manager 10.1.4.x"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "/sg series univerge sg3000lg/lj"
},
{
"model": "registered envelope service",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence video communication server",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "0"
},
{
"model": "paging server",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": "11.5.1"
},
{
"model": "nexus series switches 5.2 sv3",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": "1000v"
},
{
"model": "network performance analytics",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "0"
},
{
"model": "ironport encryption appliance",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "0"
},
{
"model": "spa51x series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mate collector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ata series analog terminal adaptor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1900"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.3"
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "security network controller 1.0.3361m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "telepresence server on virtual machine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "network health framework",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "spa232d multi-line dect ata",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2"
},
{
"model": "show and share",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(1)"
},
{
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.2.1"
},
{
"model": "unified series ip phones",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "780011.5.2"
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.3.0.0"
},
{
"model": "clean access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.2"
},
{
"model": "lancope stealthwatch flowcollector netflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.22"
},
{
"model": "hosted collaboration mediation fulfillment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.6(3)"
},
{
"model": "10.2-release-p8",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(3.10000.9)"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.3"
},
{
"model": "proactive network operations center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence server mr2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "87104.2"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.40"
},
{
"model": "emergency responder",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"model": "video distribution suite for internet streaming",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3.2"
},
{
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.2"
},
{
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6"
},
{
"model": "video surveillance media server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11"
},
{
"model": "project openssl 1.0.1e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "lancope stealthwatch udp director",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.2"
},
{
"model": "nexus series blade switches 0.9.8zf",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4000"
},
{
"model": "telepresence isdn link",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.1.6"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.5"
},
{
"model": "project openssl 1.0.2g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0.1"
},
{
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32400"
},
{
"model": "telepresence sx series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.3.7"
},
{
"model": "project openssl 1.0.1a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5.1.6"
},
{
"model": "unified intelligent contact management enterprise",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.51"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "85100"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5.1.131"
},
{
"model": "unified workforce optimization",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.1"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1.4"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"model": "lancope stealthwatch flowcollector netflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.1"
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.2"
},
{
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.26"
},
{
"model": "mediasense 9.0",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "abyp-4tl-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.8"
},
{
"model": "powerkvm",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"model": "cognos business intelligence interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.119"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1209"
},
{
"model": "asr series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50000"
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4.0.0"
},
{
"model": "10.1-release-p26",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "edge digital media player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3400"
},
{
"model": "enterprise content delivery system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.8"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.2"
},
{
"model": "prime collaboration assurance sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"model": "tivoli netcool system service monitors fp3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(1)"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.29"
},
{
"model": "workload deployer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.16"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.3"
},
{
"model": "unified contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.11"
},
{
"model": "intelligent automation for cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.8"
},
{
"model": "jabber guest",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0(2)"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3361"
},
{
"model": "10.1-release-p5",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "unified ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "69010"
},
{
"model": "prime security manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9.5.4.3"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.13-34"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.20"
},
{
"model": "im and presence service",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"model": "ata analog telephone adaptor",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1879.2.5"
},
{
"model": "tivoli netcool system service monitors fp15",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "jabber guest",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "show and share",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5(2)"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.23"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.1"
},
{
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.4.0.1"
},
{
"model": "real-time compression appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.2"
},
{
"model": "cloud manager with openstack interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.3"
},
{
"model": "prime license manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ucs central 1.5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "prime collaboration deployment",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"model": "mobile foundation consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.0.1"
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "series ip phones vpn feature",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8800-11.5.2"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3394"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.2"
},
{
"model": "visual quality experience server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "filenet system monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"model": "project openssl 1.0.1t",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "anyconnect secure mobility client for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3"
},
{
"model": "content security management appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "10.1-release-p28",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "agent for openflow",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.4.0"
},
{
"model": "netezza platform software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.3"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.1"
},
{
"model": "image construction and composition tool",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.1.0"
},
{
"model": "webex recording playback client",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime collaboration assurance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "asa next-generation firewall services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "9.3-release-p38",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.6"
},
{
"model": "telepresence content server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tandberg codian mse model",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83200"
},
{
"model": "mysql enterprise backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.10.1"
},
{
"model": "local collector appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2.8"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.2"
},
{
"model": "9.3-release-p10",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.3-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "digital media players series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44000"
},
{
"model": "mds series multilayer switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "90008.3"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.16-37"
},
{
"model": "10.2-release-p13",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "nexus series switches 7.3.1nx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.1"
},
{
"model": "opensuse evergreen",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.4"
},
{
"model": "prime infrastructure standalone plug and play gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "spa50x series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings for blackberry",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tivoli netcool system service monitors interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.014-01"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.24"
},
{
"model": "security identity manager virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.3"
},
{
"model": "lancope stealthwatch flowcollector sflow",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 1.0.1g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "media experience engines",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.5.1"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.0"
},
{
"model": "exalogic infrastructure",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2.0"
},
{
"model": "tivoli netcool system service monitors fp1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.4"
},
{
"model": "telepresence integrator c series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.3.7"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "anyconnect secure mobility client",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7"
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.1"
},
{
"model": "workload deployer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"model": "telepresence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "87100"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.1"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.4-23"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.2"
},
{
"model": "10.2-release-p14",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "10.1-release-p17",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.25-57"
},
{
"model": "sterling connect:express for unix ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.6.1146-109"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.18-43"
},
{
"model": "cloud manager with openstack interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.5"
},
{
"model": "workload deployer if12",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.7"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"model": "media services interface",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus intercloud",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1000v0"
},
{
"model": "media experience engines",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.5"
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.0"
},
{
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.1"
},
{
"model": "ips",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 1.0.1i",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.4.2"
},
{
"model": "security appscan enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.1"
},
{
"model": "unified workforce optimization quality management sr3 es5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.0"
},
{
"model": "qradar",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0"
},
{
"model": "meetingplace",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.7"
},
{
"model": "security identity manager virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.2"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.913"
},
{
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0.1"
},
{
"model": "prime access registrar",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.0.1.7"
},
{
"model": "unified attendant console advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "50006.2.17"
},
{
"model": "anyconnect secure mobility client for ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "webex messenger service ep1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.9.9"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.3"
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "mediasense",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5.1"
},
{
"model": "unified ip phone 9.4.2sr3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8961"
},
{
"model": "10.2-release-p9",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "unified wireless ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 1.0.1s",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "10.1-release-p27",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "spa122 ata with router",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.4.5"
},
{
"model": "media experience engines",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.6"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.2"
},
{
"model": "webex meeting center",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.9.1"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "lancope stealthwatch flowcollector netflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.2"
},
{
"model": "webex node for mcs",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.12.9.8"
},
{
"model": "jabber for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance 4300e/4500e high-definition ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2.8"
},
{
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.20"
},
{
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.0.0"
},
{
"model": "10.2-release-p6",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "cloud manager with openstack interix fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.3"
},
{
"model": "unified sip proxy",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "virtual security gateway for microsoft hyper-v",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(1)"
},
{
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32100"
},
{
"model": "unified attendant console premium edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "digital media players series 5.4 rb",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4300"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.11-28"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"model": "qradar",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "security appscan enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.2"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.31"
},
{
"model": "mysql workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.1.5"
},
{
"model": "prime optical for sps",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "pureapplication system",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1"
},
{
"model": "abyp-2t-1s-1l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4.1.0"
},
{
"model": "mds series multilayer switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "90006.2.17"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.19"
},
{
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"model": "project openssl 1.0.1r",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "security network controller 1.0.3350m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "anyconnect secure mobility client for linux",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3"
},
{
"model": "vm server for",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "x863.3"
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0.0"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.10"
},
{
"model": "netezza platform software 7.2.0.4-p2",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.03"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.0.997"
},
{
"model": "anyconnect secure mobility client for os",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x4.3"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.44"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.1.0"
},
{
"model": "unified ip phone series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "79000"
},
{
"model": "anyconnect secure mobility client for android",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3"
},
{
"model": "lancope stealthwatch flowsensor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0.0"
},
{
"model": "connected analytics for collaboration 1.0.1q",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "jabber guest",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.26"
},
{
"model": "abyp-2t-1s-1l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "show and share",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(2)"
},
{
"model": "lancope stealthwatch flowcollector sflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.7.3"
},
{
"model": "mmp server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "13.2"
},
{
"model": "tivoli provisioning manager for images",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.19"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.30.0-13"
},
{
"model": "abyp-10g-2sr-2lr-1-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "computer telephony integration object server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.51"
},
{
"model": "tivoli provisioning manager for images build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.20280.6"
},
{
"model": "unified communications for microsoft lync",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.6.7"
},
{
"model": "prime security manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.3.4.2-4"
},
{
"model": "anyres live",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.14"
},
{
"model": "ons series multiservice provisioning platforms",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1545410.6.1"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.16"
},
{
"model": "telepresence isdn link",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.2.1"
},
{
"model": "telepresence server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70104.4"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.4"
},
{
"model": "packet tracer",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2"
},
{
"model": "openssh for gpfs for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.0.31"
},
{
"model": "agent for openflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0.7"
},
{
"model": "unified attendant console business edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cloud manager with openstack interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.5"
},
{
"model": "cognos business intelligence interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.117"
},
{
"model": "unified contact center enterprise",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.51"
},
{
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32200"
},
{
"model": "show and share",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(3)"
},
{
"model": "globalprotect agent",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "3.1.0"
},
{
"model": "netezza platform software 7.1.0.9-p1",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "abyp-2t-2s-0l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "powerkvm",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "webex meetings for wp8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "webex meetings for android",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1"
},
{
"model": "mds series multilayer switches 7.3.1nx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9000"
},
{
"model": "mds series multilayer switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"model": "ios software and cisco ios xe software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "16.3.1"
},
{
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.2"
},
{
"model": "webex meeting center",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.9.0.5"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.15-36"
},
{
"model": "ace application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "300"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.34"
},
{
"model": "exalogic infrastructure",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0"
},
{
"model": "lancope stealthwatch flowsensor",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.7.3"
},
{
"model": "proventia network enterprise scanner",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.4"
},
{
"model": "tivoli provisioning manager for os deployment build",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1051.08"
},
{
"model": "nac guest server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "local collector appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2.10"
},
{
"model": "enterprise content delivery system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(1)"
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.22"
},
{
"model": "security network controller 1.0.3387m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.11"
},
{
"model": "mobile foundation consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.0.0"
},
{
"model": "prime collaboration deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings client hosted t31r1sp6",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cloud manager with openstack interim fix1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.6"
},
{
"model": "9.3-release-p35",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "dx series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "virtualization experience media engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network controller 1.0.3379m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "video surveillance series ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "60002.8"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3x000"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.18"
},
{
"model": "packet tracer",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3"
},
{
"model": "unified sip proxy",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0"
},
{
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.12"
},
{
"model": "abyp-0t-4s-0l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "10.2-release-p10",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "netezza platform software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.7"
},
{
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.0.1"
},
{
"model": "spa50x series ip phones",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.6.5"
},
{
"model": "netezza platform software",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.9"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "abyp-4ts-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.17"
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.5"
},
{
"model": "netezza platform software 7.2.0.8-p1",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "ata series analog terminal adaptor",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1901.3"
},
{
"model": "digital media players series 5.4 rb",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4400"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.4"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.14"
},
{
"model": "virtualization experience media engine",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5.1"
},
{
"model": "rational application developer for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"model": "abyp-10g-4lr-1-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3200"
},
{
"model": "abyp-10g-4lr-1-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "video surveillance ptz ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8"
},
{
"model": "9.3-release-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.6"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.10"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.43"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4.0.0"
},
{
"model": "unified communications for microsoft lync",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jabber software development kit",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "spa122 ata with router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "10.1-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.3-stable",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "tivoli composite application manager for transactions if03",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.4.0.1"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.18"
},
{
"model": "rational application developer for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.4"
},
{
"model": "identity services engine",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2.1"
},
{
"model": "10.1-release-p9",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.1"
},
{
"model": "tivoli provisioning manager for os deployment build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.151.05"
},
{
"model": "webex meetings server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.7"
},
{
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3"
},
{
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.2.2"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.16"
},
{
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.21"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.4"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(2.10000.5)"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.26"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.14"
},
{
"model": "project openssl 1.0.1c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.1.0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.35"
},
{
"model": "telepresence mx series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.3.7"
},
{
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"model": "telepresence server on multiparty media",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3204.4"
},
{
"model": "lancope stealthwatch flowcollector sflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8"
},
{
"model": "qradar siem/qrif/qrm/qvm patch",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.71"
},
{
"model": "digital media players series 5.3 rb",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4300"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1768"
},
{
"model": "telepresence profile series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.3.7"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.41"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.36"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.1"
},
{
"model": "openssh for gpfs for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5"
},
{
"model": "abyp-0t-0s-4l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.6"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.5"
},
{
"model": "project openssl 1.0.1f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "nexus series switches 7.3.1nx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7000"
},
{
"model": "jabber for android mr",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6"
},
{
"model": "project openssl 1.0.2a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "abyp-4t-0s-0l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "netezza platform software 7.2.0.4-p3",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "algo audit and compliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "project openssl 1.0.2f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.22"
},
{
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.2"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.2919"
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.5"
},
{
"model": "connected grid router-cgos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.30"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.9"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.19"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.10"
},
{
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.0"
},
{
"model": "tivoli provisioning manager for images",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.0"
},
{
"model": "lancope stealthwatch smc",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.4"
},
{
"model": "unified ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "69450"
},
{
"model": "telepresence server on virtual machine mr2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"model": "anyconnect secure mobility client",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "60008.3"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.6"
},
{
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.15"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.30.2-9"
},
{
"model": "abyp-0t-2s-2l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70008.3"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.2"
},
{
"model": "webex meetings server ssl gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.25"
},
{
"model": "sterling connect:express for unix ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.6.1146-110"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"model": "messagesight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2"
},
{
"model": "prime network services controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "lancope stealthwatch flowcollector sflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.1"
},
{
"model": "ironport email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "9.3-release-p3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.15"
},
{
"model": "prime collaboration provisioning",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.2"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.12"
},
{
"model": "sterling connect:express for unix ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.6.1146-113"
},
{
"model": "lancope stealthwatch flowsensor",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.3"
},
{
"model": "spa30x series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.2"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.30-12"
},
{
"model": "tivoli netcool system service monitors",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.3"
},
{
"model": "webex meetings client on premises",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.19"
},
{
"model": "telepresence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70100"
},
{
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.3(1)"
},
{
"model": "hosted collaboration mediation fulfillment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "digital media manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.4"
},
{
"model": "rational software architect for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.2"
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.2"
},
{
"model": "bm security identity governance and intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"model": "security manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.12"
},
{
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.0"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.7"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5(.1.131)"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.20"
},
{
"model": "project openssl 1.0.2d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "10.3"
},
{
"model": "prime access registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "onepk all-in-one vm",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1(1)"
},
{
"model": "prime lan management solution",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.1"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4.3.0"
},
{
"model": "netezza platform software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.8"
},
{
"model": "spa525g",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "algo audit and compliance if",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0.32"
},
{
"model": "cloud manager with openstack interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.4"
},
{
"model": "lancope stealthwatch flowsensor",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.1"
},
{
"model": "9.3-release-p25",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "abyp-0t-2s-2l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "unified attendant console department edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.26"
},
{
"model": "netezza platform software",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.1.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.1"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.29-9"
},
{
"model": "series ip phones vpn feature",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8800-0"
},
{
"model": "unified ip phone 9.4.2sr3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9971"
},
{
"model": "abyp-2t-0s-2l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "nexus series switches 7.3.1dx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6000"
},
{
"model": "spa112 2-port phone adapter",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.4.5"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.6"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3387"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0"
},
{
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.1.1"
},
{
"model": "webex messenger service",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.20"
},
{
"model": "abyp-10g-4sr-1-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "telepresence server mr2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70104.2"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.0"
},
{
"model": "media experience engines",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "rational software architect for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"model": "10.3-stable",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.2.2"
},
{
"model": "security network controller 1.0.3352m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "mysql enterprise backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.10"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "connected grid router 15.6.2.15t",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "video distribution suite for internet streaming",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "digital media players series 5.4 rb",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4300"
},
{
"model": "telepresence server on multiparty media mr2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3204.2"
},
{
"model": "sdk for node.js",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.12"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5"
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.116"
},
{
"model": "security appscan enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.7"
},
{
"model": "rational software architect for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "cloupia unified infrastructure controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "hosted collaboration mediation fulfillment",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5:20"
},
{
"model": "jabber for mac",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.7"
},
{
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.20"
},
{
"model": "agent desktop for cisco unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1"
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"model": "counter fraud management for safer payments",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.0"
},
{
"model": "telepresence server on multiparty media mr2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3104.2"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.31"
},
{
"model": "adaptive security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70006.2.17"
},
{
"model": "digital media players series 5.3 rb",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4400"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.19"
},
{
"model": "project openssl 1.0.1n",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3204.1"
},
{
"model": "lancope stealthwatch smc",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.7.3"
},
{
"model": "packet tracer",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.0"
},
{
"model": "network analysis module",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.3.1"
},
{
"model": "project openssl 1.0.1o",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"model": "unified wireless ip phone",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5.1"
},
{
"model": "anyconnect secure mobility client for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "security access manager for web",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.4"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.27"
},
{
"model": "virtual security gateway vsg2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "linux x86 64 -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "workload deployer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.17"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.10"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "10.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"model": "policy suite",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings client on premises",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "-2.7"
},
{
"model": "10.2-release-p12",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "spa51x series ip phones",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.6.5"
},
{
"model": "unified ip conference phone for third-party call control",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"model": "unified intelligence center",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5.1"
},
{
"model": "telepresence server on virtual machine",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.4"
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.0.0"
},
{
"model": "common services platform collector",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.9.1"
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.7"
},
{
"model": "project openssl 1.0.2e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.2"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.14"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(3.10000.9)"
},
{
"model": "hosted collaboration mediation fulfillment",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"model": "project openssl 1.0.1q",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "dcm series 9900-digital content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.3"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.16"
},
{
"model": "digital media manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3"
},
{
"model": "anyconnect secure mobility client for ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.0"
},
{
"model": "tivoli provisioning manager for os deployment intirim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.133"
},
{
"model": "telepresence sx series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.1.2"
},
{
"model": "lancope stealthwatch flowcollector sflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.2"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.9"
},
{
"model": "anyconnect secure mobility client for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2"
},
{
"model": "webex meetings client hosted",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "webex meetings for wp8",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.13"
},
{
"model": "sterling connect:express for unix ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.6.1146-108"
},
{
"model": "sterling connect:express for unix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.13"
},
{
"model": "show and share",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(2.1)"
},
{
"model": "webex meetings for wp8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.1"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.18"
},
{
"model": "physical access control gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.36"
},
{
"model": "wide area application services",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.5.7"
},
{
"model": "9.3-release-p24",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "webex messenger service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security privileged identity manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"model": "10.1-release-p19",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "mmp server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.10"
},
{
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.1"
},
{
"model": "prime ip express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "application and content networking system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.5.41"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.6"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.0"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"model": "mysql workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.1.4"
},
{
"model": "10.1-release-p30",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "netezza platform software 7.2.0.7-p1",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "9.3-release-p13",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.2.1"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "intelligent automation for cloud",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "0.9.8"
},
{
"model": "cognos business intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "edge digital media player 1.6rb4 5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "300"
},
{
"model": "mds series multilayer switches 7.3.1dx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9000"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "99510"
},
{
"model": "abyp-10g-4sr-1-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "9.3-release-p36",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89450"
},
{
"model": "digital media manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.4.1"
},
{
"model": "tivoli provisioning manager for os deployment build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.20280.6"
},
{
"model": "lancope stealthwatch flowsensor",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.2"
},
{
"model": "video surveillance series ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30002.8"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.10"
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.2"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.12"
},
{
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.28"
},
{
"model": "webex meeting center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.11"
},
{
"model": "partner supporting service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.24"
},
{
"model": "sdk for node.js",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4.4.0"
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.11"
},
{
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.29"
},
{
"model": "mobility services engine",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.0"
},
{
"model": "edge digital media player",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3401.2.0.20"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.1"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.1"
},
{
"model": "abyp-0t-4s-0l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "unified series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "78000"
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.8"
},
{
"model": "spa30x series ip phones",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.6.5"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.8"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.13"
},
{
"model": "10.2-release-p11",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.2"
},
{
"model": "enterprise content management system monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "42000"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.11"
},
{
"model": "digital media players series 5.4 rb",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4400"
},
{
"model": "security access manager for web",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.1.0"
},
{
"model": "socialminer",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "standalone rack server cimc",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.34"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.2.0"
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.0.0"
},
{
"model": "mysql enterprise backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.12.2"
},
{
"model": "tivoli netcool system service monitors fp14",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "spa112 2-port phone adapter",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "intracer",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "lancope stealthwatch smc",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8"
},
{
"model": "jabber for apple ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6.2"
},
{
"model": "video surveillance series high-definition ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "40002.4.7"
},
{
"model": "video surveillance media server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.7"
},
{
"model": "9.3-release-p33",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.5"
},
{
"model": "tivoli provisioning manager for os deployment build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1051.07"
},
{
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "84200"
},
{
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.24"
},
{
"model": "jabber for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ironport email security appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "10.2"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.112"
},
{
"model": "spa525g",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.6.5"
},
{
"model": "anyconnect secure mobility client for linux",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.3"
},
{
"model": "mmp server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.9.0.5"
},
{
"model": "9.3-release-p41",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "tivoli netcool system service monitors fp1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "telepresence integrator c series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.1.2"
},
{
"model": "lancope stealthwatch udp director",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime network registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cloud object store",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.8"
},
{
"model": "anyconnect secure mobility client for android",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "netezza platform software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.1"
},
{
"model": "cognos business intelligence fixpack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.12"
},
{
"model": "telepresence sx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "10.1-release-p25",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "security network controller 1.0.3394m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "security network controller 1.0.3381m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.2"
},
{
"model": "enterprise content management system monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.1.5"
},
{
"model": "registered envelope service",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"model": "lancope stealthwatch smc",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.1"
},
{
"model": "mq appliance m2001",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "tivoli netcool system service monitors fp2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "cognos business intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "99710"
},
{
"model": "telepresence content server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.2"
},
{
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.5(4)"
},
{
"model": "meetingplace",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence server on multiparty media",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3104.4"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.4"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.32"
},
{
"model": "security guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.0.2"
},
{
"model": "anyconnect secure mobility client for linux",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.6"
},
{
"model": "ata analog telephone adaptor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1870"
},
{
"model": "asa cx and prime security manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "universal small cell series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "50003.5.12.21"
},
{
"model": "project openssl 1.0.1m",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "13.1"
},
{
"model": "expressway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"model": "anyconnect secure mobility client for android",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0(1)"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "50007.3.1"
},
{
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.5(3)"
},
{
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.30"
},
{
"model": "10.1-release-p6",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "security identity manager virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.0"
},
{
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0.2"
},
{
"model": "edge digital media player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3000"
},
{
"model": "unified ip phone 9.4.2sr3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8945"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.18-49"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0(1.10000.12)"
},
{
"model": "mq appliance m2000",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "telepresence ex series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.1.2"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1000v0"
},
{
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.3"
},
{
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.3"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.34"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.6"
},
{
"model": "mate design",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.1"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.32"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.5"
},
{
"model": "10.3-rc2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.38"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.13-41"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"model": "show and share",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.35"
},
{
"model": "network admission control",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified communications for microsoft lync",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6"
},
{
"model": "identity services engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.4"
},
{
"model": "project openssl 1.0.1j",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.12"
},
{
"model": "universal small cell series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70003.4.2.0"
},
{
"model": "10.1-release-p33",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "nexus series switches 7.3.1dx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"model": "telepresence conductor",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"model": "abyp-0t-0s-4l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "unified attendant console standard",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.115"
},
{
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.4.0.0"
},
{
"model": "security identity manager virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.1"
},
{
"model": "jazz reporting service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "connected grid routers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mate live",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.13"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.12"
},
{
"model": "netezza platform software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.12"
},
{
"model": "security appscan enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.3"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5(.1.6)"
},
{
"model": "telepresence integrator c series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 1.0.1d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "unified workforce optimization sr3 es5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.0"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.2"
},
{
"model": "unified communications manager 10.5 su3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "jazz reporting service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "abyp-2t-2s-0l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "lancope stealthwatch udp director",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.7.3"
},
{
"model": "abyp-4tl-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "nac server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "application policy infrastructure controller",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0(0.400)"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3381"
},
{
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.9-34"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.3.2"
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.3"
},
{
"model": "abyp-4ts-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "digital media players series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "43000"
},
{
"model": "workload deployer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.11"
},
{
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.3"
},
{
"model": "9.3-release-p31",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3100"
},
{
"model": "security proventia network active bypass 0343c3c",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.23"
},
{
"model": "cloud manager with openstack interim fix1",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.6"
},
{
"model": "unified ip phones 9.3 sr3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6901"
},
{
"model": "digital media manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3.6"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.3"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11.0(0.98000.225)"
},
{
"model": "prime network",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "anyconnect secure mobility client for ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4.2.0"
},
{
"model": "prime performance manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.02"
},
{
"model": "prime collaboration provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "network analysis module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "websphere application server liberty profile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5"
},
{
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.30"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.12"
},
{
"model": "vm server for",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "x863.4"
},
{
"model": "unity connection",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"model": "telepresence video communication server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.8"
},
{
"model": "lancope stealthwatch flowcollector netflow",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "lancope stealthwatch smc",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.2"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(1.98991.13)"
},
{
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.2.0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.16"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "abyp-10g-2sr-2lr-1-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "prime optical for sps",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.6"
},
{
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "45000"
},
{
"model": "telepresence server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "87104.4"
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1.0.0"
},
{
"model": "telepresence isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32410"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "50008.3"
},
{
"model": "10.1-release-p31",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.0"
},
{
"model": "tivoli netcool system service monitors interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.12-04"
},
{
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.2.1"
},
{
"model": "netflow generation appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "pureapplication system",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.2.3"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.18"
},
{
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3104.1"
},
{
"model": "telepresence ex series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings server ssl gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "-2.7"
},
{
"model": "telepresence server on virtual machine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.6"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.5"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5"
},
{
"model": "webex meetings for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(1.10000.5)"
},
{
"model": "rational application developer for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"model": "tivoli composite application manager for transactions if37",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0.1"
},
{
"model": "rational application developer for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1.1"
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.6"
},
{
"model": "tivoli network manager ip edition fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.94"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.0"
},
{
"model": "prime license manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3376"
},
{
"model": "netezza platform software 7.2.1.1-p1",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "netezza platform software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.3"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.18-42"
},
{
"model": "messagesight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance series ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70002.8"
},
{
"model": "expressway series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.8"
},
{
"model": "abyp-4t-0s-0l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "email security appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.2"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.2"
},
{
"model": "virtual security gateway for microsoft hyper-v vsg2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.14"
},
{
"model": "connected grid router cgos 15.6.2.15t",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "wide area application services",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2.3"
},
{
"model": "9.3-release-p5",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "tivoli netcool system service monitors interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.12-01"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.4"
},
{
"model": "unified intelligent contact management enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security identity manager virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.1"
},
{
"model": "nexus series switches 7.3.1nx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6000"
},
{
"model": "netezza platform software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.9"
},
{
"model": "application and content networking system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mmp server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.9.1"
},
{
"model": "project openssl 1.0.1k",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "9.3-release-p39",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "anyconnect secure mobility client for ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational application developer for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.0.1"
},
{
"model": "sterling connect:express for unix ifix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.6.1146-114"
},
{
"model": "telepresence mx series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.1.2"
},
{
"model": "netezza platform software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.16"
},
{
"model": "spa232d multi-line dect ata",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.4.5"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "tivoli provisioning manager for images build",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.20290.1"
},
{
"model": "project openssl 1.0.1b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "telepresence profile series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.1.2"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.13"
},
{
"model": "anyconnect secure mobility client for os",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x4.2"
},
{
"model": "tivoli netcool system service monitors interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.014-08"
},
{
"model": "lancope stealthwatch udp director",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8"
},
{
"model": "universal small cell series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70003.5.12.21"
},
{
"model": "telepresence conductor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "application policy infrastructure controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jabber for mac",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "globalprotect agent",
"scope": "ne",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "3.1.1"
},
{
"model": "dcm series 9900-digital content manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "19.0"
},
{
"model": "image construction and composition tool",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.2.0"
},
{
"model": "10.3-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.0.0"
},
{
"model": "video surveillance 4300e/4500e high-definition ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1876"
},
{
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0"
},
{
"model": "10.3-release-p2",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "unified ip phone 9.4.2sr3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9951"
},
{
"model": "local collector appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2.12"
},
{
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.1"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.32"
},
{
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0.0"
},
{
"model": "content security appliance updater servers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "10.1-release-p29",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "netezza platform software 7.2.1.2-p1",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "connected analytics for collaboration",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "netezza platform software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.1.1"
},
{
"model": "multicast manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "10.1-release-p23",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "lancope stealthwatch flowcollector netflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.7.3"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"model": "telepresence ex series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.3.7"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.16"
},
{
"model": "mac os security update",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x2016"
},
{
"model": "10.1-release-p16",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "jazz reporting service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "security appscan enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.8"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.4"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.8"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.30.4-12"
},
{
"model": "security identity manager virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.0"
},
{
"model": "webex node for mcs",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified communications manager session management edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "emergency responder 10.5",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "qradar siem mr2 patch",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.113"
},
{
"model": "nexus",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "900012.0"
},
{
"model": "lancope stealthwatch udp director",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.1"
},
{
"model": "9.3-release-p6",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "video surveillance ptz ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2"
},
{
"model": "virtualization experience media engine",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.7(0)"
},
{
"model": "telepresence serial gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "9.3-release-p9",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "project openssl 1.0.2c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "webex meetings server 2.5mr2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "virtual security gateway for microsoft hyper-v",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "services analytic platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jabber for apple ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.7"
},
{
"model": "unified ip phone series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "79009.4(2)"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89610"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "60006.2.17"
},
{
"model": "workload deployer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.12"
},
{
"model": "tivoli netcool system service monitors",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.2"
},
{
"model": "unified series ip conference phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"model": "video surveillance media server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.9"
},
{
"model": "unified communications manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"model": "security network controller 1.0.3376m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "agent for openflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1.5"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.28"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.7"
},
{
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.27"
},
{
"model": "project openssl 1.0.2h",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.33"
},
{
"model": "10.2-release-p16",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "virtual security gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(1)"
},
{
"model": "unified attendant console enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3379"
},
{
"model": "policy suite",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0"
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2"
},
{
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.22"
},
{
"model": "project openssl 1.0.2b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "prime data center network manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "unified communications manager session management edition",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"model": "videoscape control suite",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational software architect for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "53000"
},
{
"model": "prime access registrar",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.1"
},
{
"model": "anyres live",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9.4.5"
},
{
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.3.0"
},
{
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.0"
},
{
"model": "9.3-release-p34",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0(1)"
},
{
"model": "tivoli provisioning manager for images system edition build",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "x7.1.1.20290.1"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.42"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.10"
},
{
"model": "jabber software development kit",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.7"
},
{
"model": "unified contact center express",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"model": "webex meetings server mr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "telepresence mx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.99.2"
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.1"
},
{
"model": "jazz reporting service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "telepresence isdn gw mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83210"
},
{
"model": "telepresence profile series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "abyp-2t-0s-2l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "visual quality experience tools server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cloud manager with openstack interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.3"
},
{
"model": "prime access registrar",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.2"
},
{
"model": "mysql enterprise backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.1"
},
{
"model": "nexus series switches 7.3.1dx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7000"
},
{
"model": "asa cx and cisco prime security manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9.5.4.3"
},
{
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "project openssl 1.0.1l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "im and presence service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.35"
},
{
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.5"
},
{
"model": "9.3-release-p29",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "firesight system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational software architect for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.2.1"
},
{
"model": "management appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vm server for",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "x863.2"
},
{
"model": "tivoli provisioning manager for images system edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x7.1.1.0"
},
{
"model": "unity connection",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.1"
},
{
"model": "cloud object store",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "anyconnect secure mobility client for os",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x4.0"
},
{
"model": "project openssl 1.0.1h",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(2.13900.9)"
},
{
"model": "ip interoperability and collaboration system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(0.98000.88)"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.1"
},
{
"model": "project openssl 1.0.1p",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "89757"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002472"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-081"
},
{
"db": "NVD",
"id": "CVE-2016-2105"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.6.30",
"versionStartIncluding": "5.6.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.7.12",
"versionStartIncluding": "5.7.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.11.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1m:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1j:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1:beta2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1h:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1r:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2g:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1:beta3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2:beta3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1p:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1k:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1n:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1q:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1l:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1o:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1i:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2:beta2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.1.2",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:nodejs:node.js:6.0.0:*:*:*:-:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.11.1",
"versionStartIncluding": "5.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "0.12.14",
"versionStartIncluding": "0.12.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "0.10.45",
"versionStartIncluding": "0.10.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.4.4",
"versionStartIncluding": "4.2.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-2105"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Guido Vranken",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201605-081"
}
],
"trust": 0.6
},
"cve": "CVE-2016-2105",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2016-2105",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-90924",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2016-2105",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-2105",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201605-081",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-90924",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90924"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002472"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-081"
},
{
"db": "NVD",
"id": "CVE-2016-2105"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Integer overflow in the EVP_EncodeUpdate function in crypto/evp/encode.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of binary data. OpenSSL is prone to a buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it into an insufficiently sized buffer.. \nAttackers can exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will result in denial-of-service conditions. \nFollowing product versions are affected:\nOpenSSL versions 1.0.2 prior to 1.0.2h\nOpenSSL versions 1.0.1 prior to 1.0.1t. It supports a variety of encryption algorithms, including symmetric ciphers, hash algorithms, security hashing algorithm, etc. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: openssl security update\nAdvisory ID: RHSA-2016:0996-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2016-0996.html\nIssue date: 2016-05-10\nCVE Names: CVE-2016-0799 CVE-2016-2105 CVE-2016-2106 \n CVE-2016-2107 CVE-2016-2108 CVE-2016-2109 \n CVE-2016-2842 \n=====================================================================\n\n1. Summary:\n\nAn update for openssl is now available for Red Hat Enterprise Linux 6. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux HPC Node (v. 6) - x86_64\nRed Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64\nRed Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64\n\n3. Description:\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and\nTransport Layer Security (TLS) protocols, as well as a full-strength\ngeneral-purpose cryptography library. \n\nSecurity Fix(es):\n\n* A flaw was found in the way OpenSSL encoded certain ASN.1 data\nstructures. An attacker could use this flaw to create a specially crafted\ncertificate which, when verified or re-encoded by OpenSSL, could cause it\nto crash, or execute arbitrary code using the permissions of the user\nrunning an application compiled against the OpenSSL library. \n(CVE-2016-2105, CVE-2016-2106)\n\n* It was discovered that OpenSSL leaked timing information when decrypting\nTLS/SSL and DTLS protocol encrypted records when the connection used the\nAES CBC cipher suite and the server supported AES-NI. A remote attacker\ncould possibly use this flaw to retrieve plain text from encrypted packets\nby using a TLS/SSL or DTLS server as a padding oracle. (CVE-2016-2107)\n\n* Several flaws were found in the way BIO_*printf functions were\nimplemented in OpenSSL. Applications which passed large amounts of\nuntrusted data through these functions could crash or potentially execute\ncode with the permissions of the user running such an application. \n(CVE-2016-0799, CVE-2016-2842)\n\n* A denial of service flaw was found in the way OpenSSL parsed certain\nASN.1-encoded data from BIO (OpenSSL\u0027s I/O abstraction) inputs. An\napplication using OpenSSL that accepts untrusted ASN.1 BIO input could be\nforced to allocate an excessive amount of data. (CVE-2016-2109)\n\nRed Hat would like to thank the OpenSSL project for reporting\nCVE-2016-2108, CVE-2016-2842, CVE-2016-2105, CVE-2016-2106, CVE-2016-2107,\nand CVE-2016-0799. Upstream acknowledges Huzaifa Sidhpurwala (Red Hat),\nHanno B\u00f6ck, and David Benjamin (Google) as the original reporters of\nCVE-2016-2108; Guido Vranken as the original reporter of CVE-2016-2842,\nCVE-2016-2105, CVE-2016-2106, and CVE-2016-0799; and Juraj Somorovsky as\nthe original reporter of CVE-2016-2107. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library\nmust be restarted, or the system rebooted. \n\n5. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 6):\n\nSource:\nopenssl-1.0.1e-48.el6_8.1.src.rpm\n\ni386:\nopenssl-1.0.1e-48.el6_8.1.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.1.i686.rpm\n\nx86_64:\nopenssl-1.0.1e-48.el6_8.1.i686.rpm\nopenssl-1.0.1e-48.el6_8.1.x86_64.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.1.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.1.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Optional (v. 6):\n\ni386:\nopenssl-debuginfo-1.0.1e-48.el6_8.1.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.1.i686.rpm\nopenssl-perl-1.0.1e-48.el6_8.1.i686.rpm\nopenssl-static-1.0.1e-48.el6_8.1.i686.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-48.el6_8.1.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.1.x86_64.rpm\nopenssl-devel-1.0.1e-48.el6_8.1.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.1.x86_64.rpm\nopenssl-perl-1.0.1e-48.el6_8.1.x86_64.rpm\nopenssl-static-1.0.1e-48.el6_8.1.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node (v. 6):\n\nSource:\nopenssl-1.0.1e-48.el6_8.1.src.rpm\n\nx86_64:\nopenssl-1.0.1e-48.el6_8.1.i686.rpm\nopenssl-1.0.1e-48.el6_8.1.x86_64.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.1.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.1.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Optional (v. 6):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-48.el6_8.1.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.1.x86_64.rpm\nopenssl-devel-1.0.1e-48.el6_8.1.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.1.x86_64.rpm\nopenssl-perl-1.0.1e-48.el6_8.1.x86_64.rpm\nopenssl-static-1.0.1e-48.el6_8.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 6):\n\nSource:\nopenssl-1.0.1e-48.el6_8.1.src.rpm\n\ni386:\nopenssl-1.0.1e-48.el6_8.1.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.1.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.1.i686.rpm\n\nppc64:\nopenssl-1.0.1e-48.el6_8.1.ppc.rpm\nopenssl-1.0.1e-48.el6_8.1.ppc64.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.1.ppc.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.1.ppc64.rpm\nopenssl-devel-1.0.1e-48.el6_8.1.ppc.rpm\nopenssl-devel-1.0.1e-48.el6_8.1.ppc64.rpm\n\ns390x:\nopenssl-1.0.1e-48.el6_8.1.s390.rpm\nopenssl-1.0.1e-48.el6_8.1.s390x.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.1.s390.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.1.s390x.rpm\nopenssl-devel-1.0.1e-48.el6_8.1.s390.rpm\nopenssl-devel-1.0.1e-48.el6_8.1.s390x.rpm\n\nx86_64:\nopenssl-1.0.1e-48.el6_8.1.i686.rpm\nopenssl-1.0.1e-48.el6_8.1.x86_64.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.1.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.1.x86_64.rpm\nopenssl-devel-1.0.1e-48.el6_8.1.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 6):\n\ni386:\nopenssl-debuginfo-1.0.1e-48.el6_8.1.i686.rpm\nopenssl-perl-1.0.1e-48.el6_8.1.i686.rpm\nopenssl-static-1.0.1e-48.el6_8.1.i686.rpm\n\nppc64:\nopenssl-debuginfo-1.0.1e-48.el6_8.1.ppc64.rpm\nopenssl-perl-1.0.1e-48.el6_8.1.ppc64.rpm\nopenssl-static-1.0.1e-48.el6_8.1.ppc64.rpm\n\ns390x:\nopenssl-debuginfo-1.0.1e-48.el6_8.1.s390x.rpm\nopenssl-perl-1.0.1e-48.el6_8.1.s390x.rpm\nopenssl-static-1.0.1e-48.el6_8.1.s390x.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-48.el6_8.1.x86_64.rpm\nopenssl-perl-1.0.1e-48.el6_8.1.x86_64.rpm\nopenssl-static-1.0.1e-48.el6_8.1.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 6):\n\nSource:\nopenssl-1.0.1e-48.el6_8.1.src.rpm\n\ni386:\nopenssl-1.0.1e-48.el6_8.1.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.1.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.1.i686.rpm\n\nx86_64:\nopenssl-1.0.1e-48.el6_8.1.i686.rpm\nopenssl-1.0.1e-48.el6_8.1.x86_64.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.1.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.1.x86_64.rpm\nopenssl-devel-1.0.1e-48.el6_8.1.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.1.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 6):\n\ni386:\nopenssl-debuginfo-1.0.1e-48.el6_8.1.i686.rpm\nopenssl-perl-1.0.1e-48.el6_8.1.i686.rpm\nopenssl-static-1.0.1e-48.el6_8.1.i686.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-48.el6_8.1.x86_64.rpm\nopenssl-perl-1.0.1e-48.el6_8.1.x86_64.rpm\nopenssl-static-1.0.1e-48.el6_8.1.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2016-0799\nhttps://access.redhat.com/security/cve/CVE-2016-2105\nhttps://access.redhat.com/security/cve/CVE-2016-2106\nhttps://access.redhat.com/security/cve/CVE-2016-2107\nhttps://access.redhat.com/security/cve/CVE-2016-2108\nhttps://access.redhat.com/security/cve/CVE-2016-2109\nhttps://access.redhat.com/security/cve/CVE-2016-2842\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFXMXPXXlSAg2UNWIIRAmqpAJ4sxaxPc4fbLjR32h/PW1fxwOZG7ACgtaSz\n6dbI0EemYRoHCDagPHSycq4=\n=g2Zb\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\nAPPLE-SA-2016-07-18-1 OS X El Capitan v10.11.6 and Security Update\n2016-004\n\nOS X El Capitan v10.11.6 and Security Update 2016-004 is now\navailable and addresses the following:\n\napache_mod_php\nAvailable for: \nOS X Yosemite v10.10.5 and OS X El Capitan v10.11 and later\nImpact: A remote attacker may be able to execute arbitrary code\nDescription: Multiple issues existed in PHP versions prior to\n5.5.36. These were addressed by updating PHP to version 5.5.36. \nCVE-2016-4650\n\nAudio\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed through\nimproved memory handling. \nCVE-2016-4647 : Juwei Lin (@fuzzerDOTcn) of Trend Micro\n\nAudio\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to determine kernel memory layout\nDescription: An out-of-bounds read was addressed through improved\ninput validation. \nCVE-2016-4648 : Juwei Lin(@fuzzerDOTcn) of Trend Micro\n\nAudio\nAvailable for: OS X El Capitan v10.11 and later\nImpact: Parsing a maliciously crafted audio file may lead to the\ndisclosure of user information\nDescription: An out-of-bounds read was addressed through improved\nbounds checking. \nCVE-2016-4646 : Steven Seeley of Source Incite working with Trend\nMicro\u0027s Zero Day Initiative\n\nAudio\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to cause a system denial of service\nDescription: A null pointer dereference was addressed through\nimproved input validation. \nCVE-2016-4649 : Juwei Lin(@fuzzerDOTcn) of Trend Micro\n\nbsdiff\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local attacker may be able to cause unexpected application\ntermination or arbitrary code execution\nDescription: An integer overflow existed in bspatch. This issue was\naddressed through improved bounds checking. \nCVE-2014-9862 : an anonymous researcher\n\nCFNetwork\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to view sensitive user information\nDescription: A permissions issue existed in the handling of web\nbrowser cookies. This issue was addressed through improved\nrestrictions. \nCVE-2016-4645 : Abhinav Bansal of Zscaler Inc. \n\nCoreGraphics\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nand OS X El Capitan v10.11 and later\nImpact: A remote attacker may be able to execute arbitrary code\nDescription: A memory corruption issue was addressed through\nimproved memory handling. \nCVE-2016-4637 : Tyler Bohan of Cisco Talos (talosintel.com\n/vulnerability-reports)\n\nCoreGraphics\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to elevate privileges\nDescription: An out-of-bounds read issue existed that led to the\ndisclosure of kernel memory. This was addressed through improved\ninput validation. \nCVE-2016-4652 : Yubin Fu of Tencent KeenLab working with Trend\nMicro\u0027s Zero Day Initiative\n\nFaceTime\nAvailable for: OS X El Capitan v10.11 and later\nImpact: An attacker in a privileged network position may be able to\ncause a relayed call to continue transmitting audio while appearing\nas if the call terminated\nDescription: User interface inconsistencies existed in the handling\nof relayed calls. These issues were addressed through improved\nFaceTime display logic. \nCVE-2016-4635 : Martin Vigo\n\nGraphics Drivers\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed through\nimproved input validation. \nCVE-2016-4634 : Stefan Esser of SektionEins\n\nImageIO\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A remote attacker may be able to cause a denial of service\nDescription: A memory consumption issue was addressed through\nimproved memory handling. \nCVE-2016-4632 : Evgeny Sidorov of Yandex\n\nImageIO\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A remote attacker may be able to execute arbitrary code\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-4631 : Tyler Bohan of Cisco Talos (talosintel.com\n/vulnerability-reports)\n\nImageIO\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nand OS X El Capitan v10.11 and later\nImpact: A remote attacker may be able to execute arbitrary code\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-4629 : Tyler Bohan of Cisco Talos (talosintel.com\n/vulnerability-reports)\nCVE-2016-4630 : Tyler Bohan of Cisco Talos (talosintel.com\n/vulnerability-reports)\n\nIntel Graphics Driver\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A malicious application may be able to execute arbitrary\ncode with kernel privileges\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-4633 : an anonymous researcher\n\nIOHIDFamily\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: A null pointer dereference was addressed through\nimproved input validation. \nCVE-2016-4626 : Stefan Esser of SektionEins\n\nIOSurface\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: A use-after-free was addressed through improved memory\nmanagement. \nCVE-2016-4625 : Ian Beer of Google Project Zero\n\nKernel\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-1863 : Ian Beer of Google Project Zero\nCVE-2016-1864 : Ju Zhu of Trend Micro\nCVE-2016-4582 : Shrek_wzw and Proteas of Qihoo 360 Nirvan Team\n\nKernel\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to cause a system denial of service\nDescription: A null pointer dereference was addressed through\nimproved input validation. \nCVE-2016-1865 : CESG, Marco Grassi (@marcograss) of KeenLab\n(@keen_lab), Tencent\n\nlibc++abi\nAvailable for: OS X El Capitan v10.11 and later\nImpact: An application may be able to execute arbitrary code with\nroot privileges\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-4621 : an anonymous researcher\n\nlibexpat\nAvailable for: OS X El Capitan v10.11 and later\nImpact: Processing maliciously crafted XML may lead to unexpected\napplication termination or arbitrary code execution\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-0718 : Gustavo Grieco\n\nLibreSSL\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A remote attacker may be able to execute arbitrary code\nDescription: Multiple issues existed in LibreSSL before 2.2.7. These\nwere addressed by updating LibreSSL to version 2.2.7. \nCVE-2016-2108 : Huzaifa Sidhpurwala (Red Hat), Hanno Boeck, David Benjamin (Google) Mark Brand,\nIan Beer of Google Project Zero\nCVE-2016-2109 : Brian Carpenter\n\nlibxml2\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nand OS X El Capitan v10.11 and later\nImpact: Parsing a maliciously crafted XML document may lead to\ndisclosure of user information\nDescription: An access issue existed in the parsing of maliciously\ncrafted XML files. This issue was addressed through improved input\nvalidation. \nCVE-2016-4449 : Kostya Serebryany\n\nlibxml2\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nand OS X El Capitan v10.11 and later\nImpact: Multiple vulnerabilities in libxml2\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-1836 : Wei Lei and Liu Yang of Nanyang Technological\nUniversity\nCVE-2016-4447 : Wei Lei and Liu Yang of Nanyang Technological\nUniversity\nCVE-2016-4448 : Apple\nCVE-2016-4483 : Gustavo Grieco\nCVE-2016-4614 : Nick Wellnhofe\nCVE-2016-4615 : Nick Wellnhofer\nCVE-2016-4616 : Michael Paddon\nCVE-2016-4619 : Hanno Boeck\n\nlibxslt\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nand OS X El Capitan v10.11 and later\nImpact: Multiple vulnerabilities in libxslt\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-1684 : Nicolas GrA(c)goire\nCVE-2016-4607 : Nick Wellnhofer\nCVE-2016-4608 : Nicolas GrA(c)goire\nCVE-2016-4609 : Nick Wellnhofer\nCVE-2016-4610 : Nick Wellnhofer\nCVE-2016-4612 : Nicolas GrA(c)goire\n\nLogin Window\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A malicious application may be able to execute arbitrary\ncode leading to compromise of user information\nDescription: A memory corruption issue was addressed through\nimproved input validation. \nCVE-2016-4640 : Yubin Fu of Tencent KeenLab working with Trend\nMicro\u0027s Zero Day Initiative\n\nLogin Window\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A malicious application may be able to execute arbitrary\ncode leading to the compromise of user information\nDescription: A type confusion issue was addressed through improved\nmemory handling. \nCVE-2016-4641 : Yubin Fu of Tencent KeenLab working with Trend\nMicro\u0027s Zero Day Initiative\n\nLogin Window\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to cause a denial of service\nDescription: A memory initialization issue was addressed through\nimproved memory handling. \nCVE-2016-4639 : Yubin Fu of Tencent KeenLab working with Trend\nMicro\u0027s Zero Day Initiative\n\nLogin Window\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A malicious application may be able to gain root privileges\nDescription: A type confusion issue was addressed through improved\nmemory handling. \nCVE-2016-4638 : Yubin Fu of Tencent KeenLab working with Trend\nMicro\u0027s Zero Day Initiative\n\nOpenSSL\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A remote attacker may be able to execute arbitrary code\nDescription: Multiple issues existed in OpenSSL. These issues were resolved by backporting the fixes from OpenSSL 1.0.2h/1.0.1 to OpenSSL 0.9.8. \nCVE-2016-2105 : Guido Vranken\nCVE-2016-2106 : Guido Vranken\nCVE-2016-2107 : Juraj Somorovsky\nCVE-2016-2108 : Huzaifa Sidhpurwala (Red Hat), Hanno Boeck, David Benjamin (Google), Mark Brand and Ian Beer of Google Project Zero\nCVE-2016-2109 : Brian Carpenter\nCVE-2016-2176 : Guido Vranken\n\nQuickTime\nAvailable for: OS X El Capitan v10.11 and later\nImpact: Processing a maliciously crafted FlashPix Bitmap Image may\nlead to unexpected application termination or arbitrary code\nexecution\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-4596 : Ke Liu of Tencent\u0027s Xuanwu Lab\nCVE-2016-4597 : Ke Liu of Tencent\u0027s Xuanwu Lab\nCVE-2016-4600 : Ke Liu of Tencent\u0027s Xuanwu Lab\nCVE-2016-4602 : Ke Liu of Tencent\u0027s Xuanwu Lab\n\nQuickTime\nAvailable for: OS X El Capitan v10.11 and later\nImpact: Processing a maliciously crafted image may lead to arbitrary\ncode execution\nDescription: A memory corruption issue was addressed through\nimproved input validation. \nCVE-2016-4598 : Ke Liu of Tencent\u0027s Xuanwu Lab\n\nQuickTime\nAvailable for: OS X El Capitan v10.11 and later\nImpact: Processing a maliciously crafted SGI file may lead to\narbitrary code execution\nDescription: A memory corruption issue was addressed through\nimproved input validation. \nCVE-2016-4601 : Ke Liu of Tencent\u0027s Xuanwu Lab\n\nQuickTime\nAvailable for: OS X El Capitan v10.11 and later\nImpact: Processing a maliciously crafted Photoshop document may lead\nto unexpected application termination or arbitrary code execution\nDescription: A memory corruption issue was addressed through\nimproved input validation. \nCVE-2016-4599 : Ke Liu of Tencent\u0027s Xuanwu Lab\n\nSafari Login AutoFill\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A user\u0027s password may be visible on screen\nDescription: An issue existed in Safari\u0027s password auto-fill. This\nissue was addressed through improved matching of form fields. \nCVE-2016-4595 : Jonathan Lewis from DeARX Services (PTY) LTD\n\nSandbox Profiles\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local application may be able to access the process list\nDescription: An access issue existed with privileged API calls. This\nissue was addressed through additional restrictions. \nCVE-2016-4594 : Stefan Esser of SektionEins\n\nNote: OS X El Capitan 10.11.6 includes the security content of Safari\n9.1.2. For further details see https://support.apple.com/kb/HT206900\n\n\nOS X El Capitan v10.11.6 and Security Update 2016-004 may be obtained\nfrom the Mac App Store or Apple\u0027s Software Downloads web site:\nhttp://www.apple.com/support/downloads/\n\nInformation will also be posted to the Apple Security Updates\nweb site: http://support.apple.com/kb/HT201222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n-----BEGIN PGP SIGNATURE-----\nComment: GPGTools - https://gpgtools.org\n\niQIcBAEBCgAGBQJXjXAvAAoJEIOj74w0bLRG/5EP/2v9SJTrO+/4b3A1gqC1ch8y\n+cJ04tXRsO7rvjKT5nCylo30U0Sanz/bUbDx4559YS7/P/IyeyZVheaTJwK8wzEy\npSOPpy35hUuVIw0/p4YsuHDThSBPFMmDljTxH7elkfuBV1lPSrCkyDXc0re2HxWV\nxj68zAxtM0jkkhgcxb2ApZSZVXhrjUZtbY0xEVOoWKKFwbMvKfx+4xSqunwQeS1u\nwevs1EbxfvsZbc3pG+xYcOonbegBzOy9aCvNO1Yv1zG+AYXC5ERMq1vk3PsWOTQN\nZVY1I7mvCaEfvmjq2isRw8XYapAIKISDLwMKBSYrZDQFwPQLRi1VXxQZ67Kq1M3k\nah04/lr0RIcoosIcBqxD2+1UAFjUzEUNFkYivjhuaeegN2QdL7Ujegf1QjdAt8lk\nmmKduxYUDOaRX50Kw7n14ZveJqzE1D5I6QSItaZ9M1vR60a7u91DSj9D87vbt1YC\nJM/Rvf/4vonp1NjwA2JQwCiZfYliBDdn9iiCl8mzxdsSRD/wXcZCs05nnKmKsCfc\n55ET7IwdG3622lVheOJGQZuucwJiTn36zC11XVzZysQd/hLD5rUKUQNX1WOgZdzs\nxPsslXF5MWx9jcdyWVSWxDrN0sFk+GpQFQDuVozP60xuxqR3qQ0TXir2NP39uIF5\nYozOGPQFmX0OviWCQsX6\n=ng+m\n-----END PGP SIGNATURE-----\n. Description:\n\nRed Hat JBoss Enterprise Application Platform 6 is a platform for Java\napplications based on JBoss Application Server 7. \n\nThis release includes bug fixes and enhancements, as well as a new release\nof OpenSSL that addresses a number of outstanding security flaws. For\nfurther information, see the knowledge base article linked to in the\nReferences section. \n(CVE-2016-2108)\n\n* Multiple flaws were found in the way httpd parsed HTTP requests and\nresponses using chunked transfer encoding. A remote attacker could use\nthese flaws to create a specially crafted request, which httpd would decode\ndifferently from an HTTP proxy software in front of it, possibly leading to\nHTTP request smuggling attacks. (CVE-2015-3195)\n\n* A flaw was found in the way the TLS protocol composes the Diffie-Hellman\nexchange (for both export and non-export grade cipher suites). An attacker\ncould use this flaw to downgrade a DHE connection to use export-grade key\nsizes, which could then be broken by sufficient pre-computation. This can\nlead to a passive man-in-the-middle attack in which the attacker is able to\ndecrypt all traffic. (CVE-2016-2106)\n\n* It was discovered that it is possible to remotely Segfault Apache http\nserver with a specially crafted string sent to the mod_cluster via service\nmessages (MCMP). (CVE-2016-2109)\n\n* It was discovered that specifying configuration with a JVMRoute path\nlonger than 80 characters will cause segmentation fault leading to a server\ncrash. \n\nThe References section of this erratum contains a download link (you must\nlog in to download the update)",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-2105"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002472"
},
{
"db": "BID",
"id": "89757"
},
{
"db": "VULHUB",
"id": "VHN-90924"
},
{
"db": "PACKETSTORM",
"id": "136958"
},
{
"db": "PACKETSTORM",
"id": "139167"
},
{
"db": "PACKETSTORM",
"id": "137958"
},
{
"db": "PACKETSTORM",
"id": "139116"
}
],
"trust": 2.34
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-90924",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90924"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-2105",
"trust": 3.2
},
{
"db": "BID",
"id": "89757",
"trust": 2.0
},
{
"db": "BID",
"id": "91787",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1035721",
"trust": 1.7
},
{
"db": "MCAFEE",
"id": "SB10160",
"trust": 1.7
},
{
"db": "PACKETSTORM",
"id": "136912",
"trust": 1.7
},
{
"db": "TENABLE",
"id": "TNS-2016-18",
"trust": 1.7
},
{
"db": "SIEMENS",
"id": "SSA-412672",
"trust": 1.7
},
{
"db": "JUNIPER",
"id": "JSA10759",
"trust": 1.7
},
{
"db": "JVN",
"id": "JVNVU93163809",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU94844193",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002472",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201605-081",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2022.0696",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.2148",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "143513",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136895",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "138471",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "142803",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "138472",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136893",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136919",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "139379",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "140056",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-90924",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136958",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "139167",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "137958",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "139116",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90924"
},
{
"db": "BID",
"id": "89757"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002472"
},
{
"db": "PACKETSTORM",
"id": "136958"
},
{
"db": "PACKETSTORM",
"id": "139167"
},
{
"db": "PACKETSTORM",
"id": "137958"
},
{
"db": "PACKETSTORM",
"id": "139116"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-081"
},
{
"db": "NVD",
"id": "CVE-2016-2105"
}
]
},
"id": "VAR-201605-0075",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-90924"
}
],
"trust": 0.5305209371428571
},
"last_update_date": "2024-07-23T20:50:28.659000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APPLE-SA-2016-07-18-1 OS X El Capitan v10.11.6 and Security Update 2016-004",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce/2016/jul/msg00000.html"
},
{
"title": "HT206903",
"trust": 0.8,
"url": "https://support.apple.com/en-us/ht206903"
},
{
"title": "HT206903",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/ht206903"
},
{
"title": "HPSBMU03691",
"trust": 0.8,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05390722"
},
{
"title": "SB10160",
"trust": 0.8,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10160"
},
{
"title": "NV16-015",
"trust": 0.8,
"url": "http://jpn.nec.com/security-info/secinfo/nv16-015.html"
},
{
"title": "Major changes between OpenSSL 1.0.1s and OpenSSL 1.0.1t [3 May 2016]",
"trust": 0.8,
"url": "https://www.openssl.org/news/openssl-1.0.1-notes.html"
},
{
"title": "Major changes between OpenSSL 1.0.2g and OpenSSL 1.0.2h [3 May 2016]",
"trust": 0.8,
"url": "https://www.openssl.org/news/openssl-1.0.2-notes.html"
},
{
"title": "Avoid overflow in EVP_EncodeUpdate",
"trust": 0.8,
"url": "https://git.openssl.org/?p=openssl.git;a=commit;h=5b814481f3573fa9677f3a31ee51322e2a22ee6a"
},
{
"title": "EVP_EncodeUpdate overflow (CVE-2016-2105)",
"trust": 0.8,
"url": "https://www.openssl.org/news/secadv/20160503.txt"
},
{
"title": "openSUSE-SU-2016:1566",
"trust": 0.8,
"url": "https://lists.opensuse.org/opensuse-security-announce/2016-06/msg00019.html"
},
{
"title": "Oracle Critical Patch Update Advisory - October 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"title": "Oracle Critical Patch Update Advisory - July 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"title": "Text Form of Oracle Critical Patch Update - July 2016 Risk Matrices",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2016verbose-2881721.html"
},
{
"title": "Oracle Linux Bulletin - July 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
},
{
"title": "Oracle Solaris Third Party Bulletin - April 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"title": "Oracle VM Server for x86 Bulletin - July 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
},
{
"title": "Oracle Linux Bulletin - April 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
},
{
"title": "RHSA-2016:0722",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/rhsa-2016-0722.html"
},
{
"title": "RHSA-2016:0996",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/rhsa-2016-0996.html"
},
{
"title": "SA40202",
"trust": 0.8,
"url": "https://kb.pulsesecure.net/articles/pulse_security_advisories/sa40202"
},
{
"title": "July 2016 Critical Patch Update Released",
"trust": 0.8,
"url": "https://blogs.oracle.com/security/entry/july_2016_critical_patch_update"
},
{
"title": "JSA10759",
"trust": 0.8,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10759 "
},
{
"title": "TLSA-2016-14",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2016/tlsa-2016-14j.html"
},
{
"title": "HS16-023",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/prod/comp/soft1/security/info/vuls/hs16-023/index.html"
},
{
"title": "OpenSSL Fixes for integer overflow vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=61406"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-002472"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-081"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-190",
"trust": 1.1
},
{
"problemtype": "CWE-189",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90924"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002472"
},
{
"db": "NVD",
"id": "CVE-2016-2105"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "http://www.securityfocus.com/bid/89757"
},
{
"trust": 2.3,
"url": "http://www.securityfocus.com/bid/91787"
},
{
"trust": 2.3,
"url": "http://www.debian.org/security/2016/dsa-3566"
},
{
"trust": 2.3,
"url": "http://packetstormsecurity.com/files/136912/slackware-security-advisory-openssl-updates.html"
},
{
"trust": 2.0,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160504-openssl"
},
{
"trust": 2.0,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"trust": 2.0,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"trust": 2.0,
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
},
{
"trust": 2.0,
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
},
{
"trust": 2.0,
"url": "https://www.openssl.org/news/secadv/20160503.txt"
},
{
"trust": 2.0,
"url": "http://rhn.redhat.com/errata/rhsa-2016-0722.html"
},
{
"trust": 1.8,
"url": "http://rhn.redhat.com/errata/rhsa-2016-0996.html"
},
{
"trust": 1.8,
"url": "http://rhn.redhat.com/errata/rhsa-2016-2056.html"
},
{
"trust": 1.8,
"url": "http://rhn.redhat.com/errata/rhsa-2016-2073.html"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2016/jul/msg00000.html"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
},
{
"trust": 1.7,
"url": "https://bto.bluecoat.com/security-advisory/sa123"
},
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
},
{
"trust": 1.7,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05320149"
},
{
"trust": 1.7,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05390722"
},
{
"trust": 1.7,
"url": "https://security.netapp.com/advisory/ntap-20160504-0001/"
},
{
"trust": 1.7,
"url": "https://source.android.com/security/bulletin/pixel/2017-11-01"
},
{
"trust": 1.7,
"url": "https://support.apple.com/ht206903"
},
{
"trust": 1.7,
"url": "https://www.tenable.com/security/tns-2016-18"
},
{
"trust": 1.7,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-may/183457.html"
},
{
"trust": 1.7,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-may/183607.html"
},
{
"trust": 1.7,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-may/184605.html"
},
{
"trust": 1.7,
"url": "https://www.freebsd.org/security/advisories/freebsd-sa-16:17.openssl.asc"
},
{
"trust": 1.7,
"url": "https://security.gentoo.org/glsa/201612-16"
},
{
"trust": 1.7,
"url": "http://rhn.redhat.com/errata/rhsa-2016-1648.html"
},
{
"trust": 1.7,
"url": "http://rhn.redhat.com/errata/rhsa-2016-1649.html"
},
{
"trust": 1.7,
"url": "http://rhn.redhat.com/errata/rhsa-2016-1650.html"
},
{
"trust": 1.7,
"url": "http://rhn.redhat.com/errata/rhsa-2016-2957.html"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1035721"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00001.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00008.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00010.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00011.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00029.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00036.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00055.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00013.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00014.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00015.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00016.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00017.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00018.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00019.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00030.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00019.html"
},
{
"trust": 1.7,
"url": "http://www.ubuntu.com/usn/usn-2959-1"
},
{
"trust": 1.6,
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03756en_us"
},
{
"trust": 1.6,
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03765en_us"
},
{
"trust": 1.6,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10160"
},
{
"trust": 1.6,
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2016\u0026m=slackware-security.542103"
},
{
"trust": 1.6,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10759"
},
{
"trust": 1.0,
"url": "https://git.openssl.org/?p=openssl.git%3ba=commit%3bh=5b814481f3573fa9677f3a31ee51322e2a22ee6a"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2105"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu93163809/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu94844193/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-2105"
},
{
"trust": 0.8,
"url": "http://www.aratana.jp/security/detail.php?id=16"
},
{
"trust": 0.7,
"url": "https://git.openssl.org/?p=openssl.git;a=commit;h=5b814481f3573fa9677f3a31ee51322e2a22ee6a"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
},
{
"trust": 0.6,
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10887855"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.2148/"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2109"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2106"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2108"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2105"
},
{
"trust": 0.3,
"url": "http://openssl.org/"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2016/may/25"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05320149"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1023779"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1023814"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1024319"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1024507"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg2c1000158"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1021361"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1021376"
},
{
"trust": 0.3,
"url": "https://www.openssl.org/news/vulnerabilities.html"
},
{
"trust": 0.3,
"url": "https://securityadvisories.paloaltonetworks.com/home/detail/56?aspxautodetectcookiesupport=1"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21987903"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1024066"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21988007"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1009147"
},
{
"trust": 0.3,
"url": "https://www-01.ibm.com/support/docview.wss?uid=swg21982823"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21982949"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21983158"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21983514"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21983555"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21984323"
},
{
"trust": 0.3,
"url": "https://www-01.ibm.com/support/docview.wss?uid=swg21984483"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21984583"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21984609"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21984794"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21984920"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21984977"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21985736"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21985981"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986068"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986123"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986152"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986260"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986473"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986506"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986563"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986564"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986669"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21987671"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21987707"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21987779"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21987968"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21988055"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21988071"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21988189"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21988350"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21988383"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21988976"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21989046"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21992493"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg2c1000192"
},
{
"trust": 0.3,
"url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory20.asc"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2107"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2016-2109"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2016-2106"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2016-2105"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.3,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2016-2108"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-2107"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0799"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-2842"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-0799"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2842"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026amp;id=jsa10759"
},
{
"trust": 0.1,
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026amp;docid=emr_na-hpesbhf03756en_us"
},
{
"trust": 0.1,
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026amp;docid=emr_na-hpesbhf03765en_us"
},
{
"trust": 0.1,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026amp;id=sb10160"
},
{
"trust": 0.1,
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026amp;y=2016\u0026amp;m=slackware-security.542103"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0718"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4599"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4601"
},
{
"trust": 0.1,
"url": "https://gpgtools.org"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4449"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4483"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1836"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4600"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1865"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4597"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4596"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4447"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1863"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4582"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4595"
},
{
"trust": 0.1,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1864"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-9862"
},
{
"trust": 0.1,
"url": "http://support.apple.com/kb/ht201222"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4607"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4448"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4598"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1684"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4602"
},
{
"trust": 0.1,
"url": "https://support.apple.com/kb/ht206900"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2176"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4594"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/2688611"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/solutions/222023"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4459"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-4000"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4000"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3195"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3183"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en/jboss-enterprise-application-platform/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-3110"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-4459"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-3195"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-3183"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-3110"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?product=appplatform\u0026downloadtype=securitypatches\u0026version=6.4"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90924"
},
{
"db": "BID",
"id": "89757"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002472"
},
{
"db": "PACKETSTORM",
"id": "136958"
},
{
"db": "PACKETSTORM",
"id": "139167"
},
{
"db": "PACKETSTORM",
"id": "137958"
},
{
"db": "PACKETSTORM",
"id": "139116"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-081"
},
{
"db": "NVD",
"id": "CVE-2016-2105"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-90924"
},
{
"db": "BID",
"id": "89757"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002472"
},
{
"db": "PACKETSTORM",
"id": "136958"
},
{
"db": "PACKETSTORM",
"id": "139167"
},
{
"db": "PACKETSTORM",
"id": "137958"
},
{
"db": "PACKETSTORM",
"id": "139116"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-081"
},
{
"db": "NVD",
"id": "CVE-2016-2105"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-05-05T00:00:00",
"db": "VULHUB",
"id": "VHN-90924"
},
{
"date": "2016-05-03T00:00:00",
"db": "BID",
"id": "89757"
},
{
"date": "2016-05-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-002472"
},
{
"date": "2016-05-10T17:01:56",
"db": "PACKETSTORM",
"id": "136958"
},
{
"date": "2016-10-18T13:58:46",
"db": "PACKETSTORM",
"id": "139167"
},
{
"date": "2016-07-19T19:45:20",
"db": "PACKETSTORM",
"id": "137958"
},
{
"date": "2016-10-12T23:44:55",
"db": "PACKETSTORM",
"id": "139116"
},
{
"date": "2016-05-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201605-081"
},
{
"date": "2016-05-05T01:59:01.200000",
"db": "NVD",
"id": "CVE-2016-2105"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-12-13T00:00:00",
"db": "VULHUB",
"id": "VHN-90924"
},
{
"date": "2017-05-02T01:10:00",
"db": "BID",
"id": "89757"
},
{
"date": "2017-10-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-002472"
},
{
"date": "2022-12-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201605-081"
},
{
"date": "2023-11-07T02:30:55.583000",
"db": "NVD",
"id": "CVE-2016-2105"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201605-081"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL of crypto/evp/encode.c of EVP_EncodeUpdate Integer overflow vulnerability in functions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-002472"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201605-081"
}
],
"trust": 0.6
}
}
VAR-201605-0037
Vulnerability from variot - Updated: 2024-07-23 20:35The X509_NAME_oneline function in crypto/x509/x509_obj.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to obtain sensitive information from process stack memory or cause a denial of service (buffer over-read) via crafted EBCDIC ASN.1 data. OpenSSL is prone to an information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information that may aid in further attacks. Following product versions are affected: OpenSSL versions 1.0.2 prior to 1.0.2h OpenSSL versions 1.0.1 prior to 1.0.1t. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03756en_us
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: hpesbhf03756en_us Version: 1
HPESBHF03756 rev.1 - HPE Network Products including Comware 7, iMC, and VCX running OpenSSL, Remote Denial of Service (DoS), Disclosure of Sensitive Information
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2017-06-05 Last Updated: 2017-06-05
Potential Security Impact: Remote: Denial of Service (DoS), Disclosure of Sensitive Information
Source: Hewlett Packard Enterprise, Product Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities with OpenSSL have been addressed for HPE network products including Comware 7, iMC, and VCX. The vulnerabilities could be remotely exploited resulting in Denial of Service (DoS) or disclosure of sensitive information.
References:
- CVE-2016-2105 - Remote Denial of Service (DoS)
- CVE-2016-2106 - Remote Denial of Service (DoS)
- CVE-2016-2107 - Remote disclosure of sensitive information
- CVE-2016-2108 - Remote Denial of Service (DoS)
- CVE-2016-2109 - Remote Denial of Service (DoS)
- CVE-2016-2176 - Remote Denial of Service (DoS)
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
- VCX Products All versions - Please refer to the RESOLUTION below for a list of updated products.
- Comware v7 (CW7) Products All versions - Please refer to the RESOLUTION below for a list of updated products.
- HP Intelligent Management Center (iMC) All versions - Please refer to the RESOLUTION below for a list of updated products.
BACKGROUND
CVSS Base Metrics ================= Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector
CVE-2016-2105
5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVE-2016-2106
5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVE-2016-2107
3.7 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
2.6 (AV:N/AC:H/Au:N/C:P/I:N/A:N)
CVE-2016-2108
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2016-2109
7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.8 (AV:N/AC:L/Au:N/C:N/I:N/A:C)
CVE-2016-2176
6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
6.4 (AV:N/AC:L/Au:N/C:P/I:N/A:P)
Information on CVSS is documented in
HPE Customer Notice HPSN-2008-002 here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499
RESOLUTION
HPE has made the following software updates available to resolve the vulnerabilities in the Comware 7, iMC and VCX products running OpenSSL.
COMWARE 7 Products
- 12500 (Comware 7) - Version: R7377P02
- HP Network Products
- JC072B HP 12500 Main Processing Unit
- JC085A HP A12518 Switch Chassis
- JC086A HP A12508 Switch Chassis
- JC652A HP 12508 DC Switch Chassis
- JC653A HP 12518 DC Switch Chassis
- JC654A HP 12504 AC Switch Chassis
- JC655A HP 12504 DC Switch Chassis
- JF430A HP A12518 Switch Chassis
- JF430B HP 12518 Switch Chassis
- JF430C HP 12518 AC Switch Chassis
- JF431A HP A12508 Switch Chassis
- JF431B HP 12508 Switch Chassis
- JF431C HP 12508 AC Switch Chassis
- JG497A HP 12500 MPU w/Comware V7 OS
- JG782A HP FF 12508E AC Switch Chassis
- JG783A HP FF 12508E DC Switch Chassis
- JG784A HP FF 12518E AC Switch Chassis
- JG785A HP FF 12518E DC Switch Chassis
- JG802A HP FF 12500E MPU
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 10500 (Comware 7) - Version: R7184
- HP Network Products
- JC611A HP 10508-V Switch Chassis
- JC612A HP 10508 Switch Chassis
- JC613A HP 10504 Switch Chassis
- JC748A HP 10512 Switch Chassis
- JG608A HP FlexFabric 11908-V Switch Chassis
- JG609A HP FlexFabric 11900 Main Processing Unit
- JG820A HP 10504 TAA Switch Chassis
- JG821A HP 10508 TAA Switch Chassis
- JG822A HP 10508-V TAA Switch Chassis
- JG823A HP 10512 TAA Switch Chassis
- JG496A HP 10500 Type A MPU w/Comware v7 OS
- JH198A HP 10500 Type D Main Processing Unit with Comware v7 Operating System
- JH206A HP 10500 Type D TAA-compliant with Comware v7 Operating System Main Processing Unit
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 5900/5920 (Comware 7) - Version: R2422P02
- HP Network Products
- JC772A HP 5900AF-48XG-4QSFP+ Switch
- JG296A HP 5920AF-24XG Switch
- JG336A HP 5900AF-48XGT-4QSFP+ Switch
- JG510A HP 5900AF-48G-4XG-2QSFP+ Switch
- JG554A HP 5900AF-48XG-4QSFP+ TAA Switch
- JG555A HP 5920AF-24XG TAA Switch
- JG838A HP FF 5900CP-48XG-4QSFP+ Switch
- JH036A HP FlexFabric 5900CP 48XG 4QSFP+ TAA-Compliant
- JH037A HP 5900AF 48XGT 4QSFP+ TAA-Compliant Switch
- JH038A HP 5900AF 48G 4XG 2QSFP+ TAA-Compliant
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- MSR1000 (Comware 7) - Version: R0306P52
- HP Network Products
- JG875A HP MSR1002-4 AC Router
- JH060A HP MSR1003-8S AC Router
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- MSR2000 (Comware 7) - Version: R0306P52
- HP Network Products
- JG411A HP MSR2003 AC Router
- JG734A HP MSR2004-24 AC Router
- JG735A HP MSR2004-48 Router
- JG866A HP MSR2003 TAA-compliant AC Router
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- MSR3000 (Comware 7) - Version: R0306P52
- HP Network Products
- JG404A HP MSR3064 Router
- JG405A HP MSR3044 Router
- JG406A HP MSR3024 AC Router
- JG407A HP MSR3024 DC Router
- JG408A HP MSR3024 PoE Router
- JG409A HP MSR3012 AC Router
- JG410A HP MSR3012 DC Router
- JG861A HP MSR3024 TAA-compliant AC Router
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- MSR4000 (Comware 7) - Version: R0306P52
- HP Network Products
- JG402A HP MSR4080 Router Chassis
- JG403A HP MSR4060 Router Chassis
- JG412A HP MSR4000 MPU-100 Main Processing Unit
- JG869A HP MSR4000 TAA-compliant MPU-100 Main Processing Unit
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- VSR (Comware 7) - Version: E0324
- HP Network Products
- JG810AAE HP VSR1001 Virtual Services Router 60 Day Evaluation Software
- JG811AAE HP VSR1001 Comware 7 Virtual Services Router
- JG812AAE HP VSR1004 Comware 7 Virtual Services Router
- JG813AAE HP VSR1008 Comware 7 Virtual Services Router
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 7900 (Comware 7) - Version: R2152
- HP Network Products
- JG682A HP FlexFabric 7904 Switch Chassis
- JG841A HP FlexFabric 7910 Switch Chassis
- JG842A HP FlexFabric 7910 7.2Tbps Fabric / Main Processing Unit
- JH001A HP FlexFabric 7910 2.4Tbps Fabric / Main Processing Unit
- JH122A HP FlexFabric 7904 TAA-compliant Switch Chassis
- JH123A HP FlexFabric 7910 TAA-compliant Switch Chassis
- JH124A HP FlexFabric 7910 7.2Tbps TAA-compliant Fabric/Main Processing Unit
- JH125A HP FlexFabric 7910 2.4Tbps TAA-compliant Fabric/Main Processing Unit
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 5130 (Comware 7) - Version: R3115
- HP Network Products
- JG932A HP 5130-24G-4SFP+ EI Switch
- JG933A HP 5130-24G-SFP-4SFP+ EI Switch
- JG934A HP 5130-48G-4SFP+ EI Switch
- JG936A HP 5130-24G-PoE+-4SFP+ (370W) EI Switch
- JG937A HP 5130-48G-PoE+-4SFP+ (370W) EI Switch
- JG938A HP 5130-24G-2SFP+-2XGT EI Switch
- JG939A HP 5130-48G-2SFP+-2XGT EI Switch
- JG940A HP 5130-24G-PoE+-2SFP+-2XGT (370W) EI Switch
- JG941A HP 5130-48G-PoE+-2SFP+-2XGT (370W) EI Switch
- JG975A HP 5130-24G-4SFP+ EI Brazil Switch
- JG976A HP 5130-48G-4SFP+ EI Brazil Switch
- JG977A HP 5130-24G-PoE+-4SFP+ (370W) EI Brazil Switch
- JG978A HP 5130-48G-PoE+-4SFP+ (370W) EI Brazil Switch
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 6125XLG - Version: R2422P02
- HP Network Products
- 711307-B21 HP 6125XLG Blade Switch
- 737230-B21 HP 6125XLG Blade Switch with TAA
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 6127XLG - Version: R2422P02
- HP Network Products
- 787635-B21 HP 6127XLG Blade Switch Opt Kit
- 787635-B22 HP 6127XLG Blade Switch with TAA
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- Moonshot - Version: R2432
- HP Network Products
- 786617-B21 - HP Moonshot-45Gc Switch Module
- 704654-B21 - HP Moonshot-45XGc Switch Module
- 786619-B21 - HP Moonshot-180XGc Switch Module
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 5700 (Comware 7) - Version: R2422P02
- HP Network Products
- JG894A HP FlexFabric 5700-48G-4XG-2QSFP+ Switch
- JG895A HP FlexFabric 5700-48G-4XG-2QSFP+ TAA-compliant Switch
- JG896A HP FlexFabric 5700-40XG-2QSFP+ Switch
- JG897A HP FlexFabric 5700-40XG-2QSFP+ TAA-compliant Switch
- JG898A HP FlexFabric 5700-32XGT-8XG-2QSFP+ Switch
- JG899A HP FlexFabric 5700-32XGT-8XG-2QSFP+ TAA-compliant Switch
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 5930 (Comware 7) - Version: R2422P02
- HP Network Products
- JG726A HP FlexFabric 5930 32QSFP+ Switch
- JG727A HP FlexFabric 5930 32QSFP+ TAA-compliant Switch
- JH178A HP FlexFabric 5930 2QSFP+ 2-slot Switch
- JH179A HP FlexFabric 5930 4-slot Switch
- JH187A HP FlexFabric 5930 2QSFP+ 2-slot TAA-compliant Switch
- JH188A HP FlexFabric 5930 4-slot TAA-compliant Switch
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 1950 (Comware 7) - Version: R3115
- HP Network Products
- JG960A HP 1950-24G-4XG Switch
- JG961A HP 1950-48G-2SFP+-2XGT Switch
- JG962A HP 1950-24G-2SFP+-2XGT-PoE+(370W) Switch
- JG963A HP 1950-48G-2SFP+-2XGT-PoE+(370W) Switch
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 7500 (Comware 7) - Version: R7184
- HP Network Products
- JD238C HP 7510 Switch Chassis
- JD239C HP 7506 Switch Chassis
- JD240C HP 7503 Switch Chassis
- JD242C HP 7502 Switch Chassis
- JH207A HP 7500 1.2Tbps Fabric with 2-port 40GbE QSFP+ for IRF-Only Main Processing Unit
- JH208A HP 7502 Main Processing Unit
- JH209A HP 7500 2.4Tbps Fabric with 8-port 1/10GbE SFP+ and 2-port 40GbE QSFP+ Main Processing Unit
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 5510HI (Comware 7) - Version: R1120P10
- HP Network Products
- JH145A HPE 5510 24G 4SFP+ HI 1-slot Switch
- JH146A HPE 5510 48G 4SFP+ HI 1-slot Switch
- JH147A HPE 5510 24G PoE+ 4SFP+ HI 1-slot Switch
- JH148A HPE 5510 48G PoE+ 4SFP+ HI 1-slot Switch
- JH149A HPE 5510 24G SFP 4SFP+ HI 1-slot Switch
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 5130HI (Comware 7) - Version: R1120P10
- HP Network Products
- JH323A HPE 5130 24G 4SFP+ 1-slot HI Switch
- JH324A HPE 5130 48G 4SFP+ 1-slot HI Switch
- JH325A HPE 5130 24G PoE+ 4SFP+ 1-slot HI Switch
- JH326A HPE 5130 48G PoE+ 4SFP+ 1-slot HI Switch
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 5940 - Version: R2509
- HP Network Products
- JH390A HPE FlexFabric 5940 48SFP+ 6QSFP28 Switch
- JH391A HPE FlexFabric 5940 48XGT 6QSFP28 Switch
- JH394A HPE FlexFabric 5940 48XGT 6QSFP+ Switch
- JH395A HPE FlexFabric 5940 48SFP+ 6QSFP+ Switch
- JH396A HPE FlexFabric 5940 32QSFP+ Switch
- JH397A HPE FlexFabric 5940 2-slot Switch
- JH398A HPE FlexFabric 5940 4-slot Switch
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 5950 - Version: R6123
- HP Network Products
- JH321A HPE FlexFabric 5950 32QSFP28 Switch
- JH402A HPE FlexFabric 5950 48SFP28 8QSFP28 Switch
- JH404A HPE FlexFabric 5950 4-slot Switch
- 12900E (Comware 7) - Version: R2609
- HP Network Products
- JG619A HP FlexFabric 12910 Switch AC Chassis
- JG621A HP FlexFabric 12910 Main Processing Unit
- JG632A HP FlexFabric 12916 Switch AC Chassis
- JG634A HP FlexFabric 12916 Main Processing Unit
- JH104A HP FlexFabric 12900E Main Processing Unit
- JH114A HP FlexFabric 12910 TAA-compliant Main Processing Unit
- JH263A HP FlexFabric 12904E Main Processing Unit
- JH255A HP FlexFabric 12908E Switch Chassis
- JH262A HP FlexFabric 12904E Switch Chassis
- JH113A HP FlexFabric 12910 TAA-compliant Switch AC Chassis
- JH103A HP FlexFabric 12916E Switch Chassis
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
iMC Products
- iNode PC 7.2 (E0410) - Version: 7.2 E0410
- HP Network Products
- JD144A HP A-IMC User Access Management Software Module with 200-user License
- JD147A HP IMC Endpoint Admission Defense Software Module with 200-user License
- JD435A HP A-IMC Endpoint Admission Defense Client Software
- JF388A HP IMC User Authentication Management Software Module with 200-user License
- JF388AAE HP IMC User Authentication Management Software Module with 200-user E-LTU
- JF391A HP IMC Endpoint Admission Defense Software Module with 200-user License
- JF391AAE HP IMC Endpoint Admission Defense Software Module with 200-user E-LTU
- JG752AAE HP IMC User Access Manager Software Module with 50-user E-LTU
- JG754AAE) HP IMC Endpoint Admission Defense Software Module with 50-user E-LTU
- CVEs
- CVE-2016-2106
- CVE-2016-2109
- CVE-2016-2176
- iMC UAM_TAM 7.2-E0409 - Version: 7.2 E0409
- HP Network Products
- JF388A HP IMC UAM S/W MODULE W/200-USER LICENSE
- JF388AAE HP IMC UAM S/W MODULE W/200-USER E-LTU
- JG752AAE HP IMC UAM SW MOD W/ 50-USER E-LTU
- JG483A HP IMC TAM S/W MODULE W/100-NODE LIC
- JG483AAE HP IMC TAM S/W MODULE W/100-NODE E-LTU
- JG764AAE HP IMC TAM SW MOD W/ 50-NODE E-LTU
- CVEs
- CVE-2016-2106
- CVE-2016-2109
- CVE-2016-2176
VCX Products
- VCX - Version: 9.8.19
- HP Network Products
- J9672A HP VCX V7205 Platform w/ DL360 G7 Srvr
- J9668A HP VCX IPC V7005 Pltfrm w/ DL120 G6 Srvr
- JC517A HP VCX V7205 Platform w/DL 360 G6 Server
- JE355A HP VCX V6000 Branch Platform 9.0
- JC516A HP VCX V7005 Platform w/DL 120 G6 Server
- JC518A HP VCX Connect 200 Primry 120 G6 Server
- J9669A HP VCX IPC V7310 Pltfrm w/ DL360 G7 Srvr
- JE341A HP VCX Connect 100 Secondary
- JE252A HP VCX Connect Primary MIM Module
- JE253A HP VCX Connect Secondary MIM Module
- JE254A HP VCX Branch MIM Module
- JE355A HP VCX V6000 Branch Platform 9.0
- JD028A HP MS30-40 RTR w/VCX + T1/FXO/FXS/Mod
- JD023A HP MSR30-40 Router with VCX MIM Module
- JD024A HP MSR30-16 RTR w/VCX Ent Br Com MIM
- JD025A HP MSR30-16 RTR w/VCX + 4FXO/2FXS Mod
- JD026A HP MSR30-16 RTR w/VCX + 8FXO/4FXS Mod
- JD027A HP MSR30-16 RTR w/VCX + 8BRI/4FXS Mod
- JD029A HP MSR30-16 RTR w/VCX + E1/4BRI/4FXS
- JE340A HP VCX Connect 100 Pri Server 9.0
- JE342A HP VCX Connect 100 Sec Server 9.0
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
Note: Please contact HPE Technical Support if any assistance is needed acquiring the software updates.
HISTORY Version:1 (rev.1) - 2 June 2017 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running Hewlett Packard Enterprise (HPE) software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HPE Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hpe.com.
Report: To report a potential security vulnerability for any HPE supported product: Web form: https://www.hpe.com/info/report-security-vulnerability Email: security-alert@hpe.com
Subscribe: To initiate a subscription to receive future HPE Security Bulletin alerts via Email: http://www.hpe.com/support/Subscriber_Choice
Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://www.hpe.com/support/Security_Bulletin_Archive
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HPE General Software HF = HPE Hardware and Firmware MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PV = ProCurve ST = Storage Software UX = HP-UX
Copyright 2016 Hewlett Packard Enterprise
Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett Packard Enterprise and the names of Hewlett Packard Enterprise products referenced herein are trademarks of Hewlett Packard Enterprise in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQEcBAEBCAAGBQJZNbF9AAoJELXhAxt7SZaiCmsH/373hRDLNeYxIUxMYvltF6m4 B8gU5WH4mos1K7St+PHPsGdDNop/MxjtLHFEyDkweGUIycA3saZzvf5v8T5BfY3Y ssa38vZUde1mC8RfIUKAcwo0xLqniZ5BU1fpG3bs+8qVafA7gr0i7mMvK+1M19cv dTkbirrP7fQ+2HGNpV3fQlvN3nz0KWI8OWBfFyWtWnYvt1rrzPJyWk08iMsFWUwC gYzNV38AzPPHcB7UeTnbOegL+nC3kM3VkDzhhs2pL15/ZRSlAv6I1tgcuA6YRVhQ wMFX9+LdSuLtDA2idUGgRhTe7lyNApUN0LRJ3nPzIcYXTlRYg3m5fkfmu1Q5KdM= =xlHZ -----END PGP SIGNATURE----- .
Gentoo Linux Security Advisory GLSA 201612-16
https://security.gentoo.org/
Severity: Normal Title: OpenSSL: Multiple vulnerabilities Date: December 07, 2016 Bugs: #581234, #585142, #585276, #591454, #592068, #592074, #592082, #594500, #595186 ID: 201612-16
Synopsis
Multiple vulnerabilities have been found in OpenSSL, the worst of which allows attackers to conduct a time based side-channel attack.
Background
OpenSSL is an Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) as well as a general purpose cryptography library.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-libs/openssl < 1.0.2j >= 1.0.2j
Description
Multiple vulnerabilities have been discovered in OpenSSL. Please review the CVE identifiers and the International Association for Cryptologic Research's (IACR) paper, "Make Sure DSA Signing Exponentiations Really are Constant-Time" for further details. Additionally, a time based side-channel attack may allow a local attacker to recover a private DSA key.
Resolution
All OpenSSL users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/openssl-1.0.2j"
References
[ 1 ] CVE-2016-2105 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2105 [ 2 ] CVE-2016-2106 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2106 [ 3 ] CVE-2016-2107 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2107 [ 4 ] CVE-2016-2108 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2108 [ 5 ] CVE-2016-2109 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2109 [ 6 ] CVE-2016-2176 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2176 [ 7 ] CVE-2016-2177 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2177 [ 8 ] CVE-2016-2178 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2178 [ 9 ] CVE-2016-2180 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2180 [ 10 ] CVE-2016-2183 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2183 [ 11 ] CVE-2016-6304 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6304 [ 12 ] CVE-2016-6305 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6305 [ 13 ] CVE-2016-6306 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6306 [ 14 ] CVE-2016-7052 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7052 [ 15 ] Make Sure DSA Signing Exponentiations Really are Constant-Time http://eprint.iacr.org/2016/594.pdf
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201612-16
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us.
License
Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
Debian Security Advisory DSA-3566-1 security@debian.org https://www.debian.org/security/ Alessandro Ghedini May 03, 2016 https://www.debian.org/security/faq
Package : openssl CVE ID : CVE-2016-2105 CVE-2016-2106 CVE-2016-2107 CVE-2016-2108 CVE-2016-2109 CVE-2016-2176
Several vulnerabilities were discovered in OpenSSL, a Secure Socket Layer toolkit. This could lead to a heap corruption. This could lead to a heap corruption.
CVE-2016-2107
Juraj Somorovsky discovered a padding oracle in the AES CBC cipher
implementation based on the AES-NI instruction set. This could allow
an attacker to decrypt TLS traffic encrypted with one of the cipher
suites based on AES CBC.
CVE-2016-2108
David Benjamin from Google discovered that two separate bugs in the
ASN.1 encoder, related to handling of negative zero integer values
and large universal tags, could lead to an out-of-bounds write.
For the unstable distribution (sid), these problems have been fixed in version 1.0.2h-1. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
APPLE-SA-2016-07-18-1 OS X El Capitan v10.11.6 and Security Update 2016-004
OS X El Capitan v10.11.6 and Security Update 2016-004 is now available and addresses the following:
apache_mod_php
Available for:
OS X Yosemite v10.10.5 and OS X El Capitan v10.11 and later
Impact: A remote attacker may be able to execute arbitrary code
Description: Multiple issues existed in PHP versions prior to
5.5.36. These were addressed by updating PHP to version 5.5.36.
CVE-2016-4650
Audio Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed through improved memory handling. CVE-2016-4647 : Juwei Lin (@fuzzerDOTcn) of Trend Micro
Audio Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to determine kernel memory layout Description: An out-of-bounds read was addressed through improved input validation. CVE-2016-4648 : Juwei Lin(@fuzzerDOTcn) of Trend Micro
Audio Available for: OS X El Capitan v10.11 and later Impact: Parsing a maliciously crafted audio file may lead to the disclosure of user information Description: An out-of-bounds read was addressed through improved bounds checking. CVE-2016-4646 : Steven Seeley of Source Incite working with Trend Micro's Zero Day Initiative
Audio Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to cause a system denial of service Description: A null pointer dereference was addressed through improved input validation. CVE-2016-4649 : Juwei Lin(@fuzzerDOTcn) of Trend Micro
bsdiff Available for: OS X El Capitan v10.11 and later Impact: A local attacker may be able to cause unexpected application termination or arbitrary code execution Description: An integer overflow existed in bspatch. This issue was addressed through improved bounds checking. CVE-2014-9862 : an anonymous researcher
CFNetwork Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to view sensitive user information Description: A permissions issue existed in the handling of web browser cookies. This issue was addressed through improved restrictions. CVE-2016-4645 : Abhinav Bansal of Zscaler Inc.
CoreGraphics Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later Impact: A remote attacker may be able to execute arbitrary code Description: A memory corruption issue was addressed through improved memory handling. CVE-2016-4637 : Tyler Bohan of Cisco Talos (talosintel.com /vulnerability-reports)
CoreGraphics Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to elevate privileges Description: An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed through improved input validation. CVE-2016-4652 : Yubin Fu of Tencent KeenLab working with Trend Micro's Zero Day Initiative
FaceTime Available for: OS X El Capitan v10.11 and later Impact: An attacker in a privileged network position may be able to cause a relayed call to continue transmitting audio while appearing as if the call terminated Description: User interface inconsistencies existed in the handling of relayed calls. These issues were addressed through improved FaceTime display logic. CVE-2016-4635 : Martin Vigo
Graphics Drivers Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed through improved input validation. CVE-2016-4634 : Stefan Esser of SektionEins
ImageIO Available for: OS X El Capitan v10.11 and later Impact: A remote attacker may be able to cause a denial of service Description: A memory consumption issue was addressed through improved memory handling. CVE-2016-4632 : Evgeny Sidorov of Yandex
ImageIO Available for: OS X El Capitan v10.11 and later Impact: A remote attacker may be able to execute arbitrary code Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-4631 : Tyler Bohan of Cisco Talos (talosintel.com /vulnerability-reports)
ImageIO Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later Impact: A remote attacker may be able to execute arbitrary code Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-4629 : Tyler Bohan of Cisco Talos (talosintel.com /vulnerability-reports) CVE-2016-4630 : Tyler Bohan of Cisco Talos (talosintel.com /vulnerability-reports)
Intel Graphics Driver Available for: OS X El Capitan v10.11 and later Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-4633 : an anonymous researcher
IOHIDFamily Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A null pointer dereference was addressed through improved input validation. CVE-2016-4626 : Stefan Esser of SektionEins
IOSurface Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A use-after-free was addressed through improved memory management. CVE-2016-4625 : Ian Beer of Google Project Zero
Kernel Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-1863 : Ian Beer of Google Project Zero CVE-2016-1864 : Ju Zhu of Trend Micro CVE-2016-4582 : Shrek_wzw and Proteas of Qihoo 360 Nirvan Team
Kernel Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to cause a system denial of service Description: A null pointer dereference was addressed through improved input validation. CVE-2016-1865 : CESG, Marco Grassi (@marcograss) of KeenLab (@keen_lab), Tencent
libc++abi Available for: OS X El Capitan v10.11 and later Impact: An application may be able to execute arbitrary code with root privileges Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-4621 : an anonymous researcher
libexpat Available for: OS X El Capitan v10.11 and later Impact: Processing maliciously crafted XML may lead to unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-0718 : Gustavo Grieco
LibreSSL Available for: OS X El Capitan v10.11 and later Impact: A remote attacker may be able to execute arbitrary code Description: Multiple issues existed in LibreSSL before 2.2.7. These were addressed by updating LibreSSL to version 2.2.7. CVE-2016-2108 : Huzaifa Sidhpurwala (Red Hat), Hanno Boeck, David Benjamin (Google) Mark Brand, Ian Beer of Google Project Zero CVE-2016-2109 : Brian Carpenter
libxml2 Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later Impact: Parsing a maliciously crafted XML document may lead to disclosure of user information Description: An access issue existed in the parsing of maliciously crafted XML files. This issue was addressed through improved input validation. CVE-2016-4449 : Kostya Serebryany
libxml2 Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later Impact: Multiple vulnerabilities in libxml2 Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-1836 : Wei Lei and Liu Yang of Nanyang Technological University CVE-2016-4447 : Wei Lei and Liu Yang of Nanyang Technological University CVE-2016-4448 : Apple CVE-2016-4483 : Gustavo Grieco CVE-2016-4614 : Nick Wellnhofe CVE-2016-4615 : Nick Wellnhofer CVE-2016-4616 : Michael Paddon CVE-2016-4619 : Hanno Boeck
libxslt Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later Impact: Multiple vulnerabilities in libxslt Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-1684 : Nicolas GrA(c)goire CVE-2016-4607 : Nick Wellnhofer CVE-2016-4608 : Nicolas GrA(c)goire CVE-2016-4609 : Nick Wellnhofer CVE-2016-4610 : Nick Wellnhofer CVE-2016-4612 : Nicolas GrA(c)goire
Login Window Available for: OS X El Capitan v10.11 and later Impact: A malicious application may be able to execute arbitrary code leading to compromise of user information Description: A memory corruption issue was addressed through improved input validation. CVE-2016-4640 : Yubin Fu of Tencent KeenLab working with Trend Micro's Zero Day Initiative
Login Window Available for: OS X El Capitan v10.11 and later Impact: A malicious application may be able to execute arbitrary code leading to the compromise of user information Description: A type confusion issue was addressed through improved memory handling. CVE-2016-4641 : Yubin Fu of Tencent KeenLab working with Trend Micro's Zero Day Initiative
Login Window Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to cause a denial of service Description: A memory initialization issue was addressed through improved memory handling. CVE-2016-4639 : Yubin Fu of Tencent KeenLab working with Trend Micro's Zero Day Initiative
Login Window Available for: OS X El Capitan v10.11 and later Impact: A malicious application may be able to gain root privileges Description: A type confusion issue was addressed through improved memory handling. CVE-2016-4638 : Yubin Fu of Tencent KeenLab working with Trend Micro's Zero Day Initiative
OpenSSL Available for: OS X El Capitan v10.11 and later Impact: A remote attacker may be able to execute arbitrary code Description: Multiple issues existed in OpenSSL. CVE-2016-2105 : Guido Vranken CVE-2016-2106 : Guido Vranken CVE-2016-2107 : Juraj Somorovsky CVE-2016-2108 : Huzaifa Sidhpurwala (Red Hat), Hanno Boeck, David Benjamin (Google), Mark Brand and Ian Beer of Google Project Zero CVE-2016-2109 : Brian Carpenter CVE-2016-2176 : Guido Vranken
QuickTime Available for: OS X El Capitan v10.11 and later Impact: Processing a maliciously crafted FlashPix Bitmap Image may lead to unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-4596 : Ke Liu of Tencent's Xuanwu Lab CVE-2016-4597 : Ke Liu of Tencent's Xuanwu Lab CVE-2016-4600 : Ke Liu of Tencent's Xuanwu Lab CVE-2016-4602 : Ke Liu of Tencent's Xuanwu Lab
QuickTime Available for: OS X El Capitan v10.11 and later Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved input validation. CVE-2016-4598 : Ke Liu of Tencent's Xuanwu Lab
QuickTime Available for: OS X El Capitan v10.11 and later Impact: Processing a maliciously crafted SGI file may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved input validation. CVE-2016-4601 : Ke Liu of Tencent's Xuanwu Lab
QuickTime Available for: OS X El Capitan v10.11 and later Impact: Processing a maliciously crafted Photoshop document may lead to unexpected application termination or arbitrary code execution Description: A memory corruption issue was addressed through improved input validation. CVE-2016-4599 : Ke Liu of Tencent's Xuanwu Lab
Safari Login AutoFill Available for: OS X El Capitan v10.11 and later Impact: A user's password may be visible on screen Description: An issue existed in Safari's password auto-fill. This issue was addressed through improved matching of form fields. CVE-2016-4595 : Jonathan Lewis from DeARX Services (PTY) LTD
Sandbox Profiles Available for: OS X El Capitan v10.11 and later Impact: A local application may be able to access the process list Description: An access issue existed with privileged API calls. This issue was addressed through additional restrictions. CVE-2016-4594 : Stefan Esser of SektionEins
Note: OS X El Capitan 10.11.6 includes the security content of Safari 9.1.2. For further details see https://support.apple.com/kb/HT206900
OS X El Capitan v10.11.6 and Security Update 2016-004 may be obtained from the Mac App Store or Apple's Software Downloads web site: http://www.apple.com/support/downloads/
Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org
iQIcBAEBCgAGBQJXjXAvAAoJEIOj74w0bLRG/5EP/2v9SJTrO+/4b3A1gqC1ch8y +cJ04tXRsO7rvjKT5nCylo30U0Sanz/bUbDx4559YS7/P/IyeyZVheaTJwK8wzEy pSOPpy35hUuVIw0/p4YsuHDThSBPFMmDljTxH7elkfuBV1lPSrCkyDXc0re2HxWV xj68zAxtM0jkkhgcxb2ApZSZVXhrjUZtbY0xEVOoWKKFwbMvKfx+4xSqunwQeS1u wevs1EbxfvsZbc3pG+xYcOonbegBzOy9aCvNO1Yv1zG+AYXC5ERMq1vk3PsWOTQN ZVY1I7mvCaEfvmjq2isRw8XYapAIKISDLwMKBSYrZDQFwPQLRi1VXxQZ67Kq1M3k ah04/lr0RIcoosIcBqxD2+1UAFjUzEUNFkYivjhuaeegN2QdL7Ujegf1QjdAt8lk mmKduxYUDOaRX50Kw7n14ZveJqzE1D5I6QSItaZ9M1vR60a7u91DSj9D87vbt1YC JM/Rvf/4vonp1NjwA2JQwCiZfYliBDdn9iiCl8mzxdsSRD/wXcZCs05nnKmKsCfc 55ET7IwdG3622lVheOJGQZuucwJiTn36zC11XVzZysQd/hLD5rUKUQNX1WOgZdzs xPsslXF5MWx9jcdyWVSWxDrN0sFk+GpQFQDuVozP60xuxqR3qQ0TXir2NP39uIF5 YozOGPQFmX0OviWCQsX6 =ng+m -----END PGP SIGNATURE----- . The bug causing the vulnerability was fixed on April 18th 2015, and released as part of the June 11th 2015 security releases. The security impact of the bug was not known at the time.
In previous versions of OpenSSL, ASN.1 encoding the value zero represented as a negative integer can cause a buffer underflow with an out-of-bounds write in i2c_ASN1_INTEGER. The ASN.1 parser does not normally create "negative zeroes" when parsing ASN.1 input, and therefore, an attacker cannot trigger this bug.
However, a second, independent bug revealed that the ASN.1 parser (specifically, d2i_ASN1_TYPE) can misinterpret a large universal tag as a negative zero value. Large universal tags are not present in any common ASN.1 structures (such as X509) but are accepted as part of ANY structures.
Therefore, if an application deserializes untrusted ASN.1 structures containing an ANY field, and later reserializes them, an attacker may be able to trigger an out-of-bounds write. This has been shown to cause memory corruption that is potentially exploitable with some malloc implementations.
Applications that parse and re-encode X509 certificates are known to be vulnerable. Applications that verify RSA signatures on X509 certificates may also be vulnerable; however, only certificates with valid signatures trigger ASN.1 re-encoding and hence the bug. Specifically, since OpenSSL's default TLS X509 chain verification code verifies the certificate chain from root to leaf, TLS handshakes could only be targeted with valid certificates issued by trusted Certification Authorities.
OpenSSL 1.0.2 users should upgrade to 1.0.2c OpenSSL 1.0.1 users should upgrade to 1.0.1o
This vulnerability is a combination of two bugs, neither of which individually has security impact. The first bug (mishandling of negative zero integers) was reported to OpenSSL by Huzaifa Sidhpurwala (Red Hat) and independently by Hanno Böck in April 2015. The second issue (mishandling of large universal tags) was found using libFuzzer, and reported on the public issue tracker on March 1st 2016. The fact that these two issues combined present a security vulnerability was reported by David Benjamin (Google) on March 31st 2016. The fixes were developed by Steve Henson of the OpenSSL development team, and David Benjamin. The OpenSSL team would also like to thank Mark Brand and Ian Beer from the Google Project Zero team for their careful analysis of the impact.
The fix for the "negative zero" memory corruption bug can be identified by commits
3661bb4e7934668bd99ca777ea8b30eedfafa871 (1.0.2) and 32d3b0f52f77ce86d53f38685336668d47c5bdfe (1.0.1)
Padding oracle in AES-NI CBC MAC check (CVE-2016-2107)
Severity: High
A MITM attacker can use a padding oracle attack to decrypt traffic when the connection uses an AES CBC cipher and the server support AES-NI.
This issue was introduced as part of the fix for Lucky 13 padding attack (CVE-2013-0169). The padding check was rewritten to be in constant time by making sure that always the same bytes are read and compared against either the MAC or padding bytes. But it no longer checked that there was enough data to have both the MAC and padding bytes.
OpenSSL 1.0.2 users should upgrade to 1.0.2h OpenSSL 1.0.1 users should upgrade to 1.0.1t
This issue was reported to OpenSSL on 13th of April 2016 by Juraj Somorovsky using TLS-Attacker. The fix was developed by Kurt Roeckx of the OpenSSL development team.
EVP_EncodeUpdate overflow (CVE-2016-2105)
Severity: Low
An overflow can occur in the EVP_EncodeUpdate() function which is used for Base64 encoding of binary data. If an attacker is able to supply very large amounts of input data then a length check can overflow resulting in a heap corruption.
Internally to OpenSSL the EVP_EncodeUpdate() function is primarly used by the PEM_write_bio family of functions. These are mainly used within the OpenSSL command line applications. These internal uses are not considered vulnerable because all calls are bounded with length checks so no overflow is possible. User applications that call these APIs directly with large amounts of untrusted data may be vulnerable. (Note: Initial analysis suggested that the PEM_write_bio were vulnerable, and this is reflected in the patch commit message. This is no longer believed to be the case).
OpenSSL 1.0.2 users should upgrade to 1.0.2h OpenSSL 1.0.1 users should upgrade to 1.0.1t
This issue was reported to OpenSSL on 3rd March 2016 by Guido Vranken. The fix was developed by Matt Caswell of the OpenSSL development team.
EVP_EncryptUpdate overflow (CVE-2016-2106)
Severity: Low
An overflow can occur in the EVP_EncryptUpdate() function. If an attacker is able to supply very large amounts of input data after a previous call to EVP_EncryptUpdate() with a partial block then a length check can overflow resulting in a heap corruption. Following an analysis of all OpenSSL internal usage of the EVP_EncryptUpdate() function all usage is one of two forms. The first form is where the EVP_EncryptUpdate() call is known to be the first called function after an EVP_EncryptInit(), and therefore that specific call must be safe. The second form is where the length passed to EVP_EncryptUpdate() can be seen from the code to be some small value and therefore there is no possibility of an overflow. Since all instances are one of these two forms, it is believed that there can be no overflows in internal code due to this problem. It should be noted that EVP_DecryptUpdate() can call EVP_EncryptUpdate() in certain code paths. Also EVP_CipherUpdate() is a synonym for EVP_EncryptUpdate(). All instances of these calls have also been analysed too and it is believed there are no instances in internal usage where an overflow could occur.
This could still represent a security issue for end user code that calls this function directly.
OpenSSL 1.0.2 users should upgrade to 1.0.2h OpenSSL 1.0.1 users should upgrade to 1.0.1t
This issue was reported to OpenSSL on 3rd March 2016 by Guido Vranken. The fix was developed by Matt Caswell of the OpenSSL development team.
ASN.1 BIO excessive memory allocation (CVE-2016-2109)
Severity: Low
When ASN.1 data is read from a BIO using functions such as d2i_CMS_bio() a short invalid encoding can casuse allocation of large amounts of memory potentially consuming excessive resources or exhausting memory.
Any application parsing untrusted data through d2i BIO functions is affected. The memory based functions such as d2i_X509() are not affected. Since the memory based functions are used by the TLS library, TLS applications are not affected.
OpenSSL 1.0.2 users should upgrade to 1.0.2h OpenSSL 1.0.1 users should upgrade to 1.0.1t
This issue was reported to OpenSSL on 4th April 2016 by Brian Carpenter. The fix was developed by Stephen Henson of the OpenSSL development team.
EBCDIC overread (CVE-2016-2176)
Severity: Low
ASN1 Strings that are over 1024 bytes can cause an overread in applications using the X509_NAME_oneline() function on EBCDIC systems. This could result in arbitrary stack data being returned in the buffer.
OpenSSL 1.0.2 users should upgrade to 1.0.2h OpenSSL 1.0.1 users should upgrade to 1.0.1t
This issue was reported to OpenSSL on 5th March 2016 by Guido Vranken. The fix was developed by Matt Caswell of the OpenSSL development team.
Note
As per our previous announcements and our Release Strategy (https://www.openssl.org/policies/releasestrat.html), support for OpenSSL version 1.0.1 will cease on 31st December 2016. No security updates for that version will be provided after that date. Users of 1.0.1 are advised to upgrade.
Support for versions 0.9.8 and 1.0.0 ended on 31st December 2015. Those versions are no longer receiving security updates.
References
URL for this Security Advisory: https://www.openssl.org/news/secadv/20160503.txt
Note: the online version of the advisory may be updated with additional details over time.
For details of OpenSSL severity classifications please see: https://www.openssl.org/policies/secpolicy.html
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201605-0037",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.2d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.2c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.2e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.2"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.2a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.2b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2g"
},
{
"model": "openssl",
"scope": "lte",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1s"
},
{
"model": "commerce guided search / oracle commerce experience manager",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "6.5.1"
},
{
"model": "transportation management",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "6.2"
},
{
"model": "esmpro/serveragentservice",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "all versions (linux)"
},
{
"model": "commerce guided search / oracle commerce experience manager",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "6.3.0"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "enterprise v8.2 to v9.4"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v8.0"
},
{
"model": "ip38x/3000",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "foundation v8.2 to v8.5"
},
{
"model": "websam",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "6.2"
},
{
"model": "ip38x/3500",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "ip38x/fw120",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "transportation management",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "6.1"
},
{
"model": "ip38x/1200",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "primavera p6 professional project management",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "8.3"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v3.0"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "st ard v8.2 to v9.4"
},
{
"model": "openssl",
"scope": "lt",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "enterprisedirectoryserver",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "ver6.1 to v8.0"
},
{
"model": "secureware/pki application development kit",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "ver3.2"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v3.1"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v6.2"
},
{
"model": "websam",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "netvisorpro 6.1"
},
{
"model": "ip38x/810",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "webotx enterprise service bus",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v8.2 to v9.3"
},
{
"model": "ip38x/n500",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "primavera p6 professional project management",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "15.x"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "/sg series sg3600lm/lg/lj v6.1"
},
{
"model": "commerce guided search / oracle commerce experience manager",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "6.2.2"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "/sg series intersecvm/sg v1.2"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v7.0"
},
{
"model": "ip38x/1210",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "primavera p6 professional project management",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "16.x"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "express v8.2 to v9.4"
},
{
"model": "e-business suite",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "12.1.3"
},
{
"model": "commerce guided search / oracle commerce experience manager",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "6.4.1.2"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v7.1"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.1t"
},
{
"model": "commerce guided search / oracle commerce experience manager",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "6.5.2"
},
{
"model": "capssuite",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v3.0 to v4.0"
},
{
"model": "univerge",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "business connect v7.1.1"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v4.0"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "10.11 and later"
},
{
"model": "openssl",
"scope": "lt",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.2"
},
{
"model": "ip38x/5000",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "websam",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "7.0"
},
{
"model": "ip38x/sr100",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "commerce guided search / oracle commerce experience manager",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "6.5.0"
},
{
"model": "primavera p6 professional project management",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "8.4"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.2h"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v8.2"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "/sg series univerge sg3000lg/lj"
},
{
"model": "registered envelope service",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence video communication server",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "0"
},
{
"model": "paging server",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": "11.5.1"
},
{
"model": "nexus series switches 5.2 sv3",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": "1000v"
},
{
"model": "network performance analytics",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "0"
},
{
"model": "ironport encryption appliance",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "0"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "1.0.1s"
},
{
"model": "spa51x series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mate collector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ata series analog terminal adaptor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1900"
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "network health framework",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence server on virtual machine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "spa232d multi-line dect ata",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2"
},
{
"model": "show and share",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(1)"
},
{
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.2.1"
},
{
"model": "unified series ip phones",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "780011.5.2"
},
{
"model": "clean access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "lancope stealthwatch flowcollector netflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8"
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(3.10000.9)"
},
{
"model": "websphere cast iron",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.0.2"
},
{
"model": "10.2-release-p8",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "hosted collaboration mediation fulfillment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.6(3)"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.3"
},
{
"model": "proactive network operations center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence server mr2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "87104.2"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.2"
},
{
"model": "video distribution suite for internet streaming",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3.2"
},
{
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.2"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.53"
},
{
"model": "emergency responder",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.6.0"
},
{
"model": "video surveillance media server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11"
},
{
"model": "project openssl 1.0.1e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "lancope stealthwatch udp director",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.2"
},
{
"model": "nexus series blade switches 0.9.8zf",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4000"
},
{
"model": "telepresence isdn link",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.1.6"
},
{
"model": "project openssl 1.0.2g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0.1"
},
{
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32400"
},
{
"model": "cognos insight fp if",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.216"
},
{
"model": "project openssl 1.0.1a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "telepresence sx series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.3.7"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5.1.6"
},
{
"model": "unified intelligent contact management enterprise",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.51"
},
{
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "85100"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5.1.131"
},
{
"model": "unified workforce optimization",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.1"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1.4"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"model": "lancope stealthwatch flowcollector netflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.1"
},
{
"model": "mediasense 9.0",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "abyp-4tl-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "rational tau",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.35"
},
{
"model": "cognos business intelligence interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.119"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "asr series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50000"
},
{
"model": "aspera shares",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.9.6"
},
{
"model": "10.1-release-p26",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "edge digital media player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3400"
},
{
"model": "enterprise content delivery system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.8"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.2"
},
{
"model": "prime collaboration assurance sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"model": "tivoli netcool system service monitors fp3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(1)"
},
{
"model": "unified contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.11"
},
{
"model": "intelligent automation for cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jabber guest",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0(2)"
},
{
"model": "cognos insight fp",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.26"
},
{
"model": "websphere cast iron",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.1"
},
{
"model": "10.1-release-p5",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "unified ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "69010"
},
{
"model": "prime security manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9.5.4.3"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.13-34"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"model": "flex system fc3171 8gb san pass-thru",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "im and presence service",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"model": "ata analog telephone adaptor",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1879.2.5"
},
{
"model": "websphere cast iron",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.15"
},
{
"model": "tivoli netcool system service monitors fp15",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "show and share",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5(2)"
},
{
"model": "jabber guest",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "real-time compression appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.2"
},
{
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.4.0.1"
},
{
"model": "cloud manager with openstack interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.3"
},
{
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "prime license manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ucs central 1.5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "prime collaboration deployment",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"model": "mobile foundation consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.0.1"
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "series ip phones vpn feature",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8800-11.5.2"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.2"
},
{
"model": "visual quality experience server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "filenet system monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"model": "project openssl 1.0.1t",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "anyconnect secure mobility client for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3"
},
{
"model": "content security management appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "10.1-release-p28",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "agent for openflow",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.4.0"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.1"
},
{
"model": "webex recording playback client",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime collaboration assurance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "asa next-generation firewall services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "9.3-release-p38",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "telepresence content server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tandberg codian mse model",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83200"
},
{
"model": "mysql enterprise backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.10.1"
},
{
"model": "local collector appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2.8"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.2"
},
{
"model": "9.3-release-p10",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.3-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "digital media players series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44000"
},
{
"model": "mds series multilayer switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "90008.3"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.16-37"
},
{
"model": "10.2-release-p13",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "nexus series switches 7.3.1nx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.1"
},
{
"model": "prime infrastructure standalone plug and play gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "spa50x series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings for blackberry",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tivoli netcool system service monitors interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.014-01"
},
{
"model": "lancope stealthwatch flowcollector sflow",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 1.0.1g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "media experience engines",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.5.1"
},
{
"model": "exalogic infrastructure",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2.0"
},
{
"model": "tivoli netcool system service monitors fp1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.4"
},
{
"model": "telepresence integrator c series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.3.7"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "anyconnect secure mobility client",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security virtual server protection for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.1"
},
{
"model": "telepresence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "87100"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.1"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.4-23"
},
{
"model": "10.2-release-p14",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "10.1-release-p17",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.25-57"
},
{
"model": "sterling connect:express for unix ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.6.1146-109"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.18-43"
},
{
"model": "cloud manager with openstack interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.5"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"model": "media services interface",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus intercloud",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1000v0"
},
{
"model": "media experience engines",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.5"
},
{
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1"
},
{
"model": "buildforge",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.1"
},
{
"model": "ips",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 1.0.1i",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.4.2"
},
{
"model": "unified workforce optimization quality management sr3 es5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0"
},
{
"model": "meetingplace",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.7"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.2"
},
{
"model": "prime access registrar",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.0.1.7"
},
{
"model": "anyconnect secure mobility client for ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "unified attendant console advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex messenger service ep1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.9.9"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.3"
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "mediasense",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5.1"
},
{
"model": "unified ip phone 9.4.2sr3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8961"
},
{
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.1.1"
},
{
"model": "10.2-release-p9",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "unified wireless ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 1.0.1s",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "10.1-release-p27",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "spa122 ata with router",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.4.5"
},
{
"model": "media experience engines",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.6"
},
{
"model": "webex meeting center",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.9.1"
},
{
"model": "lancope stealthwatch flowcollector netflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.2"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "webex node for mcs",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.12.9.8"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "jabber for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance 4300e/4500e high-definition ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2.8"
},
{
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.0.0"
},
{
"model": "10.2-release-p6",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "cloud manager with openstack interix fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.3"
},
{
"model": "unified sip proxy",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "virtual security gateway for microsoft hyper-v",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(1)"
},
{
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32100"
},
{
"model": "unified attendant console premium edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "digital media players series 5.4 rb",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4300"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.11-28"
},
{
"model": "buildforge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "mysql workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.1.5"
},
{
"model": "sterling connect:express for unix ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.12150-12"
},
{
"model": "prime optical for sps",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "abyp-2t-1s-1l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "mds series multilayer switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "90006.2.17"
},
{
"model": "cognos tm1 interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1.2"
},
{
"model": "rational tau",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.36"
},
{
"model": "project openssl 1.0.1r",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "websphere cast iron",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.8"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "anyconnect secure mobility client for linux",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3"
},
{
"model": "websphere cast iron",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.3"
},
{
"model": "aspera console",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.1"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.0.997"
},
{
"model": "anyconnect secure mobility client for os",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x4.3"
},
{
"model": "unified ip phone series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "79000"
},
{
"model": "anyconnect secure mobility client for android",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3"
},
{
"model": "lancope stealthwatch flowsensor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "connected analytics for collaboration 1.0.1q",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.20"
},
{
"model": "websphere cast iron",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.7"
},
{
"model": "cognos insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"model": "jabber guest",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.0"
},
{
"model": "rational tau",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.34"
},
{
"model": "abyp-2t-1s-1l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "show and share",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(2)"
},
{
"model": "lancope stealthwatch flowcollector sflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.7.3"
},
{
"model": "mmp server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "websphere cast iron",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.1"
},
{
"model": "tivoli provisioning manager for images",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.19"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.30.0-13"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1"
},
{
"model": "abyp-10g-2sr-2lr-1-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "tivoli provisioning manager for images build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.20280.6"
},
{
"model": "computer telephony integration object server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.51"
},
{
"model": "unified communications for microsoft lync",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.6.7"
},
{
"model": "prime security manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.3.4.2-4"
},
{
"model": "anyres live",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ons series multiservice provisioning platforms",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1545410.6.1"
},
{
"model": "websphere cast iron",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.2"
},
{
"model": "telepresence isdn link",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70104.4"
},
{
"model": "packet tracer",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2"
},
{
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.7.0"
},
{
"model": "openssh for gpfs for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.0.31"
},
{
"model": "unified attendant console business edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "agent for openflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0.7"
},
{
"model": "cloud manager with openstack interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.5"
},
{
"model": "cognos business intelligence interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.117"
},
{
"model": "unified contact center enterprise",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.51"
},
{
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32200"
},
{
"model": "show and share",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(3)"
},
{
"model": "globalprotect agent",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "3.1.0"
},
{
"model": "webex meetings for wp8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.54"
},
{
"model": "abyp-2t-2s-0l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "webex meetings for android",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1"
},
{
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.5.0"
},
{
"model": "mds series multilayer switches 7.3.1nx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9000"
},
{
"model": "mds series multilayer switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"model": "flex system fc3171 8gb san pass-thru",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.8.01.00"
},
{
"model": "ios software and cisco ios xe software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "16.3.1"
},
{
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.2"
},
{
"model": "webex meeting center",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.9.0.5"
},
{
"model": "cognos insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.15-36"
},
{
"model": "ace application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "300"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "lancope stealthwatch flowsensor",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.7.3"
},
{
"model": "exalogic infrastructure",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0"
},
{
"model": "proventia network enterprise scanner",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.4"
},
{
"model": "websphere cast iron",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.6"
},
{
"model": "nac guest server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "local collector appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2.10"
},
{
"model": "enterprise content delivery system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(1)"
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tivoli provisioning manager for os deployment build",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1051.08"
},
{
"model": "vm virtualbox",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.22"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.11"
},
{
"model": "mobile foundation consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.0.0"
},
{
"model": "prime collaboration deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings client hosted t31r1sp6",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cloud manager with openstack interim fix1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.6"
},
{
"model": "9.3-release-p35",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "dx series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "virtualization experience media engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance series ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "60002.8"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3x000"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.18"
},
{
"model": "packet tracer",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3"
},
{
"model": "unified sip proxy",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0"
},
{
"model": "10.2-release-p10",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "aspera shares",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.9.3"
},
{
"model": "abyp-0t-4s-0l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "spa50x series ip phones",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.6.5"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10"
},
{
"model": "abyp-4ts-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.5"
},
{
"model": "ata series analog terminal adaptor",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1901.3"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.0"
},
{
"model": "digital media players series 5.4 rb",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4400"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.4"
},
{
"model": "virtualization experience media engine",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5.1"
},
{
"model": "abyp-10g-4lr-1-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3200"
},
{
"model": "abyp-10g-4lr-1-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "video surveillance ptz ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8"
},
{
"model": "9.3-release-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.6"
},
{
"model": "unified communications for microsoft lync",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jabber software development kit",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "spa122 ata with router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "10.1-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.3-stable",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "tivoli composite application manager for transactions if03",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.4.0.1"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.4"
},
{
"model": "identity services engine",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2.1"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.2"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.1"
},
{
"model": "tivoli provisioning manager for os deployment build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.151.05"
},
{
"model": "10.1-release-p9",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"model": "webex meetings server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.7"
},
{
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(2.10000.5)"
},
{
"model": "project openssl 1.0.1c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "telepresence mx series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.3.7"
},
{
"model": "websphere cast iron",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4.0.0"
},
{
"model": "telepresence server on multiparty media",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3204.4"
},
{
"model": "lancope stealthwatch flowcollector sflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8"
},
{
"model": "digital media players series 5.3 rb",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4300"
},
{
"model": "telepresence profile series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.3.7"
},
{
"model": "openssh for gpfs for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5"
},
{
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.6"
},
{
"model": "abyp-0t-0s-4l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "project openssl 1.0.1f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "nexus series switches 7.3.1nx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7000"
},
{
"model": "jabber for android mr",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6"
},
{
"model": "project openssl 1.0.2a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "abyp-4t-0s-0l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "websphere cast iron",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.12"
},
{
"model": "algo audit and compliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "project openssl 1.0.2f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.5"
},
{
"model": "connected grid router-cgos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.2919"
},
{
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.0"
},
{
"model": "lancope stealthwatch smc",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tivoli provisioning manager for images",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.0"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "telepresence server on virtual machine mr2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.4"
},
{
"model": "unified ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "69450"
},
{
"model": "anyconnect secure mobility client",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "60008.3"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.30.2-9"
},
{
"model": "abyp-0t-2s-2l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70008.3"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"model": "integration bus",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.2"
},
{
"model": "webex meetings server ssl gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "sterling connect:express for unix ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.6.1146-110"
},
{
"model": "lancope stealthwatch flowcollector sflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.1"
},
{
"model": "prime network services controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ironport email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "9.3-release-p3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "prime collaboration provisioning",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.2"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.12"
},
{
"model": "sterling connect:express for unix ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.6.1146-113"
},
{
"model": "lancope stealthwatch flowsensor",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8"
},
{
"model": "spa30x series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.30-12"
},
{
"model": "webex meetings client on premises",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.3"
},
{
"model": "cognos tm1 fix pack",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.26"
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.19"
},
{
"model": "telepresence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70100"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.3(1)"
},
{
"model": "hosted collaboration mediation fulfillment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "digital media manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.4"
},
{
"model": "websphere cast iron",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.0"
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.2"
},
{
"model": "security manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.12"
},
{
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.0"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.7"
},
{
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.2.2"
},
{
"model": "cognos tm1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5(.1.131)"
},
{
"model": "project openssl 1.0.2d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "10.3"
},
{
"model": "prime access registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "onepk all-in-one vm",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1(1)"
},
{
"model": "prime lan management solution",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "buildforge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.2"
},
{
"model": "algo audit and compliance if",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0.32"
},
{
"model": "spa525g",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cloud manager with openstack interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.4"
},
{
"model": "lancope stealthwatch flowsensor",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.1"
},
{
"model": "9.3-release-p25",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "abyp-0t-2s-2l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "websphere cast iron",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.0.1"
},
{
"model": "unified attendant console department edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified ip phone 9.4.2sr3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9971"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.1"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.29-9"
},
{
"model": "series ip phones vpn feature",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8800-0"
},
{
"model": "nexus series switches 7.3.1dx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6000"
},
{
"model": "abyp-2t-0s-2l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "spa112 2-port phone adapter",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.4.5"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.6"
},
{
"model": "cognos tm1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2"
},
{
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.1.1"
},
{
"model": "telepresence server mr2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70104.2"
},
{
"model": "webex messenger service",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.20"
},
{
"model": "abyp-10g-4sr-1-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "media experience engines",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "10.3-stable",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.1.4"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.2.2"
},
{
"model": "mysql enterprise backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.10"
},
{
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.3.1"
},
{
"model": "rational tau interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.6"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "video distribution suite for internet streaming",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "digital media players series 5.4 rb",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4300"
},
{
"model": "telepresence server on multiparty media mr2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3204.2"
},
{
"model": "connected grid router 15.6.2.15t",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.116"
},
{
"model": "cloupia unified infrastructure controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "hosted collaboration mediation fulfillment",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5:20"
},
{
"model": "jabber for mac",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.7"
},
{
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.20"
},
{
"model": "agent desktop for cisco unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"model": "counter fraud management for safer payments",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.0"
},
{
"model": "telepresence server on multiparty media mr2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3104.2"
},
{
"model": "adaptive security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "flex system fc3171 8gb san switch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70006.2.17"
},
{
"model": "digital media players series 5.3 rb",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4400"
},
{
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.1.0"
},
{
"model": "project openssl 1.0.1n",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3204.1"
},
{
"model": "lancope stealthwatch smc",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.7.3"
},
{
"model": "packet tracer",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.0"
},
{
"model": "network analysis module",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.3.1"
},
{
"model": "project openssl 1.0.1o",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"model": "unified wireless ip phone",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5.1"
},
{
"model": "anyconnect secure mobility client for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "virtual security gateway vsg2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.1.0"
},
{
"model": "linux x86 64 -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "policy suite",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "10.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"model": "webex meetings client on premises",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "-2.7"
},
{
"model": "10.2-release-p12",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "spa51x series ip phones",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.6.5"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.55"
},
{
"model": "unified ip conference phone for third-party call control",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"model": "unified intelligence center",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5.1"
},
{
"model": "telepresence server on virtual machine",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.4"
},
{
"model": "common services platform collector",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.9.1"
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.7"
},
{
"model": "project openssl 1.0.2e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(3.10000.9)"
},
{
"model": "hosted collaboration mediation fulfillment",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"model": "project openssl 1.0.1q",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "dcm series 9900-digital content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.3"
},
{
"model": "digital media manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3"
},
{
"model": "anyconnect secure mobility client for ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.1.2"
},
{
"model": "tivoli provisioning manager for os deployment intirim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.133"
},
{
"model": "telepresence sx series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.1.2"
},
{
"model": "lancope stealthwatch flowcollector sflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.2"
},
{
"model": "anyconnect secure mobility client for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2"
},
{
"model": "webex meetings client hosted",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "webex meetings for wp8",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.13"
},
{
"model": "sterling connect:express for unix ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.6.1146-108"
},
{
"model": "sterling connect:express for unix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.13"
},
{
"model": "show and share",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(2.1)"
},
{
"model": "security virtual server protection for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"model": "webex meetings for wp8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.1"
},
{
"model": "physical access control gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "wide area application services",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.5.7"
},
{
"model": "9.3-release-p24",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "webex messenger service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "10.1-release-p19",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "mmp server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.10"
},
{
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.1"
},
{
"model": "prime ip express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "application and content networking system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.5.41"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"model": "mysql workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.1.4"
},
{
"model": "10.1-release-p30",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.3-release-p13",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.2.1"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "intelligent automation for cloud",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "0.9.8"
},
{
"model": "cognos business intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "edge digital media player 1.6rb4 5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "300"
},
{
"model": "mds series multilayer switches 7.3.1dx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9000"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "99510"
},
{
"model": "abyp-10g-4sr-1-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "9.3-release-p36",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89450"
},
{
"model": "digital media manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.4.1"
},
{
"model": "tivoli provisioning manager for os deployment build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.20280.6"
},
{
"model": "lancope stealthwatch flowsensor",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.2"
},
{
"model": "video surveillance series ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30002.8"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.10"
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.2"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.12"
},
{
"model": "webex meeting center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.11"
},
{
"model": "partner supporting service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "mobility services engine",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.0"
},
{
"model": "edge digital media player",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3401.2.0.20"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.1"
},
{
"model": "abyp-0t-4s-0l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "spa30x series ip phones",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.6.5"
},
{
"model": "unified series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "78000"
},
{
"model": "digital media players series 5.4 rb",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4400"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.13"
},
{
"model": "10.2-release-p11",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.2"
},
{
"model": "enterprise content management system monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "42000"
},
{
"model": "socialminer",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "standalone rack server cimc",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5"
},
{
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.2.1"
},
{
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.0.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "spa112 2-port phone adapter",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mysql enterprise backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.12.2"
},
{
"model": "tivoli netcool system service monitors fp14",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "intracer",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "lancope stealthwatch smc",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8"
},
{
"model": "jabber for apple ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6.2"
},
{
"model": "video surveillance series high-definition ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "40002.4.7"
},
{
"model": "video surveillance media server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.7"
},
{
"model": "9.3-release-p33",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.5"
},
{
"model": "tivoli provisioning manager for os deployment build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1051.07"
},
{
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "84200"
},
{
"model": "jabber for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ironport email security appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "10.2"
},
{
"model": "anyconnect secure mobility client for linux",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "meetingplace",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "spa525g",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.6.5"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.3"
},
{
"model": "mmp server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.9.0.5"
},
{
"model": "websphere cast iron",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4.0.1"
},
{
"model": "9.3-release-p41",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "tivoli netcool system service monitors fp1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "flex system fc3171 8gb san switch",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.8.01.00"
},
{
"model": "lancope stealthwatch udp director",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence integrator c series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.1.2"
},
{
"model": "prime network registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cloud object store",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.8"
},
{
"model": "buildforge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.3"
},
{
"model": "anyconnect secure mobility client for android",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "cognos business intelligence fixpack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.12"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.1.4"
},
{
"model": "telepresence sx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "10.1-release-p25",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "enterprise content management system monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.1.5"
},
{
"model": "registered envelope service",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.0"
},
{
"model": "lancope stealthwatch smc",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.1"
},
{
"model": "tivoli netcool system service monitors fp2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "cognos business intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "99710"
},
{
"model": "telepresence content server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.2"
},
{
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.5(4)"
},
{
"model": "meetingplace",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence server on multiparty media",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3104.4"
},
{
"model": "websphere message broker",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.0.2"
},
{
"model": "anyconnect secure mobility client for linux",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.6"
},
{
"model": "ata analog telephone adaptor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1870"
},
{
"model": "asa cx and prime security manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "universal small cell series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "50003.5.12.21"
},
{
"model": "project openssl 1.0.1m",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "expressway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"model": "anyconnect secure mobility client for android",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0(1)"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "50007.3.1"
},
{
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.5(3)"
},
{
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.3.0"
},
{
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.0"
},
{
"model": "10.1-release-p6",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "edge digital media player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3000"
},
{
"model": "unified ip phone 9.4.2sr3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8945"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.18-49"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0(1.10000.12)"
},
{
"model": "telepresence ex series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.1.2"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1000v0"
},
{
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.3"
},
{
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.3"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.6"
},
{
"model": "mate design",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.5"
},
{
"model": "10.3-rc2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.13-41"
},
{
"model": "websphere cast iron",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.9"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "aspera console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"model": "show and share",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "network admission control",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified communications for microsoft lync",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6"
},
{
"model": "identity services engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.4"
},
{
"model": "project openssl 1.0.1j",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "rational tau",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.31"
},
{
"model": "universal small cell series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70003.4.2.0"
},
{
"model": "10.1-release-p33",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "nexus series switches 7.3.1dx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"model": "telepresence conductor",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"model": "abyp-0t-0s-4l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "unified attendant console standard",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.4.0.0"
},
{
"model": "jazz reporting service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "connected grid routers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mate live",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5(.1.6)"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1"
},
{
"model": "telepresence integrator c series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified workforce optimization sr3 es5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.0"
},
{
"model": "project openssl 1.0.1d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "unified communications manager 10.5 su3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "lancope stealthwatch udp director",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.7.3"
},
{
"model": "abyp-2t-2s-0l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "jazz reporting service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "aspera shares",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.9.4"
},
{
"model": "application policy infrastructure controller",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0(0.400)"
},
{
"model": "abyp-4tl-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "nac server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.9-34"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.3.2"
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.3"
},
{
"model": "abyp-4ts-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "digital media players series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "43000"
},
{
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.3"
},
{
"model": "9.3-release-p31",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3100"
},
{
"model": "security proventia network active bypass 0343c3c",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "cloud manager with openstack interim fix1",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.6"
},
{
"model": "unified ip phones 9.3 sr3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6901"
},
{
"model": "digital media manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3.6"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11.0(0.98000.225)"
},
{
"model": "prime network",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "anyconnect secure mobility client for ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3"
},
{
"model": "prime performance manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "prime collaboration provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "network analysis module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "websphere application server liberty profile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.12"
},
{
"model": "unity connection",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"model": "telepresence video communication server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.8"
},
{
"model": "lancope stealthwatch flowcollector netflow",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "lancope stealthwatch smc",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.2"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(1.98991.13)"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.16"
},
{
"model": "abyp-10g-2sr-2lr-1-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "prime optical for sps",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.6"
},
{
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "45000"
},
{
"model": "telepresence server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "87104.4"
},
{
"model": "telepresence isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32410"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "aspera console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.4"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "50008.3"
},
{
"model": "10.1-release-p31",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "tivoli netcool system service monitors interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.12-04"
},
{
"model": "netflow generation appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "aspera shares",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.9.2"
},
{
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3104.1"
},
{
"model": "telepresence ex series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings server ssl gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "-2.7"
},
{
"model": "telepresence server on virtual machine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cognos tm1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.5"
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(1.10000.5)"
},
{
"model": "webex meetings for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "aspera console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.6"
},
{
"model": "tivoli composite application manager for transactions if37",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0.1"
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.6"
},
{
"model": "tivoli network manager ip edition fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.94"
},
{
"model": "prime license manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.0"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance series ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70002.8"
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.3"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.18-42"
},
{
"model": "expressway series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.8"
},
{
"model": "abyp-4t-0s-0l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "email security appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.2"
},
{
"model": "virtual security gateway for microsoft hyper-v vsg2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.14"
},
{
"model": "connected grid router cgos 15.6.2.15t",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "wide area application services",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2.3"
},
{
"model": "9.3-release-p5",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "tivoli netcool system service monitors interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.12-01"
},
{
"model": "unified intelligent contact management enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus series switches 7.3.1nx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6000"
},
{
"model": "application and content networking system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mmp server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.9.1"
},
{
"model": "project openssl 1.0.1k",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "9.3-release-p39",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "anyconnect secure mobility client for ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "sterling connect:express for unix ifix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.6.1146-114"
},
{
"model": "telepresence mx series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.1.2"
},
{
"model": "aspera console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.5"
},
{
"model": "spa232d multi-line dect ata",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.4.5"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "tivoli provisioning manager for images build",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.20290.1"
},
{
"model": "project openssl 1.0.1b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "telepresence profile series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.1.2"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.13"
},
{
"model": "anyconnect secure mobility client for os",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x4.2"
},
{
"model": "tivoli netcool system service monitors interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.014-08"
},
{
"model": "lancope stealthwatch udp director",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8"
},
{
"model": "universal small cell series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70003.5.12.21"
},
{
"model": "telepresence conductor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "application policy infrastructure controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jabber for mac",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "globalprotect agent",
"scope": "ne",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "3.1.1"
},
{
"model": "dcm series 9900-digital content manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "19.0"
},
{
"model": "10.3-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "unified ip phone 9.4.2sr3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9951"
},
{
"model": "video surveillance 4300e/4500e high-definition ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1876"
},
{
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0"
},
{
"model": "10.3-release-p2",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "local collector appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2.12"
},
{
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.1"
},
{
"model": "content security appliance updater servers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "10.1-release-p29",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "connected analytics for collaboration",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cognos tm1 interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.0.2"
},
{
"model": "multicast manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "10.1-release-p23",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"model": "telepresence ex series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.3.7"
},
{
"model": "mac os security update",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x2016"
},
{
"model": "10.1-release-p16",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "jazz reporting service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "50006.2.17"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.30.4-12"
},
{
"model": "webex node for mcs",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "emergency responder 10.5",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "nexus",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "900012.0"
},
{
"model": "lancope stealthwatch udp director",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.1"
},
{
"model": "unified communications manager session management edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "lancope stealthwatch flowcollector netflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.7.3"
},
{
"model": "9.3-release-p6",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "video surveillance ptz ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "virtualization experience media engine",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.7(0)"
},
{
"model": "telepresence serial gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "9.3-release-p9",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "aspera console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.3"
},
{
"model": "project openssl 1.0.2c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "rational tau",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.32"
},
{
"model": "webex meetings server 2.5mr2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "virtual security gateway for microsoft hyper-v",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "services analytic platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jabber for apple ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.7"
},
{
"model": "unified ip phone series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "79009.4(2)"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89610"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "60006.2.17"
},
{
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.2"
},
{
"model": "unified series ip conference phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"model": "video surveillance media server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.9"
},
{
"model": "unified communications manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "agent for openflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1.5"
},
{
"model": "10.2-release-p16",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "project openssl 1.0.2h",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "virtual security gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(1)"
},
{
"model": "unified attendant console enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational tau",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "buildforge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.1"
},
{
"model": "cognos insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2"
},
{
"model": "policy suite",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0"
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2"
},
{
"model": "project openssl 1.0.2b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "prime data center network manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "unified communications manager session management edition",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"model": "videoscape control suite",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "53000"
},
{
"model": "prime access registrar",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.1"
},
{
"model": "anyres live",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9.4.5"
},
{
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.3.0"
},
{
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.0"
},
{
"model": "9.3-release-p34",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0(1)"
},
{
"model": "tivoli provisioning manager for images system edition build",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "x7.1.1.20290.1"
},
{
"model": "sterling connect:express for unix ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.12150-13"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.10"
},
{
"model": "integration bus",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"model": "jabber software development kit",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.7"
},
{
"model": "unified contact center express",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5.1"
},
{
"model": "webex meetings server mr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "telepresence mx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.0.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.99.2"
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.1"
},
{
"model": "jazz reporting service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "telepresence isdn gw mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83210"
},
{
"model": "telepresence profile series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "abyp-2t-0s-2l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "visual quality experience tools server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cloud manager with openstack interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.3"
},
{
"model": "rational tau",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.33"
},
{
"model": "prime access registrar",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.2"
},
{
"model": "mysql enterprise backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.1"
},
{
"model": "nexus series switches 7.3.1dx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7000"
},
{
"model": "asa cx and cisco prime security manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9.5.4.3"
},
{
"model": "project openssl 1.0.1l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "im and presence service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3"
},
{
"model": "9.3-release-p29",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "firesight system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security virtual server protection for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1"
},
{
"model": "management appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cognos insight fp if",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.126"
},
{
"model": "aspera console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.2"
},
{
"model": "tivoli provisioning manager for images system edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x7.1.1.0"
},
{
"model": "unity connection",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.1"
},
{
"model": "cloud object store",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "anyconnect secure mobility client for os",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x4.0"
},
{
"model": "project openssl 1.0.1h",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(2.13900.9)"
},
{
"model": "ip interoperability and collaboration system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(0.98000.88)"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.1"
},
{
"model": "project openssl 1.0.1p",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "89746"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002477"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-084"
},
{
"db": "NVD",
"id": "CVE-2016-2176"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2g:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2:beta3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.0.1s",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2:beta2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-2176"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Guido Vranken",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201605-084"
}
],
"trust": 0.6
},
"cve": "CVE-2016-2176",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.4,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2016-2176",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"exploitabilityScore": 3.9,
"impactScore": 4.2,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.2,
"baseSeverity": "High",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2016-2176",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-2176",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201605-084",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2016-2176",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-2176"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002477"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-084"
},
{
"db": "NVD",
"id": "CVE-2016-2176"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The X509_NAME_oneline function in crypto/x509/x509_obj.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to obtain sensitive information from process stack memory or cause a denial of service (buffer over-read) via crafted EBCDIC ASN.1 data. OpenSSL is prone to an information-disclosure vulnerability. \nAn attacker can exploit this issue to gain access to sensitive information that may aid in further attacks. \nFollowing product versions are affected:\nOpenSSL versions 1.0.2 prior to 1.0.2h\nOpenSSL versions 1.0.1 prior to 1.0.1t. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03756en_us\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: hpesbhf03756en_us\nVersion: 1\n\nHPESBHF03756 rev.1 - HPE Network Products including Comware 7, iMC, and VCX\nrunning OpenSSL, Remote Denial of Service (DoS), Disclosure of Sensitive\nInformation\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2017-06-05\nLast Updated: 2017-06-05\n\nPotential Security Impact: Remote: Denial of Service (DoS), Disclosure of\nSensitive Information\n\nSource: Hewlett Packard Enterprise, Product Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities with OpenSSL have been addressed for HPE\nnetwork products including Comware 7, iMC, and VCX. The vulnerabilities could\nbe remotely exploited resulting in Denial of Service (DoS) or disclosure of\nsensitive information. \n\nReferences:\n\n - CVE-2016-2105 - Remote Denial of Service (DoS)\n - CVE-2016-2106 - Remote Denial of Service (DoS)\n - CVE-2016-2107 - Remote disclosure of sensitive information\n - CVE-2016-2108 - Remote Denial of Service (DoS)\n - CVE-2016-2109 - Remote Denial of Service (DoS)\n - CVE-2016-2176 - Remote Denial of Service (DoS)\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \n\n - VCX Products All versions - Please refer to the RESOLUTION below for a\nlist of updated products. \n - Comware v7 (CW7) Products All versions - Please refer to the RESOLUTION\nbelow for a list of updated products. \n - HP Intelligent Management Center (iMC) All versions - Please refer to the\nRESOLUTION below for a list of updated products. \n\nBACKGROUND\n\n CVSS Base Metrics\n =================\n Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector\n\n CVE-2016-2105\n 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\n 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n CVE-2016-2106\n 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\n 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n CVE-2016-2107\n 3.7 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N\n 2.6 (AV:N/AC:H/Au:N/C:P/I:N/A:N)\n\n CVE-2016-2108\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2016-2109\n 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\n 7.8 (AV:N/AC:L/Au:N/C:N/I:N/A:C)\n\n CVE-2016-2176\n 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L\n 6.4 (AV:N/AC:L/Au:N/C:P/I:N/A:P)\n\n Information on CVSS is documented in\n HPE Customer Notice HPSN-2008-002 here:\n\nhttps://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499\n\nRESOLUTION\n\nHPE has made the following software updates available to resolve the\nvulnerabilities in the Comware 7, iMC and VCX products running OpenSSL. \n\n**COMWARE 7 Products**\n\n + 12500 (Comware 7) - Version: R7377P02\n * HP Network Products\n - JC072B HP 12500 Main Processing Unit\n - JC085A HP A12518 Switch Chassis\n - JC086A HP A12508 Switch Chassis\n - JC652A HP 12508 DC Switch Chassis\n - JC653A HP 12518 DC Switch Chassis\n - JC654A HP 12504 AC Switch Chassis\n - JC655A HP 12504 DC Switch Chassis\n - JF430A HP A12518 Switch Chassis\n - JF430B HP 12518 Switch Chassis\n - JF430C HP 12518 AC Switch Chassis\n - JF431A HP A12508 Switch Chassis\n - JF431B HP 12508 Switch Chassis\n - JF431C HP 12508 AC Switch Chassis\n - JG497A HP 12500 MPU w/Comware V7 OS\n - JG782A HP FF 12508E AC Switch Chassis\n - JG783A HP FF 12508E DC Switch Chassis\n - JG784A HP FF 12518E AC Switch Chassis\n - JG785A HP FF 12518E DC Switch Chassis\n - JG802A HP FF 12500E MPU\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 10500 (Comware 7) - Version: R7184\n * HP Network Products\n - JC611A HP 10508-V Switch Chassis\n - JC612A HP 10508 Switch Chassis\n - JC613A HP 10504 Switch Chassis\n - JC748A HP 10512 Switch Chassis\n - JG608A HP FlexFabric 11908-V Switch Chassis\n - JG609A HP FlexFabric 11900 Main Processing Unit\n - JG820A HP 10504 TAA Switch Chassis\n - JG821A HP 10508 TAA Switch Chassis\n - JG822A HP 10508-V TAA Switch Chassis\n - JG823A HP 10512 TAA Switch Chassis\n - JG496A HP 10500 Type A MPU w/Comware v7 OS\n - JH198A HP 10500 Type D Main Processing Unit with Comware v7 Operating\nSystem\n - JH206A HP 10500 Type D TAA-compliant with Comware v7 Operating System\nMain Processing Unit\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 5900/5920 (Comware 7) - Version: R2422P02\n * HP Network Products\n - JC772A HP 5900AF-48XG-4QSFP+ Switch\n - JG296A HP 5920AF-24XG Switch\n - JG336A HP 5900AF-48XGT-4QSFP+ Switch\n - JG510A HP 5900AF-48G-4XG-2QSFP+ Switch\n - JG554A HP 5900AF-48XG-4QSFP+ TAA Switch\n - JG555A HP 5920AF-24XG TAA Switch\n - JG838A HP FF 5900CP-48XG-4QSFP+ Switch\n - JH036A HP FlexFabric 5900CP 48XG 4QSFP+ TAA-Compliant\n - JH037A HP 5900AF 48XGT 4QSFP+ TAA-Compliant Switch\n - JH038A HP 5900AF 48G 4XG 2QSFP+ TAA-Compliant\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + MSR1000 (Comware 7) - Version: R0306P52\n * HP Network Products\n - JG875A HP MSR1002-4 AC Router\n - JH060A HP MSR1003-8S AC Router\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + MSR2000 (Comware 7) - Version: R0306P52\n * HP Network Products\n - JG411A HP MSR2003 AC Router\n - JG734A HP MSR2004-24 AC Router\n - JG735A HP MSR2004-48 Router\n - JG866A HP MSR2003 TAA-compliant AC Router\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + MSR3000 (Comware 7) - Version: R0306P52\n * HP Network Products\n - JG404A HP MSR3064 Router\n - JG405A HP MSR3044 Router\n - JG406A HP MSR3024 AC Router\n - JG407A HP MSR3024 DC Router\n - JG408A HP MSR3024 PoE Router\n - JG409A HP MSR3012 AC Router\n - JG410A HP MSR3012 DC Router\n - JG861A HP MSR3024 TAA-compliant AC Router\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + MSR4000 (Comware 7) - Version: R0306P52\n * HP Network Products\n - JG402A HP MSR4080 Router Chassis\n - JG403A HP MSR4060 Router Chassis\n - JG412A HP MSR4000 MPU-100 Main Processing Unit\n - JG869A HP MSR4000 TAA-compliant MPU-100 Main Processing Unit\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + VSR (Comware 7) - Version: E0324\n * HP Network Products\n - JG810AAE HP VSR1001 Virtual Services Router 60 Day Evaluation\nSoftware\n - JG811AAE HP VSR1001 Comware 7 Virtual Services Router\n - JG812AAE HP VSR1004 Comware 7 Virtual Services Router\n - JG813AAE HP VSR1008 Comware 7 Virtual Services Router\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 7900 (Comware 7) - Version: R2152\n * HP Network Products\n - JG682A HP FlexFabric 7904 Switch Chassis\n - JG841A HP FlexFabric 7910 Switch Chassis\n - JG842A HP FlexFabric 7910 7.2Tbps Fabric / Main Processing Unit\n - JH001A HP FlexFabric 7910 2.4Tbps Fabric / Main Processing Unit\n - JH122A HP FlexFabric 7904 TAA-compliant Switch Chassis\n - JH123A HP FlexFabric 7910 TAA-compliant Switch Chassis\n - JH124A HP FlexFabric 7910 7.2Tbps TAA-compliant Fabric/Main\nProcessing Unit\n - JH125A HP FlexFabric 7910 2.4Tbps TAA-compliant Fabric/Main\nProcessing Unit\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 5130 (Comware 7) - Version: R3115\n * HP Network Products\n - JG932A HP 5130-24G-4SFP+ EI Switch\n - JG933A HP 5130-24G-SFP-4SFP+ EI Switch\n - JG934A HP 5130-48G-4SFP+ EI Switch\n - JG936A HP 5130-24G-PoE+-4SFP+ (370W) EI Switch\n - JG937A HP 5130-48G-PoE+-4SFP+ (370W) EI Switch\n - JG938A HP 5130-24G-2SFP+-2XGT EI Switch\n - JG939A HP 5130-48G-2SFP+-2XGT EI Switch\n - JG940A HP 5130-24G-PoE+-2SFP+-2XGT (370W) EI Switch\n - JG941A HP 5130-48G-PoE+-2SFP+-2XGT (370W) EI Switch\n - JG975A HP 5130-24G-4SFP+ EI Brazil Switch\n - JG976A HP 5130-48G-4SFP+ EI Brazil Switch\n - JG977A HP 5130-24G-PoE+-4SFP+ (370W) EI Brazil Switch\n - JG978A HP 5130-48G-PoE+-4SFP+ (370W) EI Brazil Switch\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 6125XLG - Version: R2422P02\n * HP Network Products\n - 711307-B21 HP 6125XLG Blade Switch\n - 737230-B21 HP 6125XLG Blade Switch with TAA\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 6127XLG - Version: R2422P02\n * HP Network Products\n - 787635-B21 HP 6127XLG Blade Switch Opt Kit\n - 787635-B22 HP 6127XLG Blade Switch with TAA\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + Moonshot - Version: R2432\n * HP Network Products\n - 786617-B21 - HP Moonshot-45Gc Switch Module\n - 704654-B21 - HP Moonshot-45XGc Switch Module\n - 786619-B21 - HP Moonshot-180XGc Switch Module\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 5700 (Comware 7) - Version: R2422P02\n * HP Network Products\n - JG894A HP FlexFabric 5700-48G-4XG-2QSFP+ Switch\n - JG895A HP FlexFabric 5700-48G-4XG-2QSFP+ TAA-compliant Switch\n - JG896A HP FlexFabric 5700-40XG-2QSFP+ Switch\n - JG897A HP FlexFabric 5700-40XG-2QSFP+ TAA-compliant Switch\n - JG898A HP FlexFabric 5700-32XGT-8XG-2QSFP+ Switch\n - JG899A HP FlexFabric 5700-32XGT-8XG-2QSFP+ TAA-compliant Switch\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 5930 (Comware 7) - Version: R2422P02\n * HP Network Products\n - JG726A HP FlexFabric 5930 32QSFP+ Switch\n - JG727A HP FlexFabric 5930 32QSFP+ TAA-compliant Switch\n - JH178A HP FlexFabric 5930 2QSFP+ 2-slot Switch\n - JH179A HP FlexFabric 5930 4-slot Switch\n - JH187A HP FlexFabric 5930 2QSFP+ 2-slot TAA-compliant Switch\n - JH188A HP FlexFabric 5930 4-slot TAA-compliant Switch\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 1950 (Comware 7) - Version: R3115\n * HP Network Products\n - JG960A HP 1950-24G-4XG Switch\n - JG961A HP 1950-48G-2SFP+-2XGT Switch\n - JG962A HP 1950-24G-2SFP+-2XGT-PoE+(370W) Switch\n - JG963A HP 1950-48G-2SFP+-2XGT-PoE+(370W) Switch\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 7500 (Comware 7) - Version: R7184\n * HP Network Products\n - JD238C HP 7510 Switch Chassis\n - JD239C HP 7506 Switch Chassis\n - JD240C HP 7503 Switch Chassis\n - JD242C HP 7502 Switch Chassis\n - JH207A HP 7500 1.2Tbps Fabric with 2-port 40GbE QSFP+ for IRF-Only\nMain Processing Unit\n - JH208A HP 7502 Main Processing Unit\n - JH209A HP 7500 2.4Tbps Fabric with 8-port 1/10GbE SFP+ and 2-port\n40GbE QSFP+ Main Processing Unit\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 5510HI (Comware 7) - Version: R1120P10\n * HP Network Products\n - JH145A HPE 5510 24G 4SFP+ HI 1-slot Switch\n - JH146A HPE 5510 48G 4SFP+ HI 1-slot Switch\n - JH147A HPE 5510 24G PoE+ 4SFP+ HI 1-slot Switch\n - JH148A HPE 5510 48G PoE+ 4SFP+ HI 1-slot Switch\n - JH149A HPE 5510 24G SFP 4SFP+ HI 1-slot Switch\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 5130HI (Comware 7) - Version: R1120P10\n * HP Network Products\n - JH323A HPE 5130 24G 4SFP+ 1-slot HI Switch\n - JH324A HPE 5130 48G 4SFP+ 1-slot HI Switch\n - JH325A HPE 5130 24G PoE+ 4SFP+ 1-slot HI Switch\n - JH326A HPE 5130 48G PoE+ 4SFP+ 1-slot HI Switch\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 5940 - Version: R2509\n * HP Network Products\n - JH390A HPE FlexFabric 5940 48SFP+ 6QSFP28 Switch\n - JH391A HPE FlexFabric 5940 48XGT 6QSFP28 Switch\n - JH394A HPE FlexFabric 5940 48XGT 6QSFP+ Switch\n - JH395A HPE FlexFabric 5940 48SFP+ 6QSFP+ Switch\n - JH396A HPE FlexFabric 5940 32QSFP+ Switch\n - JH397A HPE FlexFabric 5940 2-slot Switch\n - JH398A HPE FlexFabric 5940 4-slot Switch\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 5950 - Version: R6123\n * HP Network Products\n - JH321A HPE FlexFabric 5950 32QSFP28 Switch\n - JH402A HPE FlexFabric 5950 48SFP28 8QSFP28 Switch\n - JH404A HPE FlexFabric 5950 4-slot Switch\n + 12900E (Comware 7) - Version: R2609\n * HP Network Products\n - JG619A HP FlexFabric 12910 Switch AC Chassis\n - JG621A HP FlexFabric 12910 Main Processing Unit\n - JG632A HP FlexFabric 12916 Switch AC Chassis\n - JG634A HP FlexFabric 12916 Main Processing Unit\n - JH104A HP FlexFabric 12900E Main Processing Unit\n - JH114A HP FlexFabric 12910 TAA-compliant Main Processing Unit\n - JH263A HP FlexFabric 12904E Main Processing Unit\n - JH255A HP FlexFabric 12908E Switch Chassis\n - JH262A HP FlexFabric 12904E Switch Chassis\n - JH113A HP FlexFabric 12910 TAA-compliant Switch AC Chassis\n - JH103A HP FlexFabric 12916E Switch Chassis\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n\n\n**iMC Products**\n\n + iNode PC 7.2 (E0410) - Version: 7.2 E0410\n * HP Network Products\n - JD144A HP A-IMC User Access Management Software Module with 200-user\nLicense\n - JD147A HP IMC Endpoint Admission Defense Software Module with\n200-user License\n - JD435A HP A-IMC Endpoint Admission Defense Client Software\n - JF388A HP IMC User Authentication Management Software Module with\n200-user License\n - JF388AAE HP IMC User Authentication Management Software Module with\n200-user E-LTU\n - JF391A HP IMC Endpoint Admission Defense Software Module with\n200-user License\n - JF391AAE HP IMC Endpoint Admission Defense Software Module with\n200-user E-LTU\n - JG752AAE HP IMC User Access Manager Software Module with 50-user\nE-LTU\n - JG754AAE) HP IMC Endpoint Admission Defense Software Module with\n50-user E-LTU\n * CVEs\n - CVE-2016-2106\n - CVE-2016-2109\n - CVE-2016-2176\n + iMC UAM_TAM 7.2-E0409 - Version: 7.2 E0409\n * HP Network Products\n - JF388A HP IMC UAM S/W MODULE W/200-USER LICENSE\n - JF388AAE HP IMC UAM S/W MODULE W/200-USER E-LTU\n - JG752AAE HP IMC UAM SW MOD W/ 50-USER E-LTU\n - JG483A HP IMC TAM S/W MODULE W/100-NODE LIC\n - JG483AAE HP IMC TAM S/W MODULE W/100-NODE E-LTU\n - JG764AAE HP IMC TAM SW MOD W/ 50-NODE E-LTU\n * CVEs\n - CVE-2016-2106\n - CVE-2016-2109\n - CVE-2016-2176\n\n\n**VCX Products**\n\n + VCX - Version: 9.8.19\n * HP Network Products\n - J9672A HP VCX V7205 Platform w/ DL360 G7 Srvr\n - J9668A HP VCX IPC V7005 Pltfrm w/ DL120 G6 Srvr\n - JC517A HP VCX V7205 Platform w/DL 360 G6 Server\n - JE355A HP VCX V6000 Branch Platform 9.0\n - JC516A HP VCX V7005 Platform w/DL 120 G6 Server\n - JC518A HP VCX Connect 200 Primry 120 G6 Server\n - J9669A HP VCX IPC V7310 Pltfrm w/ DL360 G7 Srvr\n - JE341A HP VCX Connect 100 Secondary\n - JE252A HP VCX Connect Primary MIM Module\n - JE253A HP VCX Connect Secondary MIM Module\n - JE254A HP VCX Branch MIM Module\n - JE355A HP VCX V6000 Branch Platform 9.0\n - JD028A HP MS30-40 RTR w/VCX + T1/FXO/FXS/Mod\n - JD023A HP MSR30-40 Router with VCX MIM Module\n - JD024A HP MSR30-16 RTR w/VCX Ent Br Com MIM\n - JD025A HP MSR30-16 RTR w/VCX + 4FXO/2FXS Mod\n - JD026A HP MSR30-16 RTR w/VCX + 8FXO/4FXS Mod\n - JD027A HP MSR30-16 RTR w/VCX + 8BRI/4FXS Mod\n - JD029A HP MSR30-16 RTR w/VCX + E1/4BRI/4FXS\n - JE340A HP VCX Connect 100 Pri Server 9.0\n - JE342A HP VCX Connect 100 Sec Server 9.0\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n\n**Note:** Please contact HPE Technical Support if any assistance is needed\nacquiring the software updates. \n\nHISTORY\nVersion:1 (rev.1) - 2 June 2017 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running Hewlett Packard Enterprise (HPE) software\nproducts should be applied in accordance with the customer\u0027s patch management\npolicy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HPE Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hpe.com. \n\nReport: To report a potential security vulnerability for any HPE supported\nproduct:\n Web form: https://www.hpe.com/info/report-security-vulnerability\n Email: security-alert@hpe.com\n\nSubscribe: To initiate a subscription to receive future HPE Security Bulletin\nalerts via Email: http://www.hpe.com/support/Subscriber_Choice\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here: http://www.hpe.com/support/Security_Bulletin_Archive\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HPE General Software\nHF = HPE Hardware and Firmware\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPV = ProCurve\nST = Storage Software\nUX = HP-UX\n\nCopyright 2016 Hewlett Packard Enterprise\n\nHewlett Packard Enterprise shall not be liable for technical or editorial\nerrors or omissions contained herein. The information provided is provided\n\"as is\" without warranty of any kind. To the extent permitted by law, neither\nHP or its affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. Hewlett\nPackard Enterprise and the names of Hewlett Packard Enterprise products\nreferenced herein are trademarks of Hewlett Packard Enterprise in the United\nStates and other countries. Other product and company names mentioned herein\nmay be trademarks of their respective owners. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQEcBAEBCAAGBQJZNbF9AAoJELXhAxt7SZaiCmsH/373hRDLNeYxIUxMYvltF6m4\nB8gU5WH4mos1K7St+PHPsGdDNop/MxjtLHFEyDkweGUIycA3saZzvf5v8T5BfY3Y\nssa38vZUde1mC8RfIUKAcwo0xLqniZ5BU1fpG3bs+8qVafA7gr0i7mMvK+1M19cv\ndTkbirrP7fQ+2HGNpV3fQlvN3nz0KWI8OWBfFyWtWnYvt1rrzPJyWk08iMsFWUwC\ngYzNV38AzPPHcB7UeTnbOegL+nC3kM3VkDzhhs2pL15/ZRSlAv6I1tgcuA6YRVhQ\nwMFX9+LdSuLtDA2idUGgRhTe7lyNApUN0LRJ3nPzIcYXTlRYg3m5fkfmu1Q5KdM=\n=xlHZ\n-----END PGP SIGNATURE-----\n. \n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201612-16\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: OpenSSL: Multiple vulnerabilities\n Date: December 07, 2016\n Bugs: #581234, #585142, #585276, #591454, #592068, #592074,\n #592082, #594500, #595186\n ID: 201612-16\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in OpenSSL, the worst of which\nallows attackers to conduct a time based side-channel attack. \n\nBackground\n==========\n\nOpenSSL is an Open Source toolkit implementing the Secure Sockets Layer\n(SSL v2/v3) and Transport Layer Security (TLS v1) as well as a general\npurpose cryptography library. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 dev-libs/openssl \u003c 1.0.2j \u003e= 1.0.2j\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in OpenSSL. Please review\nthe CVE identifiers and the International Association for Cryptologic\nResearch\u0027s (IACR) paper, \"Make Sure DSA Signing Exponentiations Really\nare Constant-Time\" for further details. Additionally, a time based side-channel\nattack may allow a local attacker to recover a private DSA key. \n\nResolution\n==========\n\nAll OpenSSL users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-1.0.2j\"\n\nReferences\n==========\n\n[ 1 ] CVE-2016-2105\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2105\n[ 2 ] CVE-2016-2106\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2106\n[ 3 ] CVE-2016-2107\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2107\n[ 4 ] CVE-2016-2108\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2108\n[ 5 ] CVE-2016-2109\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2109\n[ 6 ] CVE-2016-2176\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2176\n[ 7 ] CVE-2016-2177\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2177\n[ 8 ] CVE-2016-2178\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2178\n[ 9 ] CVE-2016-2180\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2180\n[ 10 ] CVE-2016-2183\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2183\n[ 11 ] CVE-2016-6304\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6304\n[ 12 ] CVE-2016-6305\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6305\n[ 13 ] CVE-2016-6306\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6306\n[ 14 ] CVE-2016-7052\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7052\n[ 15 ] Make Sure DSA Signing Exponentiations Really are Constant-Time\n http://eprint.iacr.org/2016/594.pdf\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201612-16\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. \n\nLicense\n=======\n\nCopyright 2016 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3566-1 security@debian.org\nhttps://www.debian.org/security/ Alessandro Ghedini\nMay 03, 2016 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : openssl\nCVE ID : CVE-2016-2105 CVE-2016-2106 CVE-2016-2107 CVE-2016-2108 \n CVE-2016-2109 CVE-2016-2176\n\nSeveral vulnerabilities were discovered in OpenSSL, a Secure Socket Layer\ntoolkit. This could lead to a heap corruption. \n This could lead to a heap corruption. \n\nCVE-2016-2107\n\n Juraj Somorovsky discovered a padding oracle in the AES CBC cipher\n implementation based on the AES-NI instruction set. This could allow\n an attacker to decrypt TLS traffic encrypted with one of the cipher\n suites based on AES CBC. \n\nCVE-2016-2108\n\n David Benjamin from Google discovered that two separate bugs in the\n ASN.1 encoder, related to handling of negative zero integer values\n and large universal tags, could lead to an out-of-bounds write. \n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.0.2h-1. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\nAPPLE-SA-2016-07-18-1 OS X El Capitan v10.11.6 and Security Update\n2016-004\n\nOS X El Capitan v10.11.6 and Security Update 2016-004 is now\navailable and addresses the following:\n\napache_mod_php\nAvailable for: \nOS X Yosemite v10.10.5 and OS X El Capitan v10.11 and later\nImpact: A remote attacker may be able to execute arbitrary code\nDescription: Multiple issues existed in PHP versions prior to\n5.5.36. These were addressed by updating PHP to version 5.5.36. \nCVE-2016-4650\n\nAudio\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed through\nimproved memory handling. \nCVE-2016-4647 : Juwei Lin (@fuzzerDOTcn) of Trend Micro\n\nAudio\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to determine kernel memory layout\nDescription: An out-of-bounds read was addressed through improved\ninput validation. \nCVE-2016-4648 : Juwei Lin(@fuzzerDOTcn) of Trend Micro\n\nAudio\nAvailable for: OS X El Capitan v10.11 and later\nImpact: Parsing a maliciously crafted audio file may lead to the\ndisclosure of user information\nDescription: An out-of-bounds read was addressed through improved\nbounds checking. \nCVE-2016-4646 : Steven Seeley of Source Incite working with Trend\nMicro\u0027s Zero Day Initiative\n\nAudio\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to cause a system denial of service\nDescription: A null pointer dereference was addressed through\nimproved input validation. \nCVE-2016-4649 : Juwei Lin(@fuzzerDOTcn) of Trend Micro\n\nbsdiff\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local attacker may be able to cause unexpected application\ntermination or arbitrary code execution\nDescription: An integer overflow existed in bspatch. This issue was\naddressed through improved bounds checking. \nCVE-2014-9862 : an anonymous researcher\n\nCFNetwork\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to view sensitive user information\nDescription: A permissions issue existed in the handling of web\nbrowser cookies. This issue was addressed through improved\nrestrictions. \nCVE-2016-4645 : Abhinav Bansal of Zscaler Inc. \n\nCoreGraphics\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nand OS X El Capitan v10.11 and later\nImpact: A remote attacker may be able to execute arbitrary code\nDescription: A memory corruption issue was addressed through\nimproved memory handling. \nCVE-2016-4637 : Tyler Bohan of Cisco Talos (talosintel.com\n/vulnerability-reports)\n\nCoreGraphics\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to elevate privileges\nDescription: An out-of-bounds read issue existed that led to the\ndisclosure of kernel memory. This was addressed through improved\ninput validation. \nCVE-2016-4652 : Yubin Fu of Tencent KeenLab working with Trend\nMicro\u0027s Zero Day Initiative\n\nFaceTime\nAvailable for: OS X El Capitan v10.11 and later\nImpact: An attacker in a privileged network position may be able to\ncause a relayed call to continue transmitting audio while appearing\nas if the call terminated\nDescription: User interface inconsistencies existed in the handling\nof relayed calls. These issues were addressed through improved\nFaceTime display logic. \nCVE-2016-4635 : Martin Vigo\n\nGraphics Drivers\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed through\nimproved input validation. \nCVE-2016-4634 : Stefan Esser of SektionEins\n\nImageIO\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A remote attacker may be able to cause a denial of service\nDescription: A memory consumption issue was addressed through\nimproved memory handling. \nCVE-2016-4632 : Evgeny Sidorov of Yandex\n\nImageIO\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A remote attacker may be able to execute arbitrary code\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-4631 : Tyler Bohan of Cisco Talos (talosintel.com\n/vulnerability-reports)\n\nImageIO\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nand OS X El Capitan v10.11 and later\nImpact: A remote attacker may be able to execute arbitrary code\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-4629 : Tyler Bohan of Cisco Talos (talosintel.com\n/vulnerability-reports)\nCVE-2016-4630 : Tyler Bohan of Cisco Talos (talosintel.com\n/vulnerability-reports)\n\nIntel Graphics Driver\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A malicious application may be able to execute arbitrary\ncode with kernel privileges\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-4633 : an anonymous researcher\n\nIOHIDFamily\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: A null pointer dereference was addressed through\nimproved input validation. \nCVE-2016-4626 : Stefan Esser of SektionEins\n\nIOSurface\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: A use-after-free was addressed through improved memory\nmanagement. \nCVE-2016-4625 : Ian Beer of Google Project Zero\n\nKernel\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-1863 : Ian Beer of Google Project Zero\nCVE-2016-1864 : Ju Zhu of Trend Micro\nCVE-2016-4582 : Shrek_wzw and Proteas of Qihoo 360 Nirvan Team\n\nKernel\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to cause a system denial of service\nDescription: A null pointer dereference was addressed through\nimproved input validation. \nCVE-2016-1865 : CESG, Marco Grassi (@marcograss) of KeenLab\n(@keen_lab), Tencent\n\nlibc++abi\nAvailable for: OS X El Capitan v10.11 and later\nImpact: An application may be able to execute arbitrary code with\nroot privileges\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-4621 : an anonymous researcher\n\nlibexpat\nAvailable for: OS X El Capitan v10.11 and later\nImpact: Processing maliciously crafted XML may lead to unexpected\napplication termination or arbitrary code execution\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-0718 : Gustavo Grieco\n\nLibreSSL\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A remote attacker may be able to execute arbitrary code\nDescription: Multiple issues existed in LibreSSL before 2.2.7. These\nwere addressed by updating LibreSSL to version 2.2.7. \nCVE-2016-2108 : Huzaifa Sidhpurwala (Red Hat), Hanno Boeck, David Benjamin (Google) Mark Brand,\nIan Beer of Google Project Zero\nCVE-2016-2109 : Brian Carpenter\n\nlibxml2\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nand OS X El Capitan v10.11 and later\nImpact: Parsing a maliciously crafted XML document may lead to\ndisclosure of user information\nDescription: An access issue existed in the parsing of maliciously\ncrafted XML files. This issue was addressed through improved input\nvalidation. \nCVE-2016-4449 : Kostya Serebryany\n\nlibxml2\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nand OS X El Capitan v10.11 and later\nImpact: Multiple vulnerabilities in libxml2\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-1836 : Wei Lei and Liu Yang of Nanyang Technological\nUniversity\nCVE-2016-4447 : Wei Lei and Liu Yang of Nanyang Technological\nUniversity\nCVE-2016-4448 : Apple\nCVE-2016-4483 : Gustavo Grieco\nCVE-2016-4614 : Nick Wellnhofe\nCVE-2016-4615 : Nick Wellnhofer\nCVE-2016-4616 : Michael Paddon\nCVE-2016-4619 : Hanno Boeck\n\nlibxslt\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nand OS X El Capitan v10.11 and later\nImpact: Multiple vulnerabilities in libxslt\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-1684 : Nicolas GrA(c)goire\nCVE-2016-4607 : Nick Wellnhofer\nCVE-2016-4608 : Nicolas GrA(c)goire\nCVE-2016-4609 : Nick Wellnhofer\nCVE-2016-4610 : Nick Wellnhofer\nCVE-2016-4612 : Nicolas GrA(c)goire\n\nLogin Window\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A malicious application may be able to execute arbitrary\ncode leading to compromise of user information\nDescription: A memory corruption issue was addressed through\nimproved input validation. \nCVE-2016-4640 : Yubin Fu of Tencent KeenLab working with Trend\nMicro\u0027s Zero Day Initiative\n\nLogin Window\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A malicious application may be able to execute arbitrary\ncode leading to the compromise of user information\nDescription: A type confusion issue was addressed through improved\nmemory handling. \nCVE-2016-4641 : Yubin Fu of Tencent KeenLab working with Trend\nMicro\u0027s Zero Day Initiative\n\nLogin Window\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to cause a denial of service\nDescription: A memory initialization issue was addressed through\nimproved memory handling. \nCVE-2016-4639 : Yubin Fu of Tencent KeenLab working with Trend\nMicro\u0027s Zero Day Initiative\n\nLogin Window\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A malicious application may be able to gain root privileges\nDescription: A type confusion issue was addressed through improved\nmemory handling. \nCVE-2016-4638 : Yubin Fu of Tencent KeenLab working with Trend\nMicro\u0027s Zero Day Initiative\n\nOpenSSL\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A remote attacker may be able to execute arbitrary code\nDescription: Multiple issues existed in OpenSSL. \nCVE-2016-2105 : Guido Vranken\nCVE-2016-2106 : Guido Vranken\nCVE-2016-2107 : Juraj Somorovsky\nCVE-2016-2108 : Huzaifa Sidhpurwala (Red Hat), Hanno Boeck, David Benjamin (Google), Mark Brand and Ian Beer of Google Project Zero\nCVE-2016-2109 : Brian Carpenter\nCVE-2016-2176 : Guido Vranken\n\nQuickTime\nAvailable for: OS X El Capitan v10.11 and later\nImpact: Processing a maliciously crafted FlashPix Bitmap Image may\nlead to unexpected application termination or arbitrary code\nexecution\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-4596 : Ke Liu of Tencent\u0027s Xuanwu Lab\nCVE-2016-4597 : Ke Liu of Tencent\u0027s Xuanwu Lab\nCVE-2016-4600 : Ke Liu of Tencent\u0027s Xuanwu Lab\nCVE-2016-4602 : Ke Liu of Tencent\u0027s Xuanwu Lab\n\nQuickTime\nAvailable for: OS X El Capitan v10.11 and later\nImpact: Processing a maliciously crafted image may lead to arbitrary\ncode execution\nDescription: A memory corruption issue was addressed through\nimproved input validation. \nCVE-2016-4598 : Ke Liu of Tencent\u0027s Xuanwu Lab\n\nQuickTime\nAvailable for: OS X El Capitan v10.11 and later\nImpact: Processing a maliciously crafted SGI file may lead to\narbitrary code execution\nDescription: A memory corruption issue was addressed through\nimproved input validation. \nCVE-2016-4601 : Ke Liu of Tencent\u0027s Xuanwu Lab\n\nQuickTime\nAvailable for: OS X El Capitan v10.11 and later\nImpact: Processing a maliciously crafted Photoshop document may lead\nto unexpected application termination or arbitrary code execution\nDescription: A memory corruption issue was addressed through\nimproved input validation. \nCVE-2016-4599 : Ke Liu of Tencent\u0027s Xuanwu Lab\n\nSafari Login AutoFill\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A user\u0027s password may be visible on screen\nDescription: An issue existed in Safari\u0027s password auto-fill. This\nissue was addressed through improved matching of form fields. \nCVE-2016-4595 : Jonathan Lewis from DeARX Services (PTY) LTD\n\nSandbox Profiles\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local application may be able to access the process list\nDescription: An access issue existed with privileged API calls. This\nissue was addressed through additional restrictions. \nCVE-2016-4594 : Stefan Esser of SektionEins\n\nNote: OS X El Capitan 10.11.6 includes the security content of Safari\n9.1.2. For further details see https://support.apple.com/kb/HT206900\n\n\nOS X El Capitan v10.11.6 and Security Update 2016-004 may be obtained\nfrom the Mac App Store or Apple\u0027s Software Downloads web site:\nhttp://www.apple.com/support/downloads/\n\nInformation will also be posted to the Apple Security Updates\nweb site: http://support.apple.com/kb/HT201222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n-----BEGIN PGP SIGNATURE-----\nComment: GPGTools - https://gpgtools.org\n\niQIcBAEBCgAGBQJXjXAvAAoJEIOj74w0bLRG/5EP/2v9SJTrO+/4b3A1gqC1ch8y\n+cJ04tXRsO7rvjKT5nCylo30U0Sanz/bUbDx4559YS7/P/IyeyZVheaTJwK8wzEy\npSOPpy35hUuVIw0/p4YsuHDThSBPFMmDljTxH7elkfuBV1lPSrCkyDXc0re2HxWV\nxj68zAxtM0jkkhgcxb2ApZSZVXhrjUZtbY0xEVOoWKKFwbMvKfx+4xSqunwQeS1u\nwevs1EbxfvsZbc3pG+xYcOonbegBzOy9aCvNO1Yv1zG+AYXC5ERMq1vk3PsWOTQN\nZVY1I7mvCaEfvmjq2isRw8XYapAIKISDLwMKBSYrZDQFwPQLRi1VXxQZ67Kq1M3k\nah04/lr0RIcoosIcBqxD2+1UAFjUzEUNFkYivjhuaeegN2QdL7Ujegf1QjdAt8lk\nmmKduxYUDOaRX50Kw7n14ZveJqzE1D5I6QSItaZ9M1vR60a7u91DSj9D87vbt1YC\nJM/Rvf/4vonp1NjwA2JQwCiZfYliBDdn9iiCl8mzxdsSRD/wXcZCs05nnKmKsCfc\n55ET7IwdG3622lVheOJGQZuucwJiTn36zC11XVzZysQd/hLD5rUKUQNX1WOgZdzs\nxPsslXF5MWx9jcdyWVSWxDrN0sFk+GpQFQDuVozP60xuxqR3qQ0TXir2NP39uIF5\nYozOGPQFmX0OviWCQsX6\n=ng+m\n-----END PGP SIGNATURE-----\n. The bug\ncausing the vulnerability was fixed on April 18th 2015, and released\nas part of the June 11th 2015 security releases. The security impact\nof the bug was not known at the time. \n\nIn previous versions of OpenSSL, ASN.1 encoding the value zero\nrepresented as a negative integer can cause a buffer underflow\nwith an out-of-bounds write in i2c_ASN1_INTEGER. The ASN.1 parser does\nnot normally create \"negative zeroes\" when parsing ASN.1 input, and\ntherefore, an attacker cannot trigger this bug. \n\nHowever, a second, independent bug revealed that the ASN.1 parser\n(specifically, d2i_ASN1_TYPE) can misinterpret a large universal tag\nas a negative zero value. Large universal tags are not present in any\ncommon ASN.1 structures (such as X509) but are accepted as part of ANY\nstructures. \n\nTherefore, if an application deserializes untrusted ASN.1 structures\ncontaining an ANY field, and later reserializes them, an attacker may\nbe able to trigger an out-of-bounds write. This has been shown to\ncause memory corruption that is potentially exploitable with some\nmalloc implementations. \n\nApplications that parse and re-encode X509 certificates are known to\nbe vulnerable. Applications that verify RSA signatures on X509\ncertificates may also be vulnerable; however, only certificates with\nvalid signatures trigger ASN.1 re-encoding and hence the\nbug. Specifically, since OpenSSL\u0027s default TLS X509 chain verification\ncode verifies the certificate chain from root to leaf, TLS handshakes\ncould only be targeted with valid certificates issued by trusted\nCertification Authorities. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2c\nOpenSSL 1.0.1 users should upgrade to 1.0.1o\n\nThis vulnerability is a combination of two bugs, neither of which\nindividually has security impact. The first bug (mishandling of\nnegative zero integers) was reported to OpenSSL by Huzaifa Sidhpurwala\n(Red Hat) and independently by Hanno B\u00f6ck in April 2015. The second\nissue (mishandling of large universal tags) was found using libFuzzer,\nand reported on the public issue tracker on March 1st 2016. The fact\nthat these two issues combined present a security vulnerability was\nreported by David Benjamin (Google) on March 31st 2016. The fixes were\ndeveloped by Steve Henson of the OpenSSL development team, and David\nBenjamin. The OpenSSL team would also like to thank Mark Brand and\nIan Beer from the Google Project Zero team for their careful analysis\nof the impact. \n\nThe fix for the \"negative zero\" memory corruption bug can be\nidentified by commits\n\n3661bb4e7934668bd99ca777ea8b30eedfafa871 (1.0.2)\nand\n32d3b0f52f77ce86d53f38685336668d47c5bdfe (1.0.1)\n\nPadding oracle in AES-NI CBC MAC check (CVE-2016-2107)\n======================================================\n\nSeverity: High\n\nA MITM attacker can use a padding oracle attack to decrypt traffic\nwhen the connection uses an AES CBC cipher and the server support\nAES-NI. \n\nThis issue was introduced as part of the fix for Lucky 13 padding\nattack (CVE-2013-0169). The padding check was rewritten to be in\nconstant time by making sure that always the same bytes are read and\ncompared against either the MAC or padding bytes. But it no longer\nchecked that there was enough data to have both the MAC and padding\nbytes. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2h\nOpenSSL 1.0.1 users should upgrade to 1.0.1t\n\nThis issue was reported to OpenSSL on 13th of April 2016 by Juraj\nSomorovsky using TLS-Attacker. The fix was developed by Kurt Roeckx\nof the OpenSSL development team. \n\nEVP_EncodeUpdate overflow (CVE-2016-2105)\n=========================================\n\nSeverity: Low\n\nAn overflow can occur in the EVP_EncodeUpdate() function which is used for\nBase64 encoding of binary data. If an attacker is able to supply very large\namounts of input data then a length check can overflow resulting in a heap\ncorruption. \n\nInternally to OpenSSL the EVP_EncodeUpdate() function is primarly used by the\nPEM_write_bio* family of functions. These are mainly used within the OpenSSL\ncommand line applications. These internal uses are not considered vulnerable\nbecause all calls are bounded with length checks so no overflow is possible. \nUser applications that call these APIs directly with large amounts of untrusted\ndata may be vulnerable. (Note: Initial analysis suggested that the\nPEM_write_bio* were vulnerable, and this is reflected in the patch commit\nmessage. This is no longer believed to be the case). \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2h\nOpenSSL 1.0.1 users should upgrade to 1.0.1t\n\nThis issue was reported to OpenSSL on 3rd March 2016 by Guido Vranken. The\nfix was developed by Matt Caswell of the OpenSSL development team. \n\nEVP_EncryptUpdate overflow (CVE-2016-2106)\n==========================================\n\nSeverity: Low\n\nAn overflow can occur in the EVP_EncryptUpdate() function. If an attacker is\nable to supply very large amounts of input data after a previous call to\nEVP_EncryptUpdate() with a partial block then a length check can overflow\nresulting in a heap corruption. Following an analysis of all OpenSSL internal\nusage of the EVP_EncryptUpdate() function all usage is one of two forms. \nThe first form is where the EVP_EncryptUpdate() call is known to be the first\ncalled function after an EVP_EncryptInit(), and therefore that specific call\nmust be safe. The second form is where the length passed to EVP_EncryptUpdate()\ncan be seen from the code to be some small value and therefore there is no\npossibility of an overflow. Since all instances are one of these two forms, it\nis believed that there can be no overflows in internal code due to this problem. \nIt should be noted that EVP_DecryptUpdate() can call EVP_EncryptUpdate() in\ncertain code paths. Also EVP_CipherUpdate() is a synonym for\nEVP_EncryptUpdate(). All instances of these calls have also been analysed too\nand it is believed there are no instances in internal usage where an overflow\ncould occur. \n\nThis could still represent a security issue for end user code that calls this\nfunction directly. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2h\nOpenSSL 1.0.1 users should upgrade to 1.0.1t\n\nThis issue was reported to OpenSSL on 3rd March 2016 by Guido Vranken. The\nfix was developed by Matt Caswell of the OpenSSL development team. \n\nASN.1 BIO excessive memory allocation (CVE-2016-2109)\n=====================================================\n\nSeverity: Low\n\nWhen ASN.1 data is read from a BIO using functions such as d2i_CMS_bio()\na short invalid encoding can casuse allocation of large amounts of memory\npotentially consuming excessive resources or exhausting memory. \n\nAny application parsing untrusted data through d2i BIO functions is affected. \nThe memory based functions such as d2i_X509() are *not* affected. Since the\nmemory based functions are used by the TLS library, TLS applications are not\naffected. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2h\nOpenSSL 1.0.1 users should upgrade to 1.0.1t\n\nThis issue was reported to OpenSSL on 4th April 2016 by Brian Carpenter. \nThe fix was developed by Stephen Henson of the OpenSSL development team. \n\nEBCDIC overread (CVE-2016-2176)\n===============================\n\nSeverity: Low\n\nASN1 Strings that are over 1024 bytes can cause an overread in applications\nusing the X509_NAME_oneline() function on EBCDIC systems. This could result in\narbitrary stack data being returned in the buffer. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2h\nOpenSSL 1.0.1 users should upgrade to 1.0.1t\n\nThis issue was reported to OpenSSL on 5th March 2016 by Guido Vranken. The\nfix was developed by Matt Caswell of the OpenSSL development team. \n\nNote\n====\n\nAs per our previous announcements and our Release Strategy\n(https://www.openssl.org/policies/releasestrat.html), support for OpenSSL\nversion 1.0.1 will cease on 31st December 2016. No security updates for that\nversion will be provided after that date. Users of 1.0.1 are advised to\nupgrade. \n\nSupport for versions 0.9.8 and 1.0.0 ended on 31st December 2015. Those\nversions are no longer receiving security updates. \n\nReferences\n==========\n\nURL for this Security Advisory:\nhttps://www.openssl.org/news/secadv/20160503.txt\n\nNote: the online version of the advisory may be updated with additional details\nover time. \n\nFor details of OpenSSL severity classifications please see:\nhttps://www.openssl.org/policies/secpolicy.html\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-2176"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002477"
},
{
"db": "BID",
"id": "89746"
},
{
"db": "VULMON",
"id": "CVE-2016-2176"
},
{
"db": "PACKETSTORM",
"id": "142803"
},
{
"db": "PACKETSTORM",
"id": "140056"
},
{
"db": "PACKETSTORM",
"id": "136893"
},
{
"db": "PACKETSTORM",
"id": "143513"
},
{
"db": "PACKETSTORM",
"id": "137958"
},
{
"db": "PACKETSTORM",
"id": "169652"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-2176",
"trust": 3.4
},
{
"db": "BID",
"id": "89746",
"trust": 2.0
},
{
"db": "PULSESECURE",
"id": "SA40202",
"trust": 1.7
},
{
"db": "TENABLE",
"id": "TNS-2016-18",
"trust": 1.7
},
{
"db": "SIEMENS",
"id": "SSA-412672",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1035721",
"trust": 1.7
},
{
"db": "MCAFEE",
"id": "SB10160",
"trust": 1.7
},
{
"db": "PACKETSTORM",
"id": "136912",
"trust": 1.7
},
{
"db": "BID",
"id": "91787",
"trust": 1.7
},
{
"db": "JVN",
"id": "JVNVU93163809",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU94844193",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002477",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2022.0696",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201605-084",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-22-349-21",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-2176",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "142803",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "140056",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136893",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "143513",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "137958",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169652",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-2176"
},
{
"db": "BID",
"id": "89746"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002477"
},
{
"db": "PACKETSTORM",
"id": "142803"
},
{
"db": "PACKETSTORM",
"id": "140056"
},
{
"db": "PACKETSTORM",
"id": "136893"
},
{
"db": "PACKETSTORM",
"id": "143513"
},
{
"db": "PACKETSTORM",
"id": "137958"
},
{
"db": "PACKETSTORM",
"id": "169652"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-084"
},
{
"db": "NVD",
"id": "CVE-2016-2176"
}
]
},
"id": "VAR-201605-0037",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.4305209371428571
},
"last_update_date": "2024-07-23T20:35:57.230000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APPLE-SA-2016-07-18-1 OS X El Capitan v10.11.6 and Security Update 2016-004",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce/2016/jul/msg00000.html"
},
{
"title": "HT206903",
"trust": 0.8,
"url": "https://support.apple.com/en-us/ht206903"
},
{
"title": "HT206903",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/ht206903"
},
{
"title": "SB10160",
"trust": 0.8,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10160"
},
{
"title": "NV16-015",
"trust": 0.8,
"url": "http://jpn.nec.com/security-info/secinfo/nv16-015.html"
},
{
"title": "Major changes between OpenSSL 1.0.1s and OpenSSL 1.0.1t [3 May 2016]",
"trust": 0.8,
"url": "https://www.openssl.org/news/openssl-1.0.1-notes.html"
},
{
"title": "Major changes between OpenSSL 1.0.2g and OpenSSL 1.0.2h [3 May 2016]",
"trust": 0.8,
"url": "https://www.openssl.org/news/openssl-1.0.2-notes.html"
},
{
"title": "Prevent EBCDIC overread for very long strings",
"trust": 0.8,
"url": "https://git.openssl.org/?p=openssl.git;a=commit;h=2919516136a4227d9e6d8f2fe66ef976aaf8c561"
},
{
"title": "EBCDIC overread (CVE-2016-2176)",
"trust": 0.8,
"url": "https://www.openssl.org/news/secadv/20160503.txt"
},
{
"title": "Oracle Critical Patch Update Advisory - July 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"title": "Oracle Critical Patch Update Advisory - October 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"title": "Text Form of Oracle Critical Patch Update - October 2016 Risk Matrices",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016verbose-2881725.html"
},
{
"title": "Oracle Solaris Third Party Bulletin - April 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"title": "SA40202",
"trust": 0.8,
"url": "https://kb.pulsesecure.net/articles/pulse_security_advisories/sa40202"
},
{
"title": "October 2016 Critical Patch Update Released",
"trust": 0.8,
"url": "https://blogs.oracle.com/security/entry/october_2016_critical_patch_update"
},
{
"title": "JSA10759",
"trust": 0.8,
"url": "https://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10759\u0026actp=search"
},
{
"title": "TLSA-2016-14",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2016/tlsa-2016-14j.html"
},
{
"title": "OpenSSL Security vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=61409"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2016/05/03/openssl_patches/"
},
{
"title": "Red Hat: CVE-2016-2176",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2016-2176"
},
{
"title": "Tenable Security Advisories: [R5] OpenSSL \u002720160503\u0027 Advisory Affects Tenable Products",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=tns-2016-10"
},
{
"title": "Tenable Security Advisories: [R3] PVS 5.1.0 Fixes Multiple Third-party Library Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=tns-2016-13"
},
{
"title": "Symantec Security Advisories: SA123 : OpenSSL Vulnerabilities 3-May-2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=5d65f6765e60e5fe9e6998a5bde1aadc"
},
{
"title": "Forcepoint Security Advisories: CVE-2016-2105, 2106, 2107, 2108, 2109, 2176 -- Security Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=forcepoint_security_advisories\u0026qid=01fd01e3d154696ffabfde89f4142310"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - April 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=976a4da35d55283870dbb31b88a6c655"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - July 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=3a04485ebb79f7fbc2472bf9af5ce489"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=05aabe19d38058b7814ef5514aab4c0c"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - April 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=143b3fb255063c81571469eaa3cf0a87"
},
{
"title": "Tenable Security Advisories: [R7] LCE 4.8.1 Fixes Multiple Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=tns-2016-18"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - July 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=5f8c525f1408011628af1792207b2099"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-2176 "
},
{
"title": "alpine-cvecheck",
"trust": 0.1,
"url": "https://github.com/tomwillfixit/alpine-cvecheck "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/imhunterand/hackerone-publicy-disclosed "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-2176"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002477"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-084"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-002477"
},
{
"db": "NVD",
"id": "CVE-2016-2176"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "https://www.openssl.org/news/secadv/20160503.txt"
},
{
"trust": 2.0,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"trust": 2.0,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"trust": 2.0,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160504-openssl"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/89746"
},
{
"trust": 1.8,
"url": "https://security.gentoo.org/glsa/201612-16"
},
{
"trust": 1.7,
"url": "https://kb.pulsesecure.net/articles/pulse_security_advisories/sa40202"
},
{
"trust": 1.7,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10160"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2016/jul/msg00000.html"
},
{
"trust": 1.7,
"url": "https://support.apple.com/ht206903"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/91787"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"trust": 1.7,
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2016\u0026m=slackware-security.542103"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1035721"
},
{
"trust": 1.7,
"url": "https://bto.bluecoat.com/security-advisory/sa123"
},
{
"trust": 1.7,
"url": "http://packetstormsecurity.com/files/136912/slackware-security-advisory-openssl-updates.html"
},
{
"trust": 1.7,
"url": "https://www.tenable.com/security/tns-2016-18"
},
{
"trust": 1.7,
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03756en_us"
},
{
"trust": 1.7,
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03765en_us"
},
{
"trust": 1.7,
"url": "https://security.netapp.com/advisory/ntap-20160504-0001/"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
},
{
"trust": 1.1,
"url": "https://git.openssl.org/?p=openssl.git%3ba=commit%3bh=2919516136a4227d9e6d8f2fe66ef976aaf8c561"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2176"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu93163809/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu94844193/"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-2176"
},
{
"trust": 0.8,
"url": "http://www.aratana.jp/security/detail.php?id=16"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2107"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2108"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2109"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2106"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2176"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2105"
},
{
"trust": 0.6,
"url": "https://git.openssl.org/?p=openssl.git;a=commit;h=2919516136a4227d9e6d8f2fe66ef976aaf8c561"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
},
{
"trust": 0.3,
"url": "http://openssl.org/"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2016/may/25"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1023814"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1024078"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1024507"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5099429"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg2c1000158"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1021376"
},
{
"trust": 0.3,
"url": "https://www.openssl.org/news/vulnerabilities.html"
},
{
"trust": 0.3,
"url": "https://securityadvisories.paloaltonetworks.com/home/detail/56?aspxautodetectcookiesupport=1"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
},
{
"trust": 0.3,
"url": "https://support.asperasoft.com/hc/en-us/articles/229505687-security-bulletin-multiple-openssl-vulnerabilities-affect-ibm-aspera-shares-1-9-2-or-earlier-%20-ibm-aspera-console-3-0-6-or-earlier"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1024066"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1009147"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21983158"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21984323"
},
{
"trust": 0.3,
"url": "https://www-01.ibm.com/support/docview.wss?uid=swg21984483"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21984794"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21984920"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21984977"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986123"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986313"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986460"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986506"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986563"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986564"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986669"
},
{
"trust": 0.3,
"url": "https://www-01.ibm.com/support/docview.wss?uid=swg21987174"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21987175"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21987671"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21988055"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21988071"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21988081"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21988350"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21988383"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21988976"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21989958"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21992493"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21992894"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg2c1000192"
},
{
"trust": 0.3,
"url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory20.asc"
},
{
"trust": 0.2,
"url": "http://www.hpe.com/support/security_bulletin_archive"
},
{
"trust": 0.2,
"url": "https://www.hpe.com/info/report-security-vulnerability"
},
{
"trust": 0.2,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c01345499"
},
{
"trust": 0.2,
"url": "http://www.hpe.com/support/subscriber_choice"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-2176"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/tomwillfixit/alpine-cvecheck"
},
{
"trust": 0.1,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-21"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=49332"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-hpesbhf03756en_us"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2180"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2105"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2178"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2183"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2107"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2178"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2176"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2177"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-7052"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-6304"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-6305"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2106"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2108"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7052"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6306"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2109"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6304"
},
{
"trust": 0.1,
"url": "http://eprint.iacr.org/2016/594.pdf"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6305"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2180"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2177"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2183"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-6306"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-hpesbhf03765en_us"
},
{
"trust": 0.1,
"url": "http://h20565.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-a00006123en_"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0718"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4599"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4601"
},
{
"trust": 0.1,
"url": "https://gpgtools.org"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4449"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4483"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1836"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4600"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1865"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4597"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4596"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4447"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1863"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4582"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4595"
},
{
"trust": 0.1,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1864"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-9862"
},
{
"trust": 0.1,
"url": "http://support.apple.com/kb/ht201222"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4607"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4448"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4598"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1684"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4602"
},
{
"trust": 0.1,
"url": "https://support.apple.com/kb/ht206900"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4594"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0169"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/policies/secpolicy.html"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/policies/releasestrat.html),"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-2176"
},
{
"db": "BID",
"id": "89746"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002477"
},
{
"db": "PACKETSTORM",
"id": "142803"
},
{
"db": "PACKETSTORM",
"id": "140056"
},
{
"db": "PACKETSTORM",
"id": "136893"
},
{
"db": "PACKETSTORM",
"id": "143513"
},
{
"db": "PACKETSTORM",
"id": "137958"
},
{
"db": "PACKETSTORM",
"id": "169652"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-084"
},
{
"db": "NVD",
"id": "CVE-2016-2176"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2016-2176"
},
{
"db": "BID",
"id": "89746"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002477"
},
{
"db": "PACKETSTORM",
"id": "142803"
},
{
"db": "PACKETSTORM",
"id": "140056"
},
{
"db": "PACKETSTORM",
"id": "136893"
},
{
"db": "PACKETSTORM",
"id": "143513"
},
{
"db": "PACKETSTORM",
"id": "137958"
},
{
"db": "PACKETSTORM",
"id": "169652"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-084"
},
{
"db": "NVD",
"id": "CVE-2016-2176"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-05-05T00:00:00",
"db": "VULMON",
"id": "CVE-2016-2176"
},
{
"date": "2016-05-03T00:00:00",
"db": "BID",
"id": "89746"
},
{
"date": "2016-05-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-002477"
},
{
"date": "2017-06-05T18:18:00",
"db": "PACKETSTORM",
"id": "142803"
},
{
"date": "2016-12-07T16:37:31",
"db": "PACKETSTORM",
"id": "140056"
},
{
"date": "2016-05-03T22:55:47",
"db": "PACKETSTORM",
"id": "136893"
},
{
"date": "2017-07-26T17:44:00",
"db": "PACKETSTORM",
"id": "143513"
},
{
"date": "2016-07-19T19:45:20",
"db": "PACKETSTORM",
"id": "137958"
},
{
"date": "2016-05-03T12:12:12",
"db": "PACKETSTORM",
"id": "169652"
},
{
"date": "2016-05-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201605-084"
},
{
"date": "2016-05-05T01:59:06.340000",
"db": "NVD",
"id": "CVE-2016-2176"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2016-2176"
},
{
"date": "2017-05-02T01:10:00",
"db": "BID",
"id": "89746"
},
{
"date": "2017-10-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-002477"
},
{
"date": "2022-12-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201605-084"
},
{
"date": "2023-11-07T02:31:01.193000",
"db": "NVD",
"id": "CVE-2016-2176"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201605-084"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL of crypto/x509/x509_obj.c of X509_NAME_oneline Vulnerability in function that can retrieve important information from process stack memory",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-002477"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201605-084"
}
],
"trust": 0.6
}
}
VAR-201403-0514
Vulnerability from variot - Updated: 2024-07-23 20:28The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack. OpenSSL is prone to an information-disclosure weakness. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
============================================================================= FreeBSD-SA-14:06.openssl Security Advisory The FreeBSD Project
Topic: OpenSSL multiple vulnerabilities
Category: contrib Module: openssl Announced: 2014-04-08 Affects: All supported versions of FreeBSD. Corrected: 2014-04-08 18:27:39 UTC (stable/10, 10.0-STABLE) 2014-04-08 18:27:46 UTC (releng/10.0, 10.0-RELEASE-p1) 2014-04-08 23:16:19 UTC (stable/9, 9.2-STABLE) 2014-04-08 23:16:05 UTC (releng/9.2, 9.2-RELEASE-p4) 2014-04-08 23:16:05 UTC (releng/9.1, 9.1-RELEASE-p11) 2014-04-08 23:16:19 UTC (stable/8, 8.4-STABLE) 2014-04-08 23:16:05 UTC (releng/8.4, 8.4-RELEASE-p8) 2014-04-08 23:16:05 UTC (releng/8.3, 8.3-RELEASE-p15) CVE Name: CVE-2014-0076, CVE-2014-0160
For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit .
- Revision History
v1.0 2014-04-08 Initial release. v1.1 2014-04-08 Added patch applying step in Solutions section.
I. Background
FreeBSD includes software from the OpenSSL Project. The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library.
The Heartbeat Extension provides a new protocol for TLS/DTLS allowing the usage of keep-alive functionality without performing a renegotiation and a basis for path MTU (PMTU) discovery for DTLS.
Elliptic Curve Digital Signature Algorithm (ECDSA) is a variant of the Digital Signature Algorithm (DSA) which uses Elliptic Curve Cryptography. OpenSSL uses the Montgomery Ladder Approach to compute scalar multiplication in a fixed amount of time, which does not leak any information through timing or power.
II. Problem Description
The code used to handle the Heartbeat Extension does not do sufficient boundary checks on record length, which allows reading beyond the actual payload. [CVE-2014-0160]. Affects FreeBSD 10.0 only.
A flaw in the implementation of Montgomery Ladder Approach would create a side-channel that leaks sensitive timing information. [CVE-2014-0076]
III. Impact
An attacker who can send a specifically crafted packet to TLS server or client with an established connection can reveal up to 64k of memory of the remote system. Such memory might contain sensitive information, including key material, protected content, etc. which could be directly useful, or might be leveraged to obtain elevated privileges. [CVE-2014-0160]
A local attacker might be able to snoop a signing process and might recover the signing key from it. [CVE-2014-0076]
IV. Workaround
No workaround is available, but systems that do not use OpenSSL to implement the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols implementation and do not use the ECDSA implementation from OpenSSL are not vulnerable.
V. Solution
Perform one of the following:
1) Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date.
2) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to the applicable FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.
[FreeBSD 8.x and FreeBSD 9.x]
fetch http://security.FreeBSD.org/patches/SA-14:06/openssl.patch
fetch http://security.FreeBSD.org/patches/SA-14:06/openssl.patch.asc
gpg --verify openssl.patch.asc
[FreeBSD 10.0]
fetch http://security.FreeBSD.org/patches/SA-14:06/openssl-10.patch
fetch http://security.FreeBSD.org/patches/SA-14:06/openssl-10.patch.asc
gpg --verify openssl-10.patch.asc
b) Execute the following commands as root:
cd /usr/src
patch < /path/to/patch
Recompile the operating system using buildworld and installworld as described in .
Restart all deamons using the library, or reboot the system.
3) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility:
freebsd-update fetch
freebsd-update install
IMPORTANT: the update procedure above does not update OpenSSL from the Ports Collection or from a package, known as security/openssl, which has to be updated separately via ports or package.
VI. Correction details
The following list contains the correction revision numbers for each affected branch.
Branch/path Revision
stable/8/ r264285 releng/8.3/ r264284 releng/8.4/ r264284 stable/9/ r264285 releng/9.1/ r264284 releng/9.2/ r264284 stable/10/ r264266 releng/10.0/ r264267
To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed:
svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
VII. References
The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (FreeBSD)
iQIcBAEBCgAGBQJTRJySAAoJEO1n7NZdz2rnzPcQALd6So7vDRBaYiaGwQjc55oI QwTnNzkkgxVTGwi8lDV6h8bIW3Ga8AhMGoZCVOeKbDABBDghVYe6Na5e/wsHbPPu tXmDRhoi2aV0sVCTFfpoCNJ8l2lb+5vnmEC6Oi3PMQDbRC+Ptg15o0W/2hXw0eKO yu4BhS4dl6lX7IvlR1n4sr0rfa8vwxe5OpUUd6Bzw0SUBmV+BTzq1C70FuOZ/hnD ThaZS8Ox3fcWuPylhPbhxnWqg0oVNkBpiRYpIBadrpl9EiRRzbTfF+uFvauR9tBN 1mK8lLwd7DK6x8iCSnDd2ZlN1rNn8EPsGohT4vP+szz2E2YP1x8ugihEBdYax+Dh Z4TWkm3/wJwEf00G32E1hZ8F+UavE8AmnGVk6gxiRpnv2sdNJYRlWd9O8u251qMq uzcmBX6Jr14dQCwlqof8pYKYV7VCE/Cu4JHThOCL042CLwUmXyJVMFzm6WPQlNjC dlPbSG+PXjninPjcYBoMR+863X35Guv0pJBNG/ofEh+Jy5MveaMRQX/mA+wy29zm qg74lM07adXkJujPAuA5dYjZivpW1NPOHeIjaYjaI6KDw2q3BlkGa2C3PeYDQxn4 Iqujqpem5nyQY4BO2XC8gVtuym0jDSA98bgFXumNDkmzlUUuOFOWD8YScLopOzOu EpUXgezogk1Rd3EVsaJ+ =UBO0 -----END PGP SIGNATURE----- . OpenSSL Security Advisory [05 Jun 2014] ========================================
SSL/TLS MITM vulnerability (CVE-2014-0224)
An attacker using a carefully crafted handshake can force the use of weak keying material in OpenSSL SSL/TLS clients and servers. This can be exploited by a Man-in-the-middle (MITM) attack where the attacker can decrypt and modify traffic from the attacked client and server.
The attack can only be performed between a vulnerable client and server. OpenSSL clients are vulnerable in all versions of OpenSSL. Servers are only known to be vulnerable in OpenSSL 1.0.1 and 1.0.2-beta1. Users of OpenSSL servers earlier than 1.0.1 are advised to upgrade as a precaution.
OpenSSL 0.9.8 SSL/TLS users (client and/or server) should upgrade to 0.9.8za. OpenSSL 1.0.0 SSL/TLS users (client and/or server) should upgrade to 1.0.0m. OpenSSL 1.0.1 SSL/TLS users (client and/or server) should upgrade to 1.0.1h.
Thanks to KIKUCHI Masashi (Lepidum Co. Ltd.) for discovering and researching this issue. This issue was reported to OpenSSL on 1st May 2014 via JPCERT/CC.
The fix was developed by Stephen Henson of the OpenSSL core team partly based on an original patch from KIKUCHI Masashi.
DTLS recursion flaw (CVE-2014-0221)
By sending an invalid DTLS handshake to an OpenSSL DTLS client the code can be made to recurse eventually crashing in a DoS attack.
Only applications using OpenSSL as a DTLS client are affected.
OpenSSL 0.9.8 DTLS users should upgrade to 0.9.8za OpenSSL 1.0.0 DTLS users should upgrade to 1.0.0m. OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1h.
Thanks to Imre Rad (Search-Lab Ltd.) for discovering this issue. This issue was reported to OpenSSL on 9th May 2014.
The fix was developed by Stephen Henson of the OpenSSL core team.
DTLS invalid fragment vulnerability (CVE-2014-0195)
A buffer overrun attack can be triggered by sending invalid DTLS fragments to an OpenSSL DTLS client or server. This is potentially exploitable to run arbitrary code on a vulnerable client or server.
Only applications using OpenSSL as a DTLS client or server affected.
OpenSSL 0.9.8 DTLS users should upgrade to 0.9.8za OpenSSL 1.0.0 DTLS users should upgrade to 1.0.0m. OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1h.
Thanks to Jüri Aedla for reporting this issue. This issue was reported to OpenSSL on 23rd April 2014 via HP ZDI.
The fix was developed by Stephen Henson of the OpenSSL core team.
SSL_MODE_RELEASE_BUFFERS NULL pointer dereference (CVE-2014-0198)
A flaw in the do_ssl3_write function can allow remote attackers to cause a denial of service via a NULL pointer dereference. This flaw only affects OpenSSL 1.0.0 and 1.0.1 where SSL_MODE_RELEASE_BUFFERS is enabled, which is not the default and not common.
OpenSSL 1.0.0 users should upgrade to 1.0.0m. OpenSSL 1.0.1 users should upgrade to 1.0.1h.
This issue was reported in public. The fix was developed by Matt Caswell of the OpenSSL development team.
SSL_MODE_RELEASE_BUFFERS session injection or denial of service (CVE-2010-5298)
A race condition in the ssl3_read_bytes function can allow remote attackers to inject data across sessions or cause a denial of service. This flaw only affects multithreaded applications using OpenSSL 1.0.0 and 1.0.1, where SSL_MODE_RELEASE_BUFFERS is enabled, which is not the default and not common.
OpenSSL 1.0.0 users should upgrade to 1.0.0m. OpenSSL 1.0.1 users should upgrade to 1.0.1h.
This issue was reported in public.
Anonymous ECDH denial of service (CVE-2014-3470)
OpenSSL TLS clients enabling anonymous ECDH ciphersuites are subject to a denial of service attack.
OpenSSL 0.9.8 users should upgrade to 0.9.8za OpenSSL 1.0.0 users should upgrade to 1.0.0m. OpenSSL 1.0.1 users should upgrade to 1.0.1h.
Thanks to Felix Gröbert and Ivan Fratrić at Google for discovering this issue. This issue was reported to OpenSSL on 28th May 2014.
The fix was developed by Stephen Henson of the OpenSSL core team.
Other issues
OpenSSL 1.0.0m and OpenSSL 0.9.8za also contain a fix for CVE-2014-0076: Fix for the attack described in the paper "Recovering OpenSSL ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack" Reported by Yuval Yarom and Naomi Benger. This issue was previously fixed in OpenSSL 1.0.1g.
References
URL for this Security Advisory: http://www.openssl.org/news/secadv_20140605.txt
Note: the online version of the advisory may be updated with additional details over time. The following Common Vulnerabilities and Exposures project ids identify them:
CVE-2010-5298
A read buffer can be freed even when it still contains data that is
used later on, leading to a use-after-free.
CVE-2014-0076
ECDSA nonces can be recovered through the Yarom/Benger FLUSH+RELOAD
cache side-channel attack.
A third issue, with no CVE id, is the missing detection of the "critical" flag for the TSA extended key usage under certain cases.
Additionally, this update checks for more services that might need to be restarted after upgrades of libssl, corrects the detection of apache2 and postgresql, and adds support for the 'libraries/restart-without-asking' debconf configuration. This allows services to be restarted on upgrade without prompting.
The oldstable distribution (squeeze) is not affected by CVE-2010-5298 and it might be updated at a later time to address the remaining vulnerabilities.
For the testing distribution (jessie), these problems will be fixed soon. The updates are available from the following location using ftp:
ftp://srt03046:Secure12@ftp.usa.hp.com
User name: srt03046 Password: Secure12 ( NOTE: Case sensitive)
HP-UX Release HP-UX OpenSSL version
B.11.11 (11i v1) A.00.09.08za.001_HP-UX_B.11.11_32+64.depot
B.11.23 (11i v2) A.00.09.08za.002_HP-UX_B.11.23_IA-PA.depot
B.11.31 (11i v3) A.00.09.08za.003_HP-UX_B.11.31_IA-PA.depot
MANUAL ACTIONS: Yes - Update
Install OpenSSL A.00.09.08za or subsequent
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant.
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug (CVE-2014-0160).
The dtls1_reassemble_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly validate fragment lengths in DTLS ClientHello messages, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a long non-initial fragment (CVE-2014-0195).
OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL communications, and consequently hijack sessions or obtain sensitive information, via a crafted TLS handshake, aka the CCS Injection vulnerability (CVE-2014-0224).
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the POODLE issue (CVE-2014-3566).
The BN_sqr implementation in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not properly calculate the square of a BIGNUM value, which might make it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors, related to crypto/bn/asm/mips.pl, crypto/bn/asm/x86_64-gcc.c, and crypto/bn/bn_asm.c (CVE-2014-3570).
The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct ECDHE-to-ECDH downgrade attacks and trigger a loss of forward secrecy by omitting the ServerKeyExchange message (CVE-2014-3572).
OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not enforce certain constraints on certificate data, which allows remote attackers to defeat a fingerprint-based certificate-blacklist protection mechanism by including crafted data within a certificate's unsigned portion, related to crypto/asn1/a_verify.c, crypto/dsa/dsa_asn1.c, crypto/ecdsa/ecs_vrf.c, and crypto/x509/x_all.c (CVE-2014-8275).
The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct RSA-to-EXPORT_RSA downgrade attacks and facilitate brute-force decryption by offering a weak ephemeral RSA key in a noncompliant role, related to the FREAK issue. NOTE: the scope of this CVE is only client code based on OpenSSL, not EXPORT_RSA issues associated with servers or other TLS implementations (CVE-2015-0204).
The ssl3_get_cert_verify function in s3_srvr.c in OpenSSL 1.0.0 before 1.0.0p and 1.0.1 before 1.0.1k accepts client authentication with a Diffie-Hellman (DH) certificate without requiring a CertificateVerify message, which allows remote attackers to obtain access without knowledge of a private key via crafted TLS Handshake Protocol traffic to a server that recognizes a Certification Authority with DH support (CVE-2015-0205).
Use-after-free vulnerability in the d2i_ECPrivateKey function in crypto/ec/ec_asn1.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a malformed Elliptic Curve (EC) private-key file that is improperly handled during import (CVE-2015-0209).
The PKCS#7 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not properly handle a lack of outer ContentInfo, which allows attackers to cause a denial of service (NULL pointer dereference and application crash) by leveraging an application that processes arbitrary PKCS#7 data and providing malformed data with ASN.1 encoding, related to crypto/pkcs7/pk7_doit.c and crypto/pkcs7/pk7_lib.c (CVE-2015-0289).
The updated packages have been upgraded to the 1.0.1m version where these security flaws has been fixed.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5298 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0076 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0198 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0221 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3513 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3569 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3570 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3571 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3572 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8275 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0206 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0209 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0286 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0287 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0288 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0289 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0293 http://openssl.org/news/secadv_20150108.txt http://openssl.org/news/secadv_20150319.txt
Updated Packages:
Mandriva Business Server 2/X86_64: 324a85f7e1165ab02881e44dbddaf599 mbs2/x86_64/lib64openssl1.0.0-1.0.1m-1.mbs2.x86_64.rpm 9c0bfb6ebd43cb6d81872abf71b4f85f mbs2/x86_64/lib64openssl-devel-1.0.1m-1.mbs2.x86_64.rpm 58df54e72ca7270210c7d8dd23df402b mbs2/x86_64/lib64openssl-engines1.0.0-1.0.1m-1.mbs2.x86_64.rpm b5313ffb5baaa65aea05eb05486d309a mbs2/x86_64/lib64openssl-static-devel-1.0.1m-1.mbs2.x86_64.rpm a9890ce4c33630cb9e00f3b2910dd784 mbs2/x86_64/openssl-1.0.1m-1.mbs2.x86_64.rpm 521297a5fe26e2de0c1222d8d03382d1 mbs2/SRPMS/openssl-1.0.1m-1.mbs2.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security.
HP Systems Insight Manager v7.3 Hotfix kit HP Systems Insight Manager v7.2 Hotfix kit (The HP Systems Insight Manager v7.2 Hotfix kit is currently unavailable, but will be released at a later date.
http://h18013.www1.hp.com/products/servers/management/hpsim/download.html
NOTE: No reboot of the system is required after applying the HP SIM Hotfix kit. HP System Management Homepage versions 7.3.2 and earlier for Linux and Windows. HP System Management Homepage v7.2.4.1 is available for Windows 2003 only.
HP System Management Homepage v7.2.4.1 for Windows x86: http://www.hp.com/swpublishing/MTX-d775367b0a28449ca05660778b ftp://ftp.hp.com/pub/softlib2/software1/sc-windows/p11160892/v98702
HP System Management Homepage v7.2.4.1 for Windows x64: http://www.hp.com/swpublishing/MTX-3a7aa5e233904ebe847a5e1555 ftp://ftp.hp.com/pub/softlib2/software1/sc-windows/p221526337/v98704
HP System Management Homepage v7.3.3.1 for Windows x86: http://www.hp.com/swpublishing/MTX-3395d737d98f42149125b9bb05 ftp://ftp.hp.com/pub/softlib2/software1/sc-windows/p11160892/v98696
HP System Management Homepage v7.3.3.1 for Windows x64: http://www.hp.com/swpublishing/MTX-e8076c2a35804685ad65b2b1ba ftp://ftp.hp.com/pub/softlib2/software1/sc-windows/p221526337/v98698
HP System Management Homepage v7.3.3.1 for Linux x86: http://www.hp.com/swpublishing/MTX-511c3e0b2f6f4f6bbc796fc619 ftp://ftp.hp.com/pub/softlib2/software1/pubsw-linux/p1980463820/v98694
HP System Management Homepage v7.3.3.1 for Linux x64: http://www.hp.com/swpublishing/MTX-bd9a1cf60e344c549c4888db93 ftp://ftp.hp.com/pub/softlib2/software1/pubsw-linux/p1507410135/v98693
NOTE: HP System Management Homepage v7.3.3.1 for Linux x86 still contains OpenSSL v1.0.0d. As long as all other products which SMH V7.3.3.1 for Linux x86 communicates with have been upgraded to the latest versions, it will not be vulnerable to the exploits described in CVE-2014-0224.
Release Date: 2014-07-23 Last Updated: 2014-07-23
Potential Security Impact: Remote denial of service (DoS), code execution, unauthorized access, disclosure of information
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP Insight Control server migration running on Linux and Windows which could be exploited remotely resulting in denial of service (DoS), code execution, unauthorized access, or disclosure of information.
References:
CVE-2010-5298 Remote Denial of Service CVE-2014-0076 Unauthorized Disclosure of Information CVE-2014-0195 Remote Unauthorized Access CVE-2014-0198 Remote Denial of Service CVE-2014-0221 Remote Denial of Service (DoS) CVE-2014-0224 Remote Unauthorized Access or Disclosure of Information CVE-2014-3470 Remote Code Execution or Unauthorized Access SSRT101647
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP Insight Control server migration v7.2.2, v7.3, v7.3.1, and v7.3.2
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2010-5298 (AV:N/AC:H/Au:N/C:N/I:P/A:P) 4.0 CVE-2014-0076 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2014-0195 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2014-0198 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2014-0221 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2014-0224 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2014-3470 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has provided the following updates to v7.3.2 of HP Insight Control server migration to resolve these vulnerabilities by upgrading to version 7.3.3. Please note that version 7.3.3 of HP Insight Control server migration is included on the HP Insight Management 7.3 Update 2 DVD.
HP has provided the installation binaries for download from the following web site by using the Receive for free option:
http://h18013.www1.hp.com/products/servers/management/fpdownload.html
Customers using HP Insight Control server migration v7.2.2 must first upgrade from v7.2.2 to v7.3 by using the HP Insight Management v7.3 DVD, and then upgrade to v7.3.3 by using the HP Insight Management v7.3 Update 2 DVD.
Customers running HP Insight Control server migration v7.3, v7.3.1, or v7.3.2, can use the HP Insight Control server migration v7.3 Update 2 DVD to complete the upgrade.
For more information on the upgrade process, please refer to the HP Insight Management Installation and Upgrade Guide and Release notes, which are available at the following location:
http://h17007.www1.hp.com/us/en/enterprise/servers/solutions/info-library/ind ex.aspx?cat=insightmanagement
NOTE: The upgrade paths described above update the entire HP Insight Control software stack. To upgrade HP Insight Control server migration only, complete the following steps:
Copy "hpsmp.exe" to the local machine from the HP Insight Management v7.3.0 Update 2 DVD ISO. Create batch file with the following commands: @echo off hpsmp.exe /verysilent /SVCPATCH=Install_Through_Patch Copy the batch file to the folder where "hpsmp.exe" normally resides on the target system. Double click on the batch file. The HP Insight Control server migration installation starts in a command prompt. The command prompt closes when the installation finishes. After the installation completes it creates a log file (ICmigr.log) and an output file (ICmigroutput.xml) on the target system. Do not close or click on the command prompt while the process is completing. Do not run the command prompt in the background.
HISTORY Version:1 (rev.1) - 23 July 2014 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2014 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
APPLE-SA-2014-09-17-3 OS X Mavericks 10.9.5 and Security Update 2014-004
OS X Mavericks 10.9.5 and Security Update 2014-004 are now available and address the following:
apache_mod_php Available for: OS X Mavericks 10.9 to 10.9.4 Impact: Multiple vulnerabilities in PHP 5.4.24 Description: Multiple vulnerabilities existed in PHP 5.4.24, the most serious of which may have led to arbitrary code execution. This update addresses the issues by updating PHP to version 5.4.30 CVE-ID CVE-2013-7345 CVE-2014-0185 CVE-2014-0207 CVE-2014-0237 CVE-2014-0238 CVE-2014-1943 CVE-2014-2270 CVE-2014-3478 CVE-2014-3479 CVE-2014-3480 CVE-2014-3487 CVE-2014-3515 CVE-2014-3981 CVE-2014-4049
Bluetooth Available for: OS X Mavericks 10.9 to 10.9.4 Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A validation issue existed in the handling of a Bluetooth API call. This issue was addressed through improved bounds checking. CVE-ID CVE-2014-4390 : Ian Beer of Google Project Zero
CoreGraphics Available for: OS X Mavericks 10.9 to 10.9.4 Impact: Opening a maliciously crafted PDF file may lead to an unexpected application termination or an information disclosure Description: An out of bounds memory read existed in the handling of PDF files. This issue was addressed through improved bounds checking. CVE-ID CVE-2014-4378 : Felipe Andres Manzano of Binamuse VRT working with the iSIGHT Partners GVP Program
CoreGraphics Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 to 10.9.4 Impact: Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution Description: An integer overflow existed in the handling of PDF files. This issue was addressed through improved bounds checking. CVE-ID CVE-2014-4377 : Felipe Andres Manzano of Binamuse VRT working with the iSIGHT Partners GVP Program
Foundation Available for: OS X Mavericks 10.9 to 10.9.4 Impact: An application using NSXMLParser may be misused to disclose information Description: An XML External Entity issue existed in NSXMLParser's handling of XML. This issue was addressed by not loading external entities across origins. CVE-ID CVE-2014-4374 : George Gal of VSR (http://www.vsecurity.com/)
Intel Graphics Driver Available for: OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 to 10.9.4 Impact: Compiling untrusted GLSL shaders may lead to an unexpected application termination or arbitrary code execution Description: A user-space buffer overflow existed in the shader compiler. This issue was addressed through improved bounds checking. CVE-ID CVE-2014-4393 : Apple
Intel Graphics Driver Available for: OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 to 10.9.4 Impact: A malicious application may be able to execute arbitrary code with system privileges Description: Multiple validation issues existed in some integrated graphics driver routines. These issues were addressed through improved bounds checking. CVE-ID CVE-2014-4394 : Ian Beer of Google Project Zero CVE-2014-4395 : Ian Beer of Google Project Zero CVE-2014-4396 : Ian Beer of Google Project Zero CVE-2014-4397 : Ian Beer of Google Project Zero CVE-2014-4398 : Ian Beer of Google Project Zero CVE-2014-4399 : Ian Beer of Google Project Zero CVE-2014-4400 : Ian Beer of Google Project Zero CVE-2014-4401 : Ian Beer of Google Project Zero CVE-2014-4416 : Ian Beer of Google Project Zero
IOAcceleratorFamily Available for: OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 to 10.9.4 Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A null pointer dereference existed in the handling of IOKit API arguments. This issue was addressed through improved validation of IOKit API arguments. CVE-ID CVE-2014-4376 : Ian Beer of Google Project Zero
IOAcceleratorFamily Available for: OS X Mavericks 10.9 to 10.9.4 Impact: A malicious application may be able to execute arbitrary code with system privileges Description: An out-of-bounds read issue existed in the handling of an IOAcceleratorFamily function. This issue was addressed through improved bounds checking. CVE-ID CVE-2014-4402 : Ian Beer of Google Project Zero
IOHIDFamily Available for: OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 to 10.9.4 Impact: A local user can read kernel pointers, which can be used to bypass kernel address space layout randomization Description: An out-of-bounds read issue existed in the handling of an IOHIDFamily function. This issue was addressed through improved bounds checking. CVE-ID CVE-2014-4379 : Ian Beer of Google Project Zero
IOKit Available for: OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 to 10.9.4 Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A validation issue existed in the handling of certain metadata fields of IODataQueue objects. This issue was addressed through improved validation of metadata. CVE-ID CVE-2014-4388 : @PanguTeam
IOKit Available for: OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 to 10.9.4 Impact: A malicious application may be able to execute arbitrary code with system privileges Description: An integer overflow existed in the handling of IOKit functions. This issue was addressed through improved bounds checking. CVE-ID CVE-2014-4389 : Ian Beer of Google Project Zero
Kernel Available for: OS X Mavericks 10.9 to 10.9.4 Impact: A local user can infer kernel addresses and bypass kernel address space layout randomization Description: In some cases, the CPU Global Descriptor Table was allocated at a predictable address. This issue was addressed through always allocating the Global Descriptor Table at random addresses. CVE-ID CVE-2014-4403 : Ian Beer of Google Project Zero
Libnotify Available for: OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 to 10.9.4 Impact: A malicious application may be able to execute arbitrary code with root privileges Description: An out-of-bounds write issue existed in Libnotify. This issue was addressed through improved bounds checking CVE-ID CVE-2014-4381 : Ian Beer of Google Project Zero
OpenSSL Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 to 10.9.4 Impact: Multiple vulnerabilities in OpenSSL 0.9.8y, including one that may lead to arbitrary code execution Description: Multiple vulnerabilities existed in OpenSSL 0.9.8y. This update was addressed by updating OpenSSL to version 0.9.8za. CVE-ID CVE-2014-0076 CVE-2014-0195 CVE-2014-0221 CVE-2014-0224 CVE-2014-3470
QT Media Foundation Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 to 10.9.4 Impact: Playing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in the handling of RLE encoded movie files. This issue was addressed through improved bounds checking. CVE-ID CVE-2014-1391 : Fernando Munoz working with iDefense VCP, Tom Gallagher & Paul Bates working with HP's Zero Day Initiative
QT Media Foundation Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 to 10.9.4 Impact: Playing a maliciously crafted MIDI file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in the handling of MIDI files. This issue was addressed through improved bounds checking. CVE-ID CVE-2014-4350 : s3tm3m working with HP's Zero Day Initiative
QT Media Foundation Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 to 10.9.4 Impact: Playing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in the handling of the 'mvhd' atoms. This issue was addressed through improved bounds checking. CVE-ID CVE-2014-4979 : Andrea Micalizzi aka rgod working with HP's Zero Day Initiative
ruby Available for: OS X Mavericks 10.9 to 10.9.4 Impact: A remote attacker may be able to cause arbitrary code execution Description: A heap buffer overflow existed in LibYAML's handling of percent-encoded characters in a URI. This issue was addressed through improved bounds checking. This update addresses the issues by updating LibYAML to version 0.1.6 CVE-ID CVE-2014-2525
Note: OS X Mavericks 10.9.5 includes the security content of Safari 7.0.6: http://support.apple.com/kb/HT6367
OS X Mavericks v10.9.5 and Security Update 2014-004 may be obtained from the Mac App Store or Apple's Software Downloads web site: http://www.apple.com/support/downloads/
Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.22 (Darwin) Comment: GPGTools - http://gpgtools.org
iQIcBAEBAgAGBQJUGkP0AAoJEBcWfLTuOo7tygQP/1vHYXtWy6492Tjj6ycymWa+ Ct0eCCBU/AUi5ODNDeV9ddWkuFeXKbgQSHoPU19IPcIBAKnYUupVJSJ/cEHfSthh CiROjJw8Bt8comn04BgggHieLveN1xQCXQDcO29kBIpQr394XKS0lNXP//Z0oG5V sCnEDPz/0R92mwT5XkKD9WC7G/WjybS5V7BjEbdzDOn4qdTVje05xI5pof+fkeQ1 hFHo7uTCDkSzLH2YxrQHifNVyItz8AgnNHwH7zc6XmNtiNFkiFP/KU6BYyr8WiTQ Jb3pyLB/Xvmbd0kuETnDNvV0oJc88G38a++xZPnuM7zQrW/TQkkKQpiqKtYAiJuw ZhUoky620/7HULegcYtsTyuDFyEN6whdSmHLFCJzk2oZXZ7MPA8ywCFB8Y79rohW 5MTe/zVUSxxYBgVXpkmhPwXYSTINeUJGJA1RQtXhC2Hh6O2jeqJP2H0hTmgsCBRA 3X/2CGoyAAgoKTJwgXk07tBbJWf+wQwAvUN9L1Yph+uOvvUzqFt8LNEGw9jVPsZl QHcSEW/Ef/HK/OLwVZiPqse6lRJAdRZl5//vm4408jnXfJCy6KnvxcsO4Z1yTyoP kCXdWlSLBiidcRRWBfoQBSC3gANcx9a56ItWieEvJrdNOiyhb+gqEk7XraOlb/gf k4w2RKNm0Fv+kdNoFAnd =gpVc -----END PGP SIGNATURE-----
. These vulnerabilities include:
-
The SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" also known as "POODLE", which could be exploited remotely resulting in disclosure of information.
-
HP StoreVirtual VSA Software 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4130 600GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4130 600GB China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 1TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 450GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 1TB MDL China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 450GB China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 900GB China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 FC 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 FC 900GB China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 2TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 3TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 450GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 600GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4630 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4730 600GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4730 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4730 FC 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 450GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 900GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 1TB MDL SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 3TB MDL SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 450GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4335 China Hybrid Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4335 Hybrid Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 4TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4130 600GB China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4130 600GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 1TB MDL China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 1TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 1TB MDL SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 450GB China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 450GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 450GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 900GB China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 900GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 FC 900GB China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 FC 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4335 China Hybrid SAN Solution 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4335 China Hybrid Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4335 Hybrid SAN Solution 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4335 Hybrid Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 2TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 3TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 3TB MDL SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 450GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 450GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 4TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 600GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 600GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4630 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4730 600GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4730 600GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4730 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4730 900GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4730 FC 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
BACKGROUND
CVSS Base Metrics ================= Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector
CVE-2010-5298
4.8 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
4.0 (AV:N/AC:H/Au:N/C:N/I:P/A:P)
CVE-2014-0076
4.0 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1.9 (AV:L/AC:M/Au:N/C:P/I:N/A:N)
CVE-2014-0195
7.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVE-2014-0198
5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
CVE-2014-0221
5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
CVE-2014-0224
6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVE-2014-3470
5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
CVE-2014-3566
3.1 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)
CVE-2016-0705
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Information on CVSS is documented in
HPE Customer Notice HPSN-2008-002 here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499
RESOLUTION
HPE recommends applying the following software updates to resolve the vulnerabilities in the impacted versions of HPE StoreVirtual products running HPE LeftHand OS.
LeftHand OS v11.5 - Patches 45019-00 and 45020 LeftHand OS v12.0 - Patches 50016-00 and 50017-00 LeftHand OS v12.5 - Patch 55016-00 LeftHand OS v12.6 - Patch 56002-00
Notes:
These patches enable TLSv1.2 protocol and upgrades the OpenSSL RPM revision to OpenSSL v1.0.1e 48. These patches migrate Certificate Authority Hashing Algorithm from a weak hashing algorithm SHA1 to the stronger hashing algorithm SHA256
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201403-0514",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flex system chassis management module",
"scope": "eq",
"trust": 1.5,
"vendor": "ibm",
"version": "1.50.1"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8u"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8v"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6m"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8t"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8o"
},
{
"model": "openssl",
"scope": "lte",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0l"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7m"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8s"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8x"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8q"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8m"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7l"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6l"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8n"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8y"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.1c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8l"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.3a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.5a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.2b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8p"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.3"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8r"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8w"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.4"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6h"
},
{
"model": "bladecenter -t 3.66b",
"scope": null,
"trust": 0.9,
"vendor": "ibm",
"version": null
},
{
"model": "bladecenter advanced management module 3.66c",
"scope": null,
"trust": 0.9,
"vendor": "ibm",
"version": null
},
{
"model": "bladecenter -h 3.66b",
"scope": null,
"trust": 0.9,
"vendor": "ibm",
"version": null
},
{
"model": "bladecenter -e 3.66b",
"scope": null,
"trust": 0.9,
"vendor": "ibm",
"version": null
},
{
"model": "bladecenter advanced management module 3.66b",
"scope": null,
"trust": 0.9,
"vendor": "ibm",
"version": null
},
{
"model": "bladecenter -s 3.66c",
"scope": null,
"trust": 0.9,
"vendor": "ibm",
"version": null
},
{
"model": "bladecenter -ht 3.66c",
"scope": null,
"trust": 0.9,
"vendor": "ibm",
"version": null
},
{
"model": "bladecenter -ht 3.66b",
"scope": null,
"trust": 0.9,
"vendor": "ibm",
"version": null
},
{
"model": "bladecenter -h 3.66c",
"scope": null,
"trust": 0.9,
"vendor": "ibm",
"version": null
},
{
"model": "bladecenter -t 3.66c",
"scope": null,
"trust": 0.9,
"vendor": "ibm",
"version": null
},
{
"model": "bladecenter -e 3.66c",
"scope": null,
"trust": 0.9,
"vendor": "ibm",
"version": null
},
{
"model": "bladecenter -s 3.66b",
"scope": null,
"trust": 0.9,
"vendor": "ibm",
"version": null
},
{
"model": "bladecenter t advanced management module 3.66b",
"scope": null,
"trust": 0.6,
"vendor": "ibm",
"version": null
},
{
"model": "flex system chassis management module",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "1.50.0"
},
{
"model": "storevirtual 1tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3.3"
},
{
"model": "junos d30",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x45"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "tandberg mxp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8800"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.6"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.18"
},
{
"model": "junos 12.1x44-d33",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5600v210.1"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.0"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.6.1"
},
{
"model": "computer telephony integration object server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 12.1r",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "ace application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3690x571471.43"
},
{
"model": "junos 12.1x46-d25",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "proventia network security controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.470"
},
{
"model": "project openssl 1.0.0g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.1.3"
},
{
"model": "system type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3850x571431.43"
},
{
"model": "rational clearquest",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "8.010"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.12"
},
{
"model": "upward integration modules for vmware vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.7"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "vpn client v100r001c02spc702",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "api management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.1"
},
{
"model": "junos 12.1x44-d50",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.10"
},
{
"model": "manageone v100r002c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.1"
},
{
"model": "tivoli endpoint manager for remote control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.1"
},
{
"model": "tivoli workload scheduler distributed ga level",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.2.0"
},
{
"model": "junos r8-s2",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.2"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"model": "sa6500 ssl vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "storevirtual vsa software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "12.6"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.4"
},
{
"model": "sa700 ssl vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "tivoli netcool/system service monitor fp11",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.0"
},
{
"model": "agile controller v100r001c00spc200",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos 12.3r4.6",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2"
},
{
"model": "project openssl 1.0.0h",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "mds switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smart update manager for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.3.5"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.1"
},
{
"model": "telepresence tx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.2.2"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.1"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.211"
},
{
"model": "netcool/system service monitor fp1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "bladecenter -s",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8886"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.40"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "usg5000 v300r001c10sph201",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "tivoli endpoint manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.3"
},
{
"model": "project openssl 0.9.8y",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "asg2000 v100r001c10sph001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.20"
},
{
"model": "project openssl 1.0.0a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.0"
},
{
"model": "vsm v200r002c00spc503",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "arx",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.2"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "bladecenter -h",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8852"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "3.1.4"
},
{
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v37006.4.19"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.14"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32200"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "security access manager for web appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "s5900 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "documentum content server p05",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"model": "jabber video for telepresence",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.5"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "junos r1",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "13.2"
},
{
"model": "tivoli workload scheduler distributed fp05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"model": "tivoli workload scheduler distributed fp01",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.0"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.17"
},
{
"model": "s2750\u0026s5700\u0026s6700 v100r006",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3200"
},
{
"model": "storevirtual 3tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "ssl for openvms",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.4-453"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.02"
},
{
"model": "junos 12.1r8-s3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"model": "junos 12.1x46-d10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0.0"
},
{
"model": "automation stratix",
"scope": "ne",
"trust": 0.3,
"vendor": "rockwell",
"version": "590015.6.3"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "56001"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.5"
},
{
"model": "project openssl 0.9.8m",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "nexus series fabric extenders",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "20000"
},
{
"model": "flex system",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.1.0.9"
},
{
"model": "storevirtual 600gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.0"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3.2"
},
{
"model": "documentum content server p02",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"model": "junos r2",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.2"
},
{
"model": "8.3-release-p11",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "upward integration modules for microsoft system center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2"
},
{
"model": "dynamic system analysis",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "desktop collaboration experience dx650",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "automation stratix",
"scope": "eq",
"trust": 0.3,
"vendor": "rockwell",
"version": "59000"
},
{
"model": "advanced settings utility",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "storevirtual hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433511.5"
},
{
"model": "junos 12.1x47-d25",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "telepresence system series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "storevirtual hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.5"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.5"
},
{
"model": "storevirtual vsa software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "12.0"
},
{
"model": "telepresence ip gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 12.1r10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "smart update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3.0"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.0"
},
{
"model": "worklight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.0"
},
{
"model": "tivoli netcool/system service monitor fp13",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "tandberg mxp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7700"
},
{
"model": "junos 12.2r6",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "project openssl l",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "sa2000 ssl vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "cloudburst",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.0"
},
{
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.3.1"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.1"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50000"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.03"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.6"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.1"
},
{
"model": "toolscenter suite",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.51"
},
{
"model": "ddos secure",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "5.14.1-1"
},
{
"model": "websphere application server",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.33"
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.3"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.2"
},
{
"model": "vsm v200r002c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos 12.2r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "powervu d9190 comditional access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "storevirtual 3tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "junos 12.3r4-s3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"model": "storevirtual china hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.5"
},
{
"model": "softco v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "s2700\u0026s3700 v100r006c05+v100r06h",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "oceanstor s6800t v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.28"
},
{
"model": "storevirtual 4tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "junos 12.1x44-d25",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "telepresence mcu series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "asg2000 v100r001c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "idp 5.1r4",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "nac manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smc2.0 v100r002c01b017sp17",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "463012.6"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "junos os 12.1x46-d20",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.2r4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "upward integration modules for vmware vsphere",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.2"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "tivoli workload scheduler distributed",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89450"
},
{
"model": "icewall sso dfw",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.0"
},
{
"model": "usg2000 v300r001c10sph201",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.4"
},
{
"model": "system x3500m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "73801.42"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.4.3.0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.9"
},
{
"model": "junos 13.2x51-d20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.2"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.5"
},
{
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.2"
},
{
"model": "storevirtual 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2.6"
},
{
"model": "ecns600 v100r002c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "espace u19** v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos 12.1x44-d20.3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl 1.0.0c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.2.1"
},
{
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.4.5"
},
{
"model": "spa112 2-port phone adapter",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "universal small cell series software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70003.4.20"
},
{
"model": "oceanstor s5600t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "system dx360m2 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "73231.42"
},
{
"model": "storevirtual china hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.5"
},
{
"model": "junose",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.0"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.16"
},
{
"model": "unified communications series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"model": "junos 12.1r7-s1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos r3",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.3"
},
{
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.6.0"
},
{
"model": "tivoli management framework",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.1"
},
{
"model": "security information and event management hf11",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.3.2"
},
{
"model": "junos 12.1r5-s3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.4"
},
{
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.1"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x46"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"model": "storevirtual 3tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "aura presence services sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "3.1.12"
},
{
"model": "tivoli netcool/system service monitor fp9",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x45"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.3"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "svn2200 v200r001c01hp0001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual fc 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8v"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"model": "bladecenter -t",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8730"
},
{
"model": "usg9500 v300r001c01spc300",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.7"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.2"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1"
},
{
"model": "system x3200m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "73271.42"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "12.3"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.5"
},
{
"model": "junos 12.2x50-d70",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual 1tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "flashsystem 9840-ae1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "840"
},
{
"model": "junos 12.1x46-d20.5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual 450gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "8.4-release-p4",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "storevirtual 1tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.03"
},
{
"model": "junos 13.2x50-d15.3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "ecns610 v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos r6",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.2"
},
{
"model": "sa2500 ssl vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "junos r11",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1"
},
{
"model": "proventia network security controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.913"
},
{
"model": "oceanstor s5600t v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x47"
},
{
"model": "espace iad v300r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "telepresence server on virtual machine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.5-2"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.12"
},
{
"model": "oceanstor s5800t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.2"
},
{
"model": "oceanstor s5800t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "56002"
},
{
"model": "junos d15",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x46"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.3"
},
{
"model": "arx",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.1"
},
{
"model": "icewall sso dfw r3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.7.0"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.0.00"
},
{
"model": "flashsystem 9848-ae1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "840"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.2"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.2"
},
{
"model": "bladecenter -h",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1886"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.25"
},
{
"model": "junos 13.1r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual 3tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "tandberg mxp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9900"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.3"
},
{
"model": "d9036 modular encoding platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "tivoli netcool/system service monitor fp7",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "sterling b2b integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "icewall mcrp",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "project openssl 0.9.8s",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "77000"
},
{
"model": "telepresence serial gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "elog v100r003c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "8.4-release-p8",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2"
},
{
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.3.0"
},
{
"model": "ata series analog telephone adaptor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1900"
},
{
"model": "junos",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "13.3"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.24"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89610"
},
{
"model": "flex system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.4.1"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "storevirtual hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.5"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "prime lan management solution",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "junos 13.2x51-d25",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "3.1.1"
},
{
"model": "security zsecure visual",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "storevirtual 1tb mdl china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "ucs central",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.0"
},
{
"model": "s7700\u0026s9700 v200r003",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "1.0.6"
},
{
"model": "junos 12.1x46-d15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.1x44-d32",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "proventia network security controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1768"
},
{
"model": "nac guest server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "8.4"
},
{
"model": "unity connection",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 12.3r10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.1"
},
{
"model": "oceanstor s2200t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "icewall sso dfw r1",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.10"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.1"
},
{
"model": "spa232d multi-line dect ata",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "policy center v100r003c00spc305",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5600v19.7"
},
{
"model": "solaris",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1.20.5.0"
},
{
"model": "infosphere guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "system x3200m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "73281.42"
},
{
"model": "ios software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ios xe software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32400"
},
{
"model": "junos r4-s2",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "13.1"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "junos r1",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "13.1"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1"
},
{
"model": "storevirtual 600gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413011.5"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "storevirtual 2tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "anyconnect secure mobility client for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.8"
},
{
"model": "unified contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.13"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "video surveillance series ip camera",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40000"
},
{
"model": "anyconnect secure mobility client for desktop platforms",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.2"
},
{
"model": "junos d15",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x45"
},
{
"model": "spa510 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos d10",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x46"
},
{
"model": "junos 12.1x44-d34",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "idp 4.1r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual vsa software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.5"
},
{
"model": "storevirtual 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "usg9500 v200r001c01sph902",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos 13.1x49-d55",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "business server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "1"
},
{
"model": "prime performance manager for sps",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 4tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "system type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3850x571451.43"
},
{
"model": "junos d20",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x45"
},
{
"model": "s7700\u0026s9700 v200r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 12.2r9",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "telepresence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "87100"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.10"
},
{
"model": "sterling file gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "s3900 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "unified communications widgets click to call",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "softco v100r003",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "telepresence t series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified attendant console advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.1"
},
{
"model": "proventia network security controller 1.0.3352m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "netcool/system service monitor fp1 p14",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0-"
},
{
"model": "junos 12.2r1.3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5600v310.1"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10000"
},
{
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32100"
},
{
"model": "arx",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.4"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.4"
},
{
"model": "tivoli workload scheduler distributed",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.5-3"
},
{
"model": "jabber for ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security information and event management",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.4"
},
{
"model": "9.2-release-p4",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "junos r2",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "13.2"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.1"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2.4"
},
{
"model": "manageone v100r001c02",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.6"
},
{
"model": "storevirtual 1tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "tivoli netcool/system service monitor fp2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "s7700\u0026s9700 v100r006",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "s6900 v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ucs b-series servers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos r7",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.3"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.29"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.15"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.1"
},
{
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "junos os 11.4r12-s1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.28"
},
{
"model": "storevirtual hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.6"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.01"
},
{
"model": "universal small cell series software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50003.4.2.0"
},
{
"model": "cloudburst",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "junos 12.3r2-s3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.1r9",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "firepass",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.1"
},
{
"model": "junos 12.1x46-d20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "updatexpress system packs installer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "junos 12.2r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"model": "documentum content server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "storevirtual 4tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "77109.7"
},
{
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.4.1"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.2"
},
{
"model": "quantum policy suite",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.0"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.1"
},
{
"model": "junos d10",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x45"
},
{
"model": "tivoli netcool/system service monitor fp10",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.07"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "system x3630m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "73771.42"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.38"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "463012.0"
},
{
"model": "storevirtual china hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.6"
},
{
"model": "system dx360m2 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "73211.42"
},
{
"model": "telepresence mxp series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos os 12.1x47-d10",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.12"
},
{
"model": "os/400 v1r5m0",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.41"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"model": "junos os 12.2r9",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "telepresence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70100"
},
{
"model": "srg1200\u00262200\u00263200 v100r002c02spc800",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.2"
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"model": "junos 12.1x46-d25",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "bladecenter -s",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7779"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.19"
},
{
"model": "infosphere guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.5"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.2"
},
{
"model": "sdk for node.js",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.3"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.3"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.25"
},
{
"model": "prime data center network manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 1tb mdl china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "cc v200r001c31",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos 13.2r2-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.1r8",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "toolscenter suite",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.50"
},
{
"model": "s12700 v200r005+v200r005hp0",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.1"
},
{
"model": "oceanstor s5500t v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1.0"
},
{
"model": "software development kit",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual china hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.6"
},
{
"model": "security information and event management hf3",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.1.4"
},
{
"model": "documentum content server sp2 p13",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "icewall sso dfw r2",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0"
},
{
"model": "agent desktop for cisco unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "s2750\u0026s5700\u0026s6700 v200r005+v200r005hp0",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.4.3"
},
{
"model": "junos 12.1x46-d35",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "anyconnect secure mobility client",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.3"
},
{
"model": "documentum content server sp2 p14",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.1"
},
{
"model": "flex system enterprise chassis",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8721"
},
{
"model": "junos 12.1r1.9",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "ecns600 v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "web gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.4.2.1"
},
{
"model": "jabber voice for iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified ip conference phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"model": "project openssl 1.0.0e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "junos os 12.1x46-d25",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "8.3-release-p6",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"model": "storevirtual 450gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "junos 12.1x47-d11",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.5"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.35"
},
{
"model": "junos d25",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x46"
},
{
"model": "security manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos os 12.3r7",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.3r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"model": "storevirtual 1tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "storevirtual hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.0"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.2.0.9"
},
{
"model": "puredata system for operational analytics a1791",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "junos 13.2r6",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "dsm v100r002c05spc615",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "system x3400m2 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "78361.42"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "project openssl 0.9.8t",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "junos 12.3r3.4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "hosted collaboration mediation fulfillment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "icewall sso certd r3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.8"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "junos 13.2x50-d20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl l",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "storevirtual vsa software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "12.5"
},
{
"model": "paging server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junose",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.2.1"
},
{
"model": "ace application control engine module ace20",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v35006.4"
},
{
"model": "hyperdp oceanstor n8500 v200r001c09",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.210"
},
{
"model": "agent desktop for cisco unified contact center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11000"
},
{
"model": "junos 12.1r5.5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"model": "junos r8",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.3"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.2"
},
{
"model": "hyperdp v200r001c91spc201",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "unified attendant console",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos r5",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.2"
},
{
"model": "s3900 v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "oceanstor s5600t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 2tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "ace application control engine module ace10",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5600v110.1"
},
{
"model": "junos r2",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.3"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "smart update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3.1"
},
{
"model": "manageone v100r002c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.5"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "463011.5"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "esight-ewl v300r001c10spc300",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos r6",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.3"
},
{
"model": "sa6000 ssl vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "ave2000 v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "tivoli workload scheduler distributed fp02",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"model": "telepresence integrator c series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "rational clearquest",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.213"
},
{
"model": "upward integration modules for microsoft system center",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.1"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"model": "usg9300 v200r001c01sph902",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "anyoffice v200r002c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "digital media players series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "43000"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "13.10"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.3"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.0.0"
},
{
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v35006.4.19"
},
{
"model": "ds8870",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"model": "junos 13.2r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.2143"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.1"
},
{
"model": "usg9500 usg9500 v300r001c20",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "espace u2990 v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "telepresence isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32410"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.2.3"
},
{
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.4.0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.8"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.2"
},
{
"model": "telepresence ex series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"model": "oceanstor s6800t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "manageone v100r001c02 spc901",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "security information and event management",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.2"
},
{
"model": "tivoli monitoring",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.23"
},
{
"model": "junos 12.1x45-d20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v37006.4"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1.1"
},
{
"model": "oceanstor s2600t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "560010.1"
},
{
"model": "isoc v200r001c02spc202",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "9000"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.11"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.23"
},
{
"model": "storevirtual 2tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "ons series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154000"
},
{
"model": "flashsystem",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8400"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.2"
},
{
"model": "unified intelligent contact management enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webapp secure",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "anyconnect secure mobility client for ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"model": "9.1-release-p3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "call management system r17.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3"
},
{
"model": "aura system manager sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "junos 13.2x51-d15.5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "policy center v100r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.0"
},
{
"model": "junos 12.3r4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.3r9",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "colorqube ps",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "88704.76.0"
},
{
"model": "video surveillance 4300e/4500e high-definition ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.212"
},
{
"model": "jabber video for ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 12.1x44-d26",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "ctpos 6.6r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 13.2x52-d15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.5"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2.2"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "webex connect client for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.12"
},
{
"model": "junos 12.1x44-d20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos -d10",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x46"
},
{
"model": "junos space 13.1r1.6",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.2x50-d20.4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "system dx360m2 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "73251.42"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.13"
},
{
"model": "softco v200r001c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "junos 13.2r7",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational clearcase",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.13"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.6"
},
{
"model": "junos 12.1x46-d36",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "5.1"
},
{
"model": "junos d10",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x47"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.021"
},
{
"model": "junos r2",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "13.1"
},
{
"model": "junos 12.3r4-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.2"
},
{
"model": "nip2000\u00265000 v100r002c10hp0001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "agile controller v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "tapi service provider",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos os 13.3r1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos r5",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "13.2"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "3.1"
},
{
"model": "telepresence isdn gw mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83210"
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smc2.0 v100r002c01b017sp16",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storwize unified",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.4.32"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "junos 12.1x47-d15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.3r8.7",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "physical access gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "session border controller enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.4"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89410"
},
{
"model": "project openssl 0.9.8u",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "isoc v200r001c01spc101",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "5000"
},
{
"model": "prime network registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos os 12.1x44-d40",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.5"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3.1"
},
{
"model": "security access manager for web appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.1"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.10"
},
{
"model": "documentum content server p06",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"model": "junos 12.1r8-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl 1.0.0d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "junose",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.0.3"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6"
},
{
"model": "prime network analysis module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.029"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"model": "junos 12.3r8",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "isoc v200r001c00spc202",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "3000"
},
{
"model": "small business isa500 series integrated security appliances",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 12.3r5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.24"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.28"
},
{
"model": "storevirtual hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433511.5"
},
{
"model": "systems insight manager 7.3.0a",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"model": "9.1-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "junos 12.1x44-d51",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "idp 4.1r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.1"
},
{
"model": "usg9500 usg9500 v300r001c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "system integrated management module",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x2"
},
{
"model": "junos 13.1x49-d49",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1"
},
{
"model": "tandberg codian mse model",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83200"
},
{
"model": "uma v200r001c00spc200",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "isoc v200r001c00",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "3000"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "eupp v100r001c10spc002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.8"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "5.0"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "bladecenter -t",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8720"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.6"
},
{
"model": "junos 13.1r5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.2"
},
{
"model": "storevirtual china hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433511.5"
},
{
"model": "oceanstor s5500t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "videoscape anyres live",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.2"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.27"
},
{
"model": "junos d20",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x46"
},
{
"model": "tivoli monitoring",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.30"
},
{
"model": "storevirtual 450gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "documentum content server p07",
"scope": "ne",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"model": "wag310g wireless-g adsl2+ gateway with voip",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.4"
},
{
"model": "jabber for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified wireless ip phone series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "29200"
},
{
"model": "junos d30",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"model": "storevirtual 1tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "ida pro",
"scope": "eq",
"trust": 0.3,
"vendor": "hex ray",
"version": "6.5"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"model": "prime optical for sps",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.2"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "tivoli monitoring fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.229"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.3"
},
{
"model": "icewall sso agent option",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.02007"
},
{
"model": "junos 12.1r5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "documentum content server",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "smart call home",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.7"
},
{
"model": "junos r3",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.2"
},
{
"model": "project openssl beta5",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.0"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "system x3250m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "42511.42"
},
{
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.0"
},
{
"model": "storevirtual 3tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "ecns610 v100r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos 12.3r7",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 13.2r5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "documentum content server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.31"
},
{
"model": "bladecenter -ht",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8750"
},
{
"model": "storevirtual china hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433511.5"
},
{
"model": "junos 12.3r6",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "colorqube ps",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "85704.76.0"
},
{
"model": "junos 13.2r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "oceanstor s6800t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "56009.7"
},
{
"model": "junos d40",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"model": "project openssl 0.9.8m beta1",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.2"
},
{
"model": "project openssl 0.9.8q",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.11"
},
{
"model": "manageone v100r002c10 spc320",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.2"
},
{
"model": "svn2200 v200r001c01spc600",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "jabber software development kit",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 13.1r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1.2"
},
{
"model": "ssl for openvms",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.4-467"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "8.3"
},
{
"model": "junos 13.1r4-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 13.1r1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"model": "eupp v100r001c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2"
},
{
"model": "junos 12.1x48-d62",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "13000"
},
{
"model": "uma-db v2r1coospc101",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "security information and event management hf6",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.2.2"
},
{
"model": "project openssl 0.9.8g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "storwize",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.4.19"
},
{
"model": "telepresence exchange system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 13.1r4-s3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "usg9300 usg9300 v100r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "sterling file gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.0"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.17"
},
{
"model": "general parallel file system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.4.0"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7600-"
},
{
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.4"
},
{
"model": "espace u2990 v200r001c02",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.1"
},
{
"model": "storevirtual 3tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "9.1-release-p7",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "svn5500 v200r001c01spc600",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.2.2"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.0"
},
{
"model": "tivoli netcool/system service monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "jabber voice for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "onepk all-in-one vm",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "idp 4.2r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.1r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.31"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.40"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.7"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"model": "tivoli netcool/system service monitor fp6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "junose",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.3"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "isoc v200r001c02",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "9000"
},
{
"model": "security information and event management",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.1"
},
{
"model": "tivoli monitoring",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.22"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.5"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.12"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"model": "ddos secure",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.13"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.16"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "10"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.22"
},
{
"model": "storevirtual fc 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.03"
},
{
"model": "junos os 13.2r5-s1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "junose",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1.2"
},
{
"model": "webex messenger service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 13.1r.3-s1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.2"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.4.1.0"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"model": "junos 13.2x52-d25",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "idp series 5.1r4",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8x"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.23"
},
{
"model": "logcenter v200r003c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "telepresence supervisor mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "80500"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.4"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.4"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.02"
},
{
"model": "storevirtual 3tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "junos d25",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"model": "junos 12.1x47-d20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "flex system enterprise chassis",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7893"
},
{
"model": "s7700\u0026s9700 v200r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "application networking manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "oceanstor s2600t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5"
},
{
"model": "junos 12.1x44-d55",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.1x45-d15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "websphere application server",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.9"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.4"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.17"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "jabber for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.3"
},
{
"model": "telepresence video communication server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "3.1.10"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.3.10"
},
{
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.1"
},
{
"model": "project openssl 1.0.0f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "99710"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"model": "project openssl 0.9.8o",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "ata analog telephone adaptor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1870"
},
{
"model": "project openssl 1.0.0b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "13.1"
},
{
"model": "expressway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.6"
},
{
"model": "storevirtual 1tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "proventia network security controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1209"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.11"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.1.2"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.2"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.03"
},
{
"model": "security information and event management ga",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.4.0"
},
{
"model": "junos 11.4r12-s1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.41"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "13.2"
},
{
"model": "tsm v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.5-1"
},
{
"model": "usg9500 v300r001c20sph102",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"model": "asa cx context-aware security",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified im and presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "elog v100r003c01spc503",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3100"
},
{
"model": "s5900 v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "s6900 v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.5"
},
{
"model": "storevirtual 3tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "storevirtual fc 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "junos 12.1r11",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "fusionsphere v100r003",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "tsm v100r002c07spc219",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3"
},
{
"model": "system dx360m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "63911.42"
},
{
"model": "junos r4",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.2"
},
{
"model": "espace iad v300r002c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "documentum content server sp1 p28",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.24"
},
{
"model": "prime collaboration provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5"
},
{
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.25"
},
{
"model": "junos 12.3r6.6",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.5"
},
{
"model": "junos 13.1x50-d15.1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 13.1x50-d30",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl m",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "junos r7",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.2"
},
{
"model": "s2750\u0026s5700\u0026s6700 v200r003",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "76000"
},
{
"model": "unified series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "79000"
},
{
"model": "tivoli netcool/system service monitor fp3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "hyperdp v200r001c09spc501",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "telepresence",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "13100"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "project openssl 1.0.0k",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "junos 12.1x45-d10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "usg2000 v300r001c10spc200",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "storevirtual 600gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.5"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "10.0-stable",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.4"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.7"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"model": "os/400 v1r4m0",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "systems director editions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.2"
},
{
"model": "8.4-release-p7",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "aura utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.6"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.1"
},
{
"model": "unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.5"
},
{
"model": "junos 13.2x51-d15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.16"
},
{
"model": "svn5500 v200r001c01hp0001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "tivoli monitoring fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.235"
},
{
"model": "junos 13.2x51-d40",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "tivoli monitoring fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.302"
},
{
"model": "agent desktop for cisco unified contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "oceanstor s5500t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "telepresence profile series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "espace iad v300r001c07",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.5"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.7"
},
{
"model": "junos 13.2r8",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.1"
},
{
"model": "documentum content server sp2 p16",
"scope": "ne",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "junos 12.1x44-d15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.17"
},
{
"model": "junos 13.2x51-d25.2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "system x3550m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "79441.42"
},
{
"model": "proactive network operations center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 1tb mdl china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "junos os 13.1r4-s3",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "project openssl 0.9.8f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "ip video phone e20",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"model": "storevirtual 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "mate products",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.19"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.13"
},
{
"model": "storevirtual 4tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "junos r4",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "13.1"
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "3.1.9"
},
{
"model": "firepass",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "7.0"
},
{
"model": "srg1200\u00262200\u00263200 v100r002c02hp0001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.2"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "56000"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "junos r3",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "13.2"
},
{
"model": "junos 12.1x44-d35",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.3r11",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "jabber guest",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "s2750\u0026s5700\u0026s6700 v200r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "espace u19** v100r001c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "content security management appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3.1"
},
{
"model": "uma v200r001c00spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "junos pulse for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.3"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.4"
},
{
"model": "telepresence content server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "oceanstor s6800t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl 0.9.8w",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "junos 12.1x47-d10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "digital media players series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44000"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "flashsystem 9843-ae1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "840"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.27"
},
{
"model": "junos 13.1r3-s1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.3x48-d15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.5"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.16"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.4.2.1"
},
{
"model": "storevirtual 600gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.6"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.210"
},
{
"model": "junos 12.3r7-s1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "ips",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.9"
},
{
"model": "espace usm v100r001 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "idp series",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "storevirtual 1tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "tivoli netcool/system service monitor fp12",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "arx",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.0"
},
{
"model": "junos 12.3r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.0"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"model": "junos 12.1x48-d41",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "nexus switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "31640"
},
{
"model": "fusionsphere v100r003c10spc600",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.5"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.9"
},
{
"model": "telepresence advanced media gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "flashsystem 9846-ae1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "840"
},
{
"model": "tivoli workload scheduler distributed fp03",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6.0"
},
{
"model": "junos 12.1x46-d40",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "smc2.0 v100r002c01b025sp07",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "s2700\u0026s3700 v100r006",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl 0.9.8r",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "espace cc v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "isoc v200r001c01",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "5000"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "13.1"
},
{
"model": "arx",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.3"
},
{
"model": "junos 12.1x44-d40",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.1"
},
{
"model": "project openssl beta4",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.0"
},
{
"model": "esight-ewl v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "hyperdp oceanstor n8500 v200r001c91",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.0"
},
{
"model": "project openssl 1.0.0l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "general parallel file system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.13"
},
{
"model": "bladecenter -e",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7967"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.4.1.1"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.23"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"model": "oic v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.3"
},
{
"model": "icewall sso dfw certd",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.0"
},
{
"model": "spa300 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.0"
},
{
"model": "junos d15",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"model": "project openssl 0.9.8p",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "telepresence isdn link",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "3.0"
},
{
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.4"
},
{
"model": "storevirtual fc 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.06"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.18"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ctpos 6.6r2",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.1"
},
{
"model": "junos 12.1x44-d30.4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "virtualization experience media engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 12.2x50-d40.5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "jabber im for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos d20",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"model": "small cell factory recovery root filesystem",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.99.4"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.8"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.07"
},
{
"model": "flex system enterprise chassis",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8724"
},
{
"model": "junos r8",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.2"
},
{
"model": "storevirtual china hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.0"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.6"
},
{
"model": "rational clearcase",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "8.010"
},
{
"model": "espace vtm v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "spa122 ata with router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"model": "san volume controller",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "spa525 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "bladecenter -e",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1881"
},
{
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.5.0"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.18"
},
{
"model": "8.3-release-p8",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "junos 12.1r7",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.4.0"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.1"
},
{
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.3.1"
},
{
"model": "espace u2980 v100r001c02",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.4"
},
{
"model": "identity service engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "9.2-release-p3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.2.177"
},
{
"model": "s12700 v200r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"model": "toolscenter suite",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.41"
},
{
"model": "oceanstor s2200t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "system type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3950x571431.43"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.9"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.0"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "8.3-release-p14",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.11"
},
{
"model": "s2900 v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5600v39.7"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.2"
},
{
"model": "open source security information management",
"scope": "ne",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.10"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.6"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"model": "usg5000 v300r001c10spc200",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual china hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.9"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "tivoli remote control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.2"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.1.5.1"
},
{
"model": "junos r5",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.3"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.34"
},
{
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"model": "junos 12.1x45-d25",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.0.4"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.211"
},
{
"model": "junos 13.2r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "s5900 v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "esight v2r3c10spc201",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.3"
},
{
"model": "junos r1",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.2"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.4"
},
{
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"model": "project openssl 0.9.8l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.6"
},
{
"model": "s3900 v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "adaptive security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "anyoffice emm",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "2.6.0601.0090"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "junos 13.2x51-d26",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "ssl for openvms",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "1.4-476"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.4.2.0"
},
{
"model": "system x3400m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "73781.42"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.18"
},
{
"model": "project openssl 1.0.0i",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "junos 12.1x44-d45",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos d10",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.01"
},
{
"model": "storevirtual 1tb mdl china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "usg9500 usg9500 v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "s2750\u0026s5700\u0026s6700 v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.21"
},
{
"model": "prime network services controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "oic v100r001c00spc402",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "documentum content server",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.0"
},
{
"model": "icewall sso dfw",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0"
},
{
"model": "s7700\u0026s9700 v200r005+v200r005hp0",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"model": "business server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "1x8664"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "flex system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.1.0"
},
{
"model": "aura collaboration environment",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "1.0.4"
},
{
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1.2"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0"
},
{
"model": "vtm v100r001c30",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"model": "oceanstor s5500t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 2tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.4.1"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "99510"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"model": "espace u2980 v100r001 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.26"
},
{
"model": "cloudburst",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"model": "tivoli netcool/system service monitor fp8",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "arx",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.1.1"
},
{
"model": "project openssl 0.9.8n",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.3"
},
{
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.2"
},
{
"model": "spa500 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 12.1r6",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "firepass",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.0"
},
{
"model": "junos r4",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "13.2"
},
{
"model": "system x3250m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "42521.42"
},
{
"model": "tivoli netcool/system service monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.4.1"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.1.5.2"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.5"
},
{
"model": "junos d35",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"model": "8.4-stable",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "telepresence ip vcr series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence sx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos r4",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.3"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.37"
},
{
"model": "documentum content server sp1 p26",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "junos 12.1x44-d30",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "tivoli netcool/system service monitor fp4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "junos 12.1x45-d30",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl 1.0.0j",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "eupp v100r001c01spc101",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.211"
},
{
"model": "junos 12.1x46-d30",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.5"
},
{
"model": "screenos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "junos 13.2r4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "ecns600 v100r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.3.0"
},
{
"model": "oceanstor s2600t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ssl for openvms",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.4-471"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.9"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5600v29.7"
},
{
"model": "security information and event management",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.3"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3"
},
{
"model": "rational clearcase",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.213"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.3"
},
{
"model": "aura presence services sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "sa4000 ssl vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.3.2"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "10.0-release-p1",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "junos 12.2r7",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "ave2000 v100r001c00sph001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.19"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.2"
},
{
"model": "system x3620m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "73761.42"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "tivoli netcool/system service monitor fp5",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "documentum content server sp2 p15",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "san volume controller",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4.19"
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "junos 12.3x48-d10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.4.13"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"model": "system x3400m2 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "78371.42"
},
{
"model": "junos 12.2r8",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "bladecenter -h",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7989"
},
{
"model": "websphere application server",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.3"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.3.6"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "463012.5"
},
{
"model": "bladecenter -ht",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8740"
},
{
"model": "nac appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vpn client v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos 13.2x51-d27.2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "metro ethernet series access devices",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12000"
},
{
"model": "flex system",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.4.1.9"
},
{
"model": "prime network",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.4"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.0"
},
{
"model": "prime infrastructure",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ace application control engine appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos r3",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "13.1"
},
{
"model": "project openssl 1.0.0m",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "junos 12.1x44-d24",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "ios xr software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413011.5"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "junos r1",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.3"
},
{
"model": "nip2000\u00265000 v100r002c10spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.8.0"
},
{
"model": "sterling b2b integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "eupp v100r001c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.9"
},
{
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"model": "junos 13.1r4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.0.3"
},
{
"model": "junos d15",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x45-"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "9.2-releng",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.27"
},
{
"model": "junos 12.2x50-d50.1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "oceanstor s5800t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.33"
},
{
"model": "jabber for mac",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "unified series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "69000"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.18"
},
{
"model": "tivoli netcool/system service monitor fp1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "junos 12.2r8-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "oceanstor s5600t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.11"
},
{
"model": "bladecenter -e",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8677"
},
{
"model": "system x3400m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "73791.42"
},
{
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"model": "junos 12.1x44-d35.5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.0"
},
{
"model": "unified communications manager session management edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.5"
},
{
"model": "video surveillance ptz ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "9.1-release-p10",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "security module for cisco network registar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.7.0"
},
{
"model": "9.1-release-p11",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "project openssl 0.9.8za",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500-320"
},
{
"model": "junos 12.3x48-d20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.9"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.4"
},
{
"model": "s6900 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0.00"
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "proventia network security controller 1.0.3350m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.11"
},
{
"model": "rational clearcase",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"model": "dsm v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "telepresence mx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"model": "css series content services switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "115000"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500-370"
},
{
"model": "tivoli workload scheduler distributed fp04",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"model": "oceanstor s5800t v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.3"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.10"
},
{
"model": "web gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2.10"
},
{
"model": "icewall mcrp",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0"
},
{
"model": "project openssl m",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "rational requisitepro",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.32"
},
{
"model": "junos 13.2x51-d30",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.2"
},
{
"model": "storevirtual 450gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "8.3-release-p15",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "s7700\u0026s9700 v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "toolscenter suite",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.52"
},
{
"model": "rational clearquest",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.13"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.010"
},
{
"model": "espace usm v100r001c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "66363"
},
{
"db": "NVD",
"id": "CVE-2014-0076"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7:beta5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7:beta3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5a:beta2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7:beta6:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7l:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7:beta2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0i:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8p:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.1c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7j:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8u:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0h:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6a:beta2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8m:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6:beta3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6l:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7k:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0j:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7g:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0k:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8r:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8t:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6a:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.0.0l",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6:beta2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7m:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7:beta4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.3a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7i:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7h:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8q:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8w:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6m:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8v:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5:beta2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8y:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8x:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.2b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5a:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0g:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6a:beta3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0076"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HP",
"sources": [
{
"db": "PACKETSTORM",
"id": "127607"
},
{
"db": "PACKETSTORM",
"id": "127362"
},
{
"db": "PACKETSTORM",
"id": "127213"
},
{
"db": "PACKETSTORM",
"id": "127266"
},
{
"db": "PACKETSTORM",
"id": "127608"
},
{
"db": "PACKETSTORM",
"id": "140720"
},
{
"db": "PACKETSTORM",
"id": "127086"
},
{
"db": "PACKETSTORM",
"id": "127265"
},
{
"db": "PACKETSTORM",
"id": "128001"
}
],
"trust": 0.9
},
"cve": "CVE-2014-0076",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.4,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.4,
"id": "CVE-2014-0076",
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "LOW",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-0076",
"trust": 1.0,
"value": "LOW"
},
{
"author": "VULMON",
"id": "CVE-2014-0076",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-0076"
},
{
"db": "NVD",
"id": "CVE-2014-0076"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack. OpenSSL is prone to an information-disclosure weakness. \nAttackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n=============================================================================\nFreeBSD-SA-14:06.openssl Security Advisory\n The FreeBSD Project\n\nTopic: OpenSSL multiple vulnerabilities\n\nCategory: contrib\nModule: openssl\nAnnounced: 2014-04-08\nAffects: All supported versions of FreeBSD. \nCorrected: 2014-04-08 18:27:39 UTC (stable/10, 10.0-STABLE)\n 2014-04-08 18:27:46 UTC (releng/10.0, 10.0-RELEASE-p1)\n 2014-04-08 23:16:19 UTC (stable/9, 9.2-STABLE)\n 2014-04-08 23:16:05 UTC (releng/9.2, 9.2-RELEASE-p4)\n 2014-04-08 23:16:05 UTC (releng/9.1, 9.1-RELEASE-p11)\n 2014-04-08 23:16:19 UTC (stable/8, 8.4-STABLE)\n 2014-04-08 23:16:05 UTC (releng/8.4, 8.4-RELEASE-p8)\n 2014-04-08 23:16:05 UTC (releng/8.3, 8.3-RELEASE-p15)\nCVE Name: CVE-2014-0076, CVE-2014-0160\n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit \u003cURL:http://security.FreeBSD.org/\u003e. \n\n0. Revision History\n\nv1.0 2014-04-08 Initial release. \nv1.1 2014-04-08 Added patch applying step in Solutions section. \n\nI. Background\n\nFreeBSD includes software from the OpenSSL Project. The OpenSSL Project is\na collaborative effort to develop a robust, commercial-grade, full-featured\nOpen Source toolkit implementing the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols as well as a full-strength\ngeneral purpose cryptography library. \n\nThe Heartbeat Extension provides a new protocol for TLS/DTLS allowing the\nusage of keep-alive functionality without performing a renegotiation and a\nbasis for path MTU (PMTU) discovery for DTLS. \n\nElliptic Curve Digital Signature Algorithm (ECDSA) is a variant of the\nDigital Signature Algorithm (DSA) which uses Elliptic Curve Cryptography. \nOpenSSL uses the Montgomery Ladder Approach to compute scalar multiplication\nin a fixed amount of time, which does not leak any information through timing\nor power. \n\nII. Problem Description\n\nThe code used to handle the Heartbeat Extension does not do sufficient boundary\nchecks on record length, which allows reading beyond the actual payload. \n[CVE-2014-0160]. Affects FreeBSD 10.0 only. \n\nA flaw in the implementation of Montgomery Ladder Approach would create a\nside-channel that leaks sensitive timing information. [CVE-2014-0076]\n\nIII. Impact\n\nAn attacker who can send a specifically crafted packet to TLS server or client\nwith an established connection can reveal up to 64k of memory of the remote\nsystem. Such memory might contain sensitive information, including key\nmaterial, protected content, etc. which could be directly useful, or might\nbe leveraged to obtain elevated privileges. [CVE-2014-0160]\n\nA local attacker might be able to snoop a signing process and might recover\nthe signing key from it. [CVE-2014-0076]\n\nIV. Workaround\n\nNo workaround is available, but systems that do not use OpenSSL to implement\nthe Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1)\nprotocols implementation and do not use the ECDSA implementation from OpenSSL\nare not vulnerable. \n\nV. Solution\n\nPerform one of the following:\n\n1) Upgrade your vulnerable system to a supported FreeBSD stable or\nrelease / security branch (releng) dated after the correction date. \n\n2) To update your vulnerable system via a source code patch:\n\nThe following patches have been verified to apply to the applicable\nFreeBSD release branches. \n\na) Download the relevant patch from the location below, and verify the\ndetached PGP signature using your PGP utility. \n\n[FreeBSD 8.x and FreeBSD 9.x]\n# fetch http://security.FreeBSD.org/patches/SA-14:06/openssl.patch\n# fetch http://security.FreeBSD.org/patches/SA-14:06/openssl.patch.asc\n# gpg --verify openssl.patch.asc\n\n[FreeBSD 10.0]\n# fetch http://security.FreeBSD.org/patches/SA-14:06/openssl-10.patch\n# fetch http://security.FreeBSD.org/patches/SA-14:06/openssl-10.patch.asc\n# gpg --verify openssl-10.patch.asc\n\nb) Execute the following commands as root:\n\n# cd /usr/src\n# patch \u003c /path/to/patch\n\nRecompile the operating system using buildworld and installworld as\ndescribed in \u003cURL:http://www.FreeBSD.org/handbook/makeworld.html\u003e. \n\nRestart all deamons using the library, or reboot the system. \n\n3) To update your vulnerable system via a binary patch:\n\nSystems running a RELEASE version of FreeBSD on the i386 or amd64\nplatforms can be updated via the freebsd-update(8) utility:\n\n# freebsd-update fetch\n# freebsd-update install\n\nIMPORTANT: the update procedure above does not update OpenSSL from the\nPorts Collection or from a package, known as security/openssl, which\nhas to be updated separately via ports or package. \n\nVI. Correction details\n\nThe following list contains the correction revision numbers for each\naffected branch. \n\nBranch/path Revision\n- -------------------------------------------------------------------------\nstable/8/ r264285\nreleng/8.3/ r264284\nreleng/8.4/ r264284\nstable/9/ r264285\nreleng/9.1/ r264284\nreleng/9.2/ r264284\nstable/10/ r264266\nreleng/10.0/ r264267\n- -------------------------------------------------------------------------\n\nTo see which files were modified by a particular revision, run the\nfollowing command, replacing NNNNNN with the revision number, on a\nmachine with Subversion installed:\n\n# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base\n\nOr visit the following URL, replacing NNNNNN with the revision number:\n\n\u003cURL:http://svnweb.freebsd.org/base?view=revision\u0026revision=NNNNNN\u003e\n\nVII. References\n\n\u003cURL:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0076\u003e\n\u003cURL:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160\u003e\n\n\u003cURL:http://www.openssl.org/news/secadv_20140407.txt\u003e\n\u003cURL:http://eprint.iacr.org/2014/140.pdf\u003e\n\nThe latest revision of this advisory is available at\n\u003cURL:http://security.FreeBSD.org/advisories/FreeBSD-SA-14:06.openssl.asc\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v2.0.22 (FreeBSD)\n\niQIcBAEBCgAGBQJTRJySAAoJEO1n7NZdz2rnzPcQALd6So7vDRBaYiaGwQjc55oI\nQwTnNzkkgxVTGwi8lDV6h8bIW3Ga8AhMGoZCVOeKbDABBDghVYe6Na5e/wsHbPPu\ntXmDRhoi2aV0sVCTFfpoCNJ8l2lb+5vnmEC6Oi3PMQDbRC+Ptg15o0W/2hXw0eKO\nyu4BhS4dl6lX7IvlR1n4sr0rfa8vwxe5OpUUd6Bzw0SUBmV+BTzq1C70FuOZ/hnD\nThaZS8Ox3fcWuPylhPbhxnWqg0oVNkBpiRYpIBadrpl9EiRRzbTfF+uFvauR9tBN\n1mK8lLwd7DK6x8iCSnDd2ZlN1rNn8EPsGohT4vP+szz2E2YP1x8ugihEBdYax+Dh\nZ4TWkm3/wJwEf00G32E1hZ8F+UavE8AmnGVk6gxiRpnv2sdNJYRlWd9O8u251qMq\nuzcmBX6Jr14dQCwlqof8pYKYV7VCE/Cu4JHThOCL042CLwUmXyJVMFzm6WPQlNjC\ndlPbSG+PXjninPjcYBoMR+863X35Guv0pJBNG/ofEh+Jy5MveaMRQX/mA+wy29zm\nqg74lM07adXkJujPAuA5dYjZivpW1NPOHeIjaYjaI6KDw2q3BlkGa2C3PeYDQxn4\nIqujqpem5nyQY4BO2XC8gVtuym0jDSA98bgFXumNDkmzlUUuOFOWD8YScLopOzOu\nEpUXgezogk1Rd3EVsaJ+\n=UBO0\n-----END PGP SIGNATURE-----\n. OpenSSL Security Advisory [05 Jun 2014]\n========================================\n\nSSL/TLS MITM vulnerability (CVE-2014-0224)\n===========================================\n\nAn attacker using a carefully crafted handshake can force the use of weak\nkeying material in OpenSSL SSL/TLS clients and servers. This can be exploited\nby a Man-in-the-middle (MITM) attack where the attacker can decrypt and \nmodify traffic from the attacked client and server. \n\nThe attack can only be performed between a vulnerable client *and*\nserver. OpenSSL clients are vulnerable in all versions of OpenSSL. Servers\nare only known to be vulnerable in OpenSSL 1.0.1 and 1.0.2-beta1. Users\nof OpenSSL servers earlier than 1.0.1 are advised to upgrade as a precaution. \n\nOpenSSL 0.9.8 SSL/TLS users (client and/or server) should upgrade to 0.9.8za. \nOpenSSL 1.0.0 SSL/TLS users (client and/or server) should upgrade to 1.0.0m. \nOpenSSL 1.0.1 SSL/TLS users (client and/or server) should upgrade to 1.0.1h. \n\nThanks to KIKUCHI Masashi (Lepidum Co. Ltd.) for discovering and\nresearching this issue. This issue was reported to OpenSSL on 1st May\n2014 via JPCERT/CC. \n\nThe fix was developed by Stephen Henson of the OpenSSL core team partly based\non an original patch from KIKUCHI Masashi. \n\nDTLS recursion flaw (CVE-2014-0221)\n====================================\n\nBy sending an invalid DTLS handshake to an OpenSSL DTLS client the code\ncan be made to recurse eventually crashing in a DoS attack. \n\nOnly applications using OpenSSL as a DTLS client are affected. \n\nOpenSSL 0.9.8 DTLS users should upgrade to 0.9.8za\nOpenSSL 1.0.0 DTLS users should upgrade to 1.0.0m. \nOpenSSL 1.0.1 DTLS users should upgrade to 1.0.1h. \n\nThanks to Imre Rad (Search-Lab Ltd.) for discovering this issue. This\nissue was reported to OpenSSL on 9th May 2014. \n\nThe fix was developed by Stephen Henson of the OpenSSL core team. \n\nDTLS invalid fragment vulnerability (CVE-2014-0195)\n====================================================\n\nA buffer overrun attack can be triggered by sending invalid DTLS fragments\nto an OpenSSL DTLS client or server. This is potentially exploitable to\nrun arbitrary code on a vulnerable client or server. \n\nOnly applications using OpenSSL as a DTLS client or server affected. \n\nOpenSSL 0.9.8 DTLS users should upgrade to 0.9.8za\nOpenSSL 1.0.0 DTLS users should upgrade to 1.0.0m. \nOpenSSL 1.0.1 DTLS users should upgrade to 1.0.1h. \n\nThanks to J\u00fcri Aedla for reporting this issue. This issue was\nreported to OpenSSL on 23rd April 2014 via HP ZDI. \n\nThe fix was developed by Stephen Henson of the OpenSSL core team. \n\nSSL_MODE_RELEASE_BUFFERS NULL pointer dereference (CVE-2014-0198)\n=================================================================\n\nA flaw in the do_ssl3_write function can allow remote attackers to\ncause a denial of service via a NULL pointer dereference. This flaw\nonly affects OpenSSL 1.0.0 and 1.0.1 where SSL_MODE_RELEASE_BUFFERS is\nenabled, which is not the default and not common. \n\nOpenSSL 1.0.0 users should upgrade to 1.0.0m. \nOpenSSL 1.0.1 users should upgrade to 1.0.1h. \n\nThis issue was reported in public. The fix was developed by\nMatt Caswell of the OpenSSL development team. \n\nSSL_MODE_RELEASE_BUFFERS session injection or denial of service (CVE-2010-5298)\n===============================================================================\n \nA race condition in the ssl3_read_bytes function can allow remote\nattackers to inject data across sessions or cause a denial of service. \nThis flaw only affects multithreaded applications using OpenSSL 1.0.0\nand 1.0.1, where SSL_MODE_RELEASE_BUFFERS is enabled, which is not the\ndefault and not common. \n\nOpenSSL 1.0.0 users should upgrade to 1.0.0m. \nOpenSSL 1.0.1 users should upgrade to 1.0.1h. \n\nThis issue was reported in public. \n\nAnonymous ECDH denial of service (CVE-2014-3470)\n================================================\n\nOpenSSL TLS clients enabling anonymous ECDH ciphersuites are subject to a\ndenial of service attack. \n\nOpenSSL 0.9.8 users should upgrade to 0.9.8za\nOpenSSL 1.0.0 users should upgrade to 1.0.0m. \nOpenSSL 1.0.1 users should upgrade to 1.0.1h. \n\nThanks to Felix Gr\u00f6bert and Ivan Fratri\u0107 at Google for discovering this\nissue. This issue was reported to OpenSSL on 28th May 2014. \n\nThe fix was developed by Stephen Henson of the OpenSSL core team. \n\nOther issues\n============\n\nOpenSSL 1.0.0m and OpenSSL 0.9.8za also contain a fix for\nCVE-2014-0076: Fix for the attack described in the paper \"Recovering\nOpenSSL ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack\"\nReported by Yuval Yarom and Naomi Benger. This issue was previously\nfixed in OpenSSL 1.0.1g. \n\n\nReferences\n==========\n\nURL for this Security Advisory:\nhttp://www.openssl.org/news/secadv_20140605.txt\n\nNote: the online version of the advisory may be updated with additional\ndetails over time. The following\nCommon Vulnerabilities and Exposures project ids identify them:\n\nCVE-2010-5298\n\n A read buffer can be freed even when it still contains data that is\nused later on, leading to a use-after-free. \n\nCVE-2014-0076\n\n ECDSA nonces can be recovered through the Yarom/Benger FLUSH+RELOAD\ncache side-channel attack. \n\nA third issue, with no CVE id, is the missing detection of the\n\"critical\" flag for the TSA extended key usage under certain cases. \n\n\nAdditionally, this update checks for more services that might need to\nbe restarted after upgrades of libssl, corrects the detection of\napache2 and postgresql, and adds support for the\n\u0027libraries/restart-without-asking\u0027 debconf configuration. This allows\nservices to be restarted on upgrade without prompting. \n\n\nThe oldstable distribution (squeeze) is not affected by CVE-2010-5298\nand it might be updated at a later time to address the remaining\nvulnerabilities. \n\nFor the testing distribution (jessie), these problems will be fixed\nsoon. The\nupdates are available from the following location using ftp:\n\nftp://srt03046:Secure12@ftp.usa.hp.com\n\nUser name: srt03046\nPassword: Secure12 ( NOTE: Case sensitive)\n\nHP-UX Release\n HP-UX OpenSSL version\n\nB.11.11 (11i v1)\n A.00.09.08za.001_HP-UX_B.11.11_32+64.depot\n\nB.11.23 (11i v2)\n A.00.09.08za.002_HP-UX_B.11.23_IA-PA.depot\n\nB.11.31 (11i v3)\n A.00.09.08za.003_HP-UX_B.11.31_IA-PA.depot\n\nMANUAL ACTIONS: Yes - Update\n\nInstall OpenSSL A.00.09.08za or subsequent\n\nPRODUCT SPECIFIC INFORMATION\n\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application\nthat replaces HP-UX Security Patch Check. It analyzes all Security Bulletins\nissued by HP and lists recommended actions that may apply to a specific HP-UX\nsystem. It can also download patches and create a depot automatically. For\nmore information see: https://www.hp.com/go/swa\n\nThe following text is for use by the HP-UX Software Assistant. \n \n The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before\n 1.0.1g do not properly handle Heartbeat Extension packets, which allows\n remote attackers to obtain sensitive information from process memory\n via crafted packets that trigger a buffer over-read, as demonstrated\n by reading private keys, related to d1_both.c and t1_lib.c, aka the\n Heartbleed bug (CVE-2014-0160). \n \n The dtls1_reassemble_fragment function in d1_both.c in OpenSSL\n before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does\n not properly validate fragment lengths in DTLS ClientHello messages,\n which allows remote attackers to execute arbitrary code or cause a\n denial of service (buffer overflow and application crash) via a long\n non-initial fragment (CVE-2014-0195). \n \n OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before\n 1.0.1h does not properly restrict processing of ChangeCipherSpec\n messages, which allows man-in-the-middle attackers to trigger use of a\n zero-length master key in certain OpenSSL-to-OpenSSL communications,\n and consequently hijack sessions or obtain sensitive information,\n via a crafted TLS handshake, aka the CCS Injection vulnerability\n (CVE-2014-0224). \n \n The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other\n products, uses nondeterministic CBC padding, which makes it easier\n for man-in-the-middle attackers to obtain cleartext data via a\n padding-oracle attack, aka the POODLE issue (CVE-2014-3566). \n \n The BN_sqr implementation in OpenSSL before 0.9.8zd, 1.0.0 before\n 1.0.0p, and 1.0.1 before 1.0.1k does not properly calculate the square\n of a BIGNUM value, which might make it easier for remote attackers to\n defeat cryptographic protection mechanisms via unspecified vectors,\n related to crypto/bn/asm/mips.pl, crypto/bn/asm/x86_64-gcc.c, and\n crypto/bn/bn_asm.c (CVE-2014-3570). \n \n The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before\n 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote\n SSL servers to conduct ECDHE-to-ECDH downgrade attacks and trigger\n a loss of forward secrecy by omitting the ServerKeyExchange message\n (CVE-2014-3572). \n \n OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k\n does not enforce certain constraints on certificate data, which allows\n remote attackers to defeat a fingerprint-based certificate-blacklist\n protection mechanism by including crafted data within a\n certificate\u0026#039;s unsigned portion, related to crypto/asn1/a_verify.c,\n crypto/dsa/dsa_asn1.c, crypto/ecdsa/ecs_vrf.c, and crypto/x509/x_all.c\n (CVE-2014-8275). \n \n The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before\n 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL\n servers to conduct RSA-to-EXPORT_RSA downgrade attacks and facilitate\n brute-force decryption by offering a weak ephemeral RSA key in a\n noncompliant role, related to the FREAK issue. NOTE: the scope of\n this CVE is only client code based on OpenSSL, not EXPORT_RSA issues\n associated with servers or other TLS implementations (CVE-2015-0204). \n \n The ssl3_get_cert_verify function in s3_srvr.c in OpenSSL 1.0.0 before\n 1.0.0p and 1.0.1 before 1.0.1k accepts client authentication with a\n Diffie-Hellman (DH) certificate without requiring a CertificateVerify\n message, which allows remote attackers to obtain access without\n knowledge of a private key via crafted TLS Handshake Protocol traffic\n to a server that recognizes a Certification Authority with DH support\n (CVE-2015-0205). \n \n Use-after-free vulnerability in the d2i_ECPrivateKey function in\n crypto/ec/ec_asn1.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r,\n 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a might allow remote\n attackers to cause a denial of service (memory corruption and\n application crash) or possibly have unspecified other impact via a\n malformed Elliptic Curve (EC) private-key file that is improperly\n handled during import (CVE-2015-0209). \n \n The PKCS#7 implementation in OpenSSL before 0.9.8zf, 1.0.0 before\n 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not\n properly handle a lack of outer ContentInfo, which allows attackers to\n cause a denial of service (NULL pointer dereference and application\n crash) by leveraging an application that processes arbitrary PKCS#7\n data and providing malformed data with ASN.1 encoding, related to\n crypto/pkcs7/pk7_doit.c and crypto/pkcs7/pk7_lib.c (CVE-2015-0289). \n \n The updated packages have been upgraded to the 1.0.1m version where\n these security flaws has been fixed. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5298\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0076\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0195\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0198\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0221\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3513\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3569\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3570\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3571\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3572\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8275\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0206\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0209\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0286\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0287\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0288\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0289\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0293\n http://openssl.org/news/secadv_20150108.txt\n http://openssl.org/news/secadv_20150319.txt\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Business Server 2/X86_64:\n 324a85f7e1165ab02881e44dbddaf599 mbs2/x86_64/lib64openssl1.0.0-1.0.1m-1.mbs2.x86_64.rpm\n 9c0bfb6ebd43cb6d81872abf71b4f85f mbs2/x86_64/lib64openssl-devel-1.0.1m-1.mbs2.x86_64.rpm\n 58df54e72ca7270210c7d8dd23df402b mbs2/x86_64/lib64openssl-engines1.0.0-1.0.1m-1.mbs2.x86_64.rpm\n b5313ffb5baaa65aea05eb05486d309a mbs2/x86_64/lib64openssl-static-devel-1.0.1m-1.mbs2.x86_64.rpm\n a9890ce4c33630cb9e00f3b2910dd784 mbs2/x86_64/openssl-1.0.1m-1.mbs2.x86_64.rpm \n 521297a5fe26e2de0c1222d8d03382d1 mbs2/SRPMS/openssl-1.0.1m-1.mbs2.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. \n\nHP Systems Insight Manager v7.3 Hotfix kit\nHP Systems Insight Manager v7.2 Hotfix kit (The HP Systems Insight Manager\nv7.2 Hotfix kit is currently unavailable, but will be released at a later\ndate. \n\nhttp://h18013.www1.hp.com/products/servers/management/hpsim/download.html\n\nNOTE: No reboot of the system is required after applying the HP SIM Hotfix\nkit. \nHP System Management Homepage versions 7.3.2 and earlier for Linux and\nWindows. HP System Management Homepage v7.2.4.1 is available for\nWindows 2003 only. \n\nHP System Management Homepage v7.2.4.1 for Windows x86:\nhttp://www.hp.com/swpublishing/MTX-d775367b0a28449ca05660778b\nftp://ftp.hp.com/pub/softlib2/software1/sc-windows/p11160892/v98702\n\nHP System Management Homepage v7.2.4.1 for Windows x64:\nhttp://www.hp.com/swpublishing/MTX-3a7aa5e233904ebe847a5e1555\nftp://ftp.hp.com/pub/softlib2/software1/sc-windows/p221526337/v98704\n\nHP System Management Homepage v7.3.3.1 for Windows x86:\nhttp://www.hp.com/swpublishing/MTX-3395d737d98f42149125b9bb05\nftp://ftp.hp.com/pub/softlib2/software1/sc-windows/p11160892/v98696\n\nHP System Management Homepage v7.3.3.1 for Windows x64:\nhttp://www.hp.com/swpublishing/MTX-e8076c2a35804685ad65b2b1ba\nftp://ftp.hp.com/pub/softlib2/software1/sc-windows/p221526337/v98698\n\nHP System Management Homepage v7.3.3.1 for Linux x86:\nhttp://www.hp.com/swpublishing/MTX-511c3e0b2f6f4f6bbc796fc619\nftp://ftp.hp.com/pub/softlib2/software1/pubsw-linux/p1980463820/v98694\n\nHP System Management Homepage v7.3.3.1 for Linux x64:\nhttp://www.hp.com/swpublishing/MTX-bd9a1cf60e344c549c4888db93\nftp://ftp.hp.com/pub/softlib2/software1/pubsw-linux/p1507410135/v98693\n\nNOTE: HP System Management Homepage v7.3.3.1 for Linux x86 still contains\nOpenSSL v1.0.0d. As long as all other products which SMH V7.3.3.1 for Linux\nx86 communicates with have been upgraded to the latest versions, it will not\nbe vulnerable to the exploits described in CVE-2014-0224. \n\nRelease Date: 2014-07-23\nLast Updated: 2014-07-23\n\nPotential Security Impact: Remote denial of service (DoS), code execution,\nunauthorized access, disclosure of information\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with HP Insight\nControl server migration running on Linux and Windows which could be\nexploited remotely resulting in denial of service (DoS), code execution,\nunauthorized access, or disclosure of information. \n\nReferences:\n\nCVE-2010-5298 Remote Denial of Service\nCVE-2014-0076 Unauthorized Disclosure of Information\nCVE-2014-0195 Remote Unauthorized Access\nCVE-2014-0198 Remote Denial of Service\nCVE-2014-0221 Remote Denial of Service (DoS)\nCVE-2014-0224 Remote Unauthorized Access or Disclosure of Information\nCVE-2014-3470 Remote Code Execution or Unauthorized Access\nSSRT101647\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP Insight Control server migration v7.2.2, v7.3, v7.3.1, and v7.3.2\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2010-5298 (AV:N/AC:H/Au:N/C:N/I:P/A:P) 4.0\nCVE-2014-0076 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\nCVE-2014-0195 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2014-0198 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2014-0221 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2014-0224 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2014-3470 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has provided the following updates to v7.3.2 of HP Insight Control server\nmigration to resolve these vulnerabilities by upgrading to version 7.3.3. \nPlease note that version 7.3.3 of HP Insight Control server migration is\nincluded on the HP Insight Management 7.3 Update 2 DVD. \n\nHP has provided the installation binaries for download from the following web\nsite by using the Receive for free option:\n\nhttp://h18013.www1.hp.com/products/servers/management/fpdownload.html\n\nCustomers using HP Insight Control server migration v7.2.2 must first upgrade\nfrom v7.2.2 to v7.3 by using the HP Insight Management v7.3 DVD, and then\nupgrade to v7.3.3 by using the HP Insight Management v7.3 Update 2 DVD. \n\nCustomers running HP Insight Control server migration v7.3, v7.3.1, or\nv7.3.2, can use the HP Insight Control server migration v7.3 Update 2 DVD to\ncomplete the upgrade. \n\nFor more information on the upgrade process, please refer to the HP Insight\nManagement Installation and Upgrade Guide and Release notes, which are\navailable at the following location:\n\nhttp://h17007.www1.hp.com/us/en/enterprise/servers/solutions/info-library/ind\nex.aspx?cat=insightmanagement\n\nNOTE: The upgrade paths described above update the entire HP Insight Control\nsoftware stack. To upgrade HP Insight Control server migration only, complete\nthe following steps:\n\nCopy \"hpsmp.exe\" to the local machine from the HP Insight Management v7.3.0\nUpdate 2 DVD ISO. Create batch file with the following commands:\n@echo off\nhpsmp.exe /verysilent /SVCPATCH=Install_Through_Patch\nCopy the batch file to the folder where \"hpsmp.exe\" normally resides on the\ntarget system. \nDouble click on the batch file. \nThe HP Insight Control server migration installation starts in a command\nprompt. \nThe command prompt closes when the installation finishes. \nAfter the installation completes it creates a log file (ICmigr.log) and an\noutput file (ICmigroutput.xml) on the target system. \nDo not close or click on the command prompt while the process is completing. \nDo not run the command prompt in the background. \n\nHISTORY\nVersion:1 (rev.1) - 23 July 2014 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2014 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nAPPLE-SA-2014-09-17-3 OS X Mavericks 10.9.5 and Security Update\n2014-004\n\nOS X Mavericks 10.9.5 and Security Update 2014-004 are now available\nand address the following:\n\napache_mod_php\nAvailable for: OS X Mavericks 10.9 to 10.9.4\nImpact: Multiple vulnerabilities in PHP 5.4.24\nDescription: Multiple vulnerabilities existed in PHP 5.4.24, the\nmost serious of which may have led to arbitrary code execution. This\nupdate addresses the issues by updating PHP to version 5.4.30\nCVE-ID\nCVE-2013-7345\nCVE-2014-0185\nCVE-2014-0207\nCVE-2014-0237\nCVE-2014-0238\nCVE-2014-1943\nCVE-2014-2270\nCVE-2014-3478\nCVE-2014-3479\nCVE-2014-3480\nCVE-2014-3487\nCVE-2014-3515\nCVE-2014-3981\nCVE-2014-4049\n\nBluetooth\nAvailable for: OS X Mavericks 10.9 to 10.9.4\nImpact: A malicious application may be able to execute arbitrary\ncode with system privileges\nDescription: A validation issue existed in the handling of a\nBluetooth API call. This issue was addressed through improved bounds\nchecking. \nCVE-ID\nCVE-2014-4390 : Ian Beer of Google Project Zero\n\nCoreGraphics\nAvailable for: OS X Mavericks 10.9 to 10.9.4\nImpact: Opening a maliciously crafted PDF file may lead to an\nunexpected application termination or an information disclosure\nDescription: An out of bounds memory read existed in the handling of\nPDF files. This issue was addressed through improved bounds checking. \nCVE-ID\nCVE-2014-4378 : Felipe Andres Manzano of Binamuse VRT working with\nthe iSIGHT Partners GVP Program\n\nCoreGraphics\nAvailable for: OS X Lion v10.7.5, OS X Lion Server v10.7.5,\nOS X Mountain Lion v10.8.5, OS X Mavericks 10.9 to 10.9.4\nImpact: Opening a maliciously crafted PDF file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: An integer overflow existed in the handling of PDF\nfiles. This issue was addressed through improved bounds checking. \nCVE-ID\nCVE-2014-4377 : Felipe Andres Manzano of Binamuse VRT working with\nthe iSIGHT Partners GVP Program\n\nFoundation\nAvailable for: OS X Mavericks 10.9 to 10.9.4\nImpact: An application using NSXMLParser may be misused to disclose\ninformation\nDescription: An XML External Entity issue existed in NSXMLParser\u0027s\nhandling of XML. This issue was addressed by not loading external\nentities across origins. \nCVE-ID\nCVE-2014-4374 : George Gal of VSR (http://www.vsecurity.com/)\n\nIntel Graphics Driver\nAvailable for: OS X Mountain Lion v10.8.5,\nOS X Mavericks 10.9 to 10.9.4\nImpact: Compiling untrusted GLSL shaders may lead to an unexpected\napplication termination or arbitrary code execution\nDescription: A user-space buffer overflow existed in the shader\ncompiler. This issue was addressed through improved bounds checking. \nCVE-ID\nCVE-2014-4393 : Apple\n\nIntel Graphics Driver\nAvailable for: OS X Mountain Lion v10.8.5,\nOS X Mavericks 10.9 to 10.9.4\nImpact: A malicious application may be able to execute arbitrary\ncode with system privileges\nDescription: Multiple validation issues existed in some integrated\ngraphics driver routines. These issues were addressed through\nimproved bounds checking. \nCVE-ID\nCVE-2014-4394 : Ian Beer of Google Project Zero\nCVE-2014-4395 : Ian Beer of Google Project Zero\nCVE-2014-4396 : Ian Beer of Google Project Zero\nCVE-2014-4397 : Ian Beer of Google Project Zero\nCVE-2014-4398 : Ian Beer of Google Project Zero\nCVE-2014-4399 : Ian Beer of Google Project Zero\nCVE-2014-4400 : Ian Beer of Google Project Zero\nCVE-2014-4401 : Ian Beer of Google Project Zero\nCVE-2014-4416 : Ian Beer of Google Project Zero\n\nIOAcceleratorFamily\nAvailable for: OS X Mountain Lion v10.8.5,\nOS X Mavericks 10.9 to 10.9.4\nImpact: A malicious application may be able to execute arbitrary\ncode with system privileges\nDescription: A null pointer dereference existed in the handling of\nIOKit API arguments. This issue was addressed through improved\nvalidation of IOKit API arguments. \nCVE-ID\nCVE-2014-4376 : Ian Beer of Google Project Zero\n\nIOAcceleratorFamily\nAvailable for: OS X Mavericks 10.9 to 10.9.4\nImpact: A malicious application may be able to execute arbitrary\ncode with system privileges\nDescription: An out-of-bounds read issue existed in the handling of\nan IOAcceleratorFamily function. This issue was addressed through\nimproved bounds checking. \nCVE-ID\nCVE-2014-4402 : Ian Beer of Google Project Zero\n\nIOHIDFamily\nAvailable for: OS X Mountain Lion v10.8.5,\nOS X Mavericks 10.9 to 10.9.4\nImpact: A local user can read kernel pointers, which can be used to\nbypass kernel address space layout randomization\nDescription: An out-of-bounds read issue existed in the handling of\nan IOHIDFamily function. This issue was addressed through improved\nbounds checking. \nCVE-ID\nCVE-2014-4379 : Ian Beer of Google Project Zero\n\nIOKit\nAvailable for: OS X Mountain Lion v10.8.5,\nOS X Mavericks 10.9 to 10.9.4\nImpact: A malicious application may be able to execute arbitrary\ncode with system privileges\nDescription: A validation issue existed in the handling of certain\nmetadata fields of IODataQueue objects. This issue was addressed\nthrough improved validation of metadata. \nCVE-ID\nCVE-2014-4388 : @PanguTeam\n\nIOKit\nAvailable for: OS X Mountain Lion v10.8.5,\nOS X Mavericks 10.9 to 10.9.4\nImpact: A malicious application may be able to execute arbitrary\ncode with system privileges\nDescription: An integer overflow existed in the handling of IOKit\nfunctions. This issue was addressed through improved bounds checking. \nCVE-ID\nCVE-2014-4389 : Ian Beer of Google Project Zero\n\nKernel\nAvailable for: OS X Mavericks 10.9 to 10.9.4\nImpact: A local user can infer kernel addresses and bypass kernel\naddress space layout randomization\nDescription: In some cases, the CPU Global Descriptor Table was\nallocated at a predictable address. This issue was addressed through\nalways allocating the Global Descriptor Table at random addresses. \nCVE-ID\nCVE-2014-4403 : Ian Beer of Google Project Zero\n\nLibnotify\nAvailable for: OS X Mountain Lion v10.8.5,\nOS X Mavericks 10.9 to 10.9.4\nImpact: A malicious application may be able to execute arbitrary\ncode with root privileges\nDescription: An out-of-bounds write issue existed in Libnotify. This\nissue was addressed through improved bounds checking\nCVE-ID\nCVE-2014-4381 : Ian Beer of Google Project Zero\n\nOpenSSL\nAvailable for: OS X Lion v10.7.5, OS X Lion Server v10.7.5,\nOS X Mountain Lion v10.8.5, OS X Mavericks 10.9 to 10.9.4\nImpact: Multiple vulnerabilities in OpenSSL 0.9.8y, including one\nthat may lead to arbitrary code execution\nDescription: Multiple vulnerabilities existed in OpenSSL 0.9.8y. \nThis update was addressed by updating OpenSSL to version 0.9.8za. \nCVE-ID\nCVE-2014-0076\nCVE-2014-0195\nCVE-2014-0221\nCVE-2014-0224\nCVE-2014-3470\n\nQT Media Foundation\nAvailable for: OS X Lion v10.7.5, OS X Lion Server v10.7.5,\nOS X Mountain Lion v10.8.5, OS X Mavericks 10.9 to 10.9.4\nImpact: Playing a maliciously crafted movie file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A memory corruption issue existed in the handling of\nRLE encoded movie files. This issue was addressed through improved\nbounds checking. \nCVE-ID\nCVE-2014-1391 : Fernando Munoz working with iDefense VCP, Tom\nGallagher \u0026 Paul Bates working with HP\u0027s Zero Day Initiative\n\nQT Media Foundation\nAvailable for: OS X Lion v10.7.5, OS X Lion Server v10.7.5,\nOS X Mountain Lion v10.8.5, OS X Mavericks 10.9 to 10.9.4\nImpact: Playing a maliciously crafted MIDI file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A buffer overflow existed in the handling of MIDI\nfiles. This issue was addressed through improved bounds checking. \nCVE-ID\nCVE-2014-4350 : s3tm3m working with HP\u0027s Zero Day Initiative\n\nQT Media Foundation\nAvailable for: OS X Lion v10.7.5, OS X Lion Server v10.7.5,\nOS X Mountain Lion v10.8.5, OS X Mavericks 10.9 to 10.9.4\nImpact: Playing a maliciously crafted movie file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A memory corruption issue existed in the handling of\nthe \u0027mvhd\u0027 atoms. This issue was addressed through improved bounds\nchecking. \nCVE-ID\nCVE-2014-4979 : Andrea Micalizzi aka rgod working with HP\u0027s Zero Day\nInitiative\n\nruby\nAvailable for: OS X Mavericks 10.9 to 10.9.4\nImpact: A remote attacker may be able to cause arbitrary code\nexecution\nDescription: A heap buffer overflow existed in LibYAML\u0027s handling of\npercent-encoded characters in a URI. This issue was addressed through\nimproved bounds checking. This update addresses the issues by\nupdating LibYAML to version 0.1.6\nCVE-ID\nCVE-2014-2525\n\n\nNote: OS X Mavericks 10.9.5 includes the security content of\nSafari 7.0.6: http://support.apple.com/kb/HT6367\n\nOS X Mavericks v10.9.5 and Security Update 2014-004 may be obtained\nfrom the Mac App Store or Apple\u0027s Software Downloads web site:\nhttp://www.apple.com/support/downloads/\n\nInformation will also be posted to the Apple Security Updates\nweb site: http://support.apple.com/kb/HT1222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG/MacGPG2 v2.0.22 (Darwin)\nComment: GPGTools - http://gpgtools.org\n\niQIcBAEBAgAGBQJUGkP0AAoJEBcWfLTuOo7tygQP/1vHYXtWy6492Tjj6ycymWa+\nCt0eCCBU/AUi5ODNDeV9ddWkuFeXKbgQSHoPU19IPcIBAKnYUupVJSJ/cEHfSthh\nCiROjJw8Bt8comn04BgggHieLveN1xQCXQDcO29kBIpQr394XKS0lNXP//Z0oG5V\nsCnEDPz/0R92mwT5XkKD9WC7G/WjybS5V7BjEbdzDOn4qdTVje05xI5pof+fkeQ1\nhFHo7uTCDkSzLH2YxrQHifNVyItz8AgnNHwH7zc6XmNtiNFkiFP/KU6BYyr8WiTQ\nJb3pyLB/Xvmbd0kuETnDNvV0oJc88G38a++xZPnuM7zQrW/TQkkKQpiqKtYAiJuw\nZhUoky620/7HULegcYtsTyuDFyEN6whdSmHLFCJzk2oZXZ7MPA8ywCFB8Y79rohW\n5MTe/zVUSxxYBgVXpkmhPwXYSTINeUJGJA1RQtXhC2Hh6O2jeqJP2H0hTmgsCBRA\n3X/2CGoyAAgoKTJwgXk07tBbJWf+wQwAvUN9L1Yph+uOvvUzqFt8LNEGw9jVPsZl\nQHcSEW/Ef/HK/OLwVZiPqse6lRJAdRZl5//vm4408jnXfJCy6KnvxcsO4Z1yTyoP\nkCXdWlSLBiidcRRWBfoQBSC3gANcx9a56ItWieEvJrdNOiyhb+gqEk7XraOlb/gf\nk4w2RKNm0Fv+kdNoFAnd\n=gpVc\n-----END PGP SIGNATURE-----\n\n. These vulnerabilities include: \n\n* The SSLv3 vulnerability known as \"Padding Oracle on Downgraded Legacy\nEncryption\" also known as \"POODLE\", which could be exploited remotely\nresulting in disclosure of information. \n\n - HP StoreVirtual VSA Software 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4130 600GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4130 600GB China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 1TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 450GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 1TB MDL China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 450GB China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 900GB China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 FC 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 FC 900GB China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 2TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 3TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 450GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 600GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4630 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4730 600GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4730 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4730 FC 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 450GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 900GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 1TB MDL SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 3TB MDL SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 450GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4335 China Hybrid Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4335 Hybrid Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 4TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4130 600GB China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4130 600GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 1TB MDL China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 1TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 1TB MDL SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 450GB China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 450GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 450GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 900GB China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 900GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 FC 900GB China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 FC 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4335 China Hybrid SAN Solution 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4335 China Hybrid Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4335 Hybrid SAN Solution 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4335 Hybrid Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 2TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 3TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 3TB MDL SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 450GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 450GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 4TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 600GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 600GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4630 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4730 600GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4730 600GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4730 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4730 900GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4730 FC 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n\nBACKGROUND\n\n CVSS Base Metrics\n =================\n Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector\n\n CVE-2010-5298\n 4.8 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L\n 4.0 (AV:N/AC:H/Au:N/C:N/I:P/A:P)\n\n CVE-2014-0076\n 4.0 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\n 1.9 (AV:L/AC:M/Au:N/C:P/I:N/A:N)\n\n CVE-2014-0195\n 7.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L\n 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n\n CVE-2014-0198\n 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\n 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)\n\n CVE-2014-0221\n 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\n 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)\n\n CVE-2014-0224\n 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L\n 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n\n CVE-2014-3470\n 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\n 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)\n\n CVE-2014-3566\n 3.1 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N\n 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n CVE-2016-0705\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n Information on CVSS is documented in\n HPE Customer Notice HPSN-2008-002 here:\n\nhttps://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499\n\nRESOLUTION\n\nHPE recommends applying the following software updates to resolve the\nvulnerabilities in the impacted versions of HPE StoreVirtual products running\nHPE LeftHand OS. \n\nLeftHand OS v11.5 - Patches 45019-00 and 45020 \nLeftHand OS v12.0 - Patches 50016-00 and 50017-00 \nLeftHand OS v12.5 - Patch 55016-00 \nLeftHand OS v12.6 - Patch 56002-00 \n\n**Notes:**\n\nThese patches enable TLSv1.2 protocol and upgrades the OpenSSL RPM revision\nto OpenSSL v1.0.1e 48. \nThese patches migrate Certificate Authority Hashing Algorithm from a weak\nhashing algorithm SHA1 to the stronger hashing algorithm SHA256",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0076"
},
{
"db": "BID",
"id": "66363"
},
{
"db": "PACKETSTORM",
"id": "126087"
},
{
"db": "PACKETSTORM",
"id": "126097"
},
{
"db": "PACKETSTORM",
"id": "128001"
},
{
"db": "PACKETSTORM",
"id": "127265"
},
{
"db": "PACKETSTORM",
"id": "126961"
},
{
"db": "PACKETSTORM",
"id": "126228"
},
{
"db": "PACKETSTORM",
"id": "127086"
},
{
"db": "VULMON",
"id": "CVE-2014-0076"
},
{
"db": "PACKETSTORM",
"id": "131044"
},
{
"db": "PACKETSTORM",
"id": "127608"
},
{
"db": "PACKETSTORM",
"id": "127266"
},
{
"db": "PACKETSTORM",
"id": "127213"
},
{
"db": "PACKETSTORM",
"id": "127362"
},
{
"db": "PACKETSTORM",
"id": "127607"
},
{
"db": "PACKETSTORM",
"id": "128315"
},
{
"db": "PACKETSTORM",
"id": "140720"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-0076",
"trust": 2.9
},
{
"db": "BID",
"id": "66363",
"trust": 1.4
},
{
"db": "JUNIPER",
"id": "JSA10629",
"trust": 1.4
},
{
"db": "MCAFEE",
"id": "SB10075",
"trust": 1.4
},
{
"db": "SECUNIA",
"id": "59300",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59450",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59364",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59040",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59490",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59495",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59374",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59175",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59454",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59445",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59264",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "58492",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59721",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59655",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "60571",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "58727",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "58939",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59162",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59514",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59413",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59438",
"trust": 1.1
},
{
"db": "ICS CERT",
"id": "ICSA-17-094-04",
"trust": 0.4
},
{
"db": "MCAFEE",
"id": "SB10071",
"trust": 0.3
},
{
"db": "VULMON",
"id": "CVE-2014-0076",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128315",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127607",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127362",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127213",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127266",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127608",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "131044",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "140720",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127086",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126228",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126961",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127265",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128001",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126097",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126087",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-0076"
},
{
"db": "BID",
"id": "66363"
},
{
"db": "PACKETSTORM",
"id": "128315"
},
{
"db": "PACKETSTORM",
"id": "127607"
},
{
"db": "PACKETSTORM",
"id": "127362"
},
{
"db": "PACKETSTORM",
"id": "127213"
},
{
"db": "PACKETSTORM",
"id": "127266"
},
{
"db": "PACKETSTORM",
"id": "127608"
},
{
"db": "PACKETSTORM",
"id": "131044"
},
{
"db": "PACKETSTORM",
"id": "140720"
},
{
"db": "PACKETSTORM",
"id": "127086"
},
{
"db": "PACKETSTORM",
"id": "126228"
},
{
"db": "PACKETSTORM",
"id": "126961"
},
{
"db": "PACKETSTORM",
"id": "127265"
},
{
"db": "PACKETSTORM",
"id": "128001"
},
{
"db": "PACKETSTORM",
"id": "126097"
},
{
"db": "PACKETSTORM",
"id": "126087"
},
{
"db": "NVD",
"id": "CVE-2014-0076"
}
]
},
"id": "VAR-201403-0514",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.408460395
},
"last_update_date": "2024-07-23T20:28:55.089000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Debian Security Advisories: DSA-2908-1 openssl -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=438bf64e25a46a5ac11098b5720d1bb6"
},
{
"title": "Ubuntu Security Notice: openssl vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-2165-1"
},
{
"title": "Debian CVElist Bug Report Logs: openssl: CVE-2014-0076",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=1fc1fc75c3cab4aa04eb437a09a1da4f"
},
{
"title": "Red Hat: CVE-2014-0076",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2014-0076"
},
{
"title": "Debian CVElist Bug Report Logs: virtualbox: CVE-2014-6588 CVE-2014-6589 CVE-2014-6590 CVE-2014-6595 CVE-2015-0418 CVE-2015-0427",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=eee4d8c3e2b11de5b15ee65d96af6c60"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - January 2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=4a692d6d60aa31507cb101702b494c51"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=523d3f220a64ff01dd95e064bd37566a"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/uvhw/uvhw.bitcoin.js "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/hrbrmstr/internetdb "
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/second-nsa-crypto-tool-found-in-rsa-bsafe/105143/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-0076"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-310",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0076"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.5,
"url": "http://www.openssl.org/news/secadv_20140605.txt"
},
{
"trust": 1.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0076"
},
{
"trust": 1.4,
"url": "http://eprint.iacr.org/2014/140"
},
{
"trust": 1.4,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20140605-openssl"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676035"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677695"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676655"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677828"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676062"
},
{
"trust": 1.4,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10075"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676419"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21673137"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676501"
},
{
"trust": 1.2,
"url": "http://advisories.mageia.org/mgasa-2014-0165.html"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/bid/66363"
},
{
"trust": 1.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0224"
},
{
"trust": 1.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0221"
},
{
"trust": 1.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3470"
},
{
"trust": 1.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0195"
},
{
"trust": 1.1,
"url": "https://bugzilla.novell.com/show_bug.cgi?id=869945"
},
{
"trust": 1.1,
"url": "https://bugs.gentoo.org/show_bug.cgi?id=505278"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59438"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59450"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59721"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59655"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59162"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/58939"
},
{
"trust": 1.1,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2014:067"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676424"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59490"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/58727"
},
{
"trust": 1.1,
"url": "http://www.novell.com/support/kb/doc.php?id=7015300"
},
{
"trust": 1.1,
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59514"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59495"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59413"
},
{
"trust": 1.1,
"url": "http://www.novell.com/support/kb/doc.php?id=7015264"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59300"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001843"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001841"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/60571"
},
{
"trust": 1.1,
"url": "http://support.apple.com/kb/ht6443"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"trust": 1.1,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2015:062"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676092"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140266410314613\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140448122410568\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140621259019789\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140482916501310\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140389274407904\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140317760000786\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140904544427729\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140389355508263\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140752315422991\u0026w=2"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05301946"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59454"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59445"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59374"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59364"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59264"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59175"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59040"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/58492"
},
{
"trust": 1.1,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10629"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"trust": 1.1,
"url": "http://www.ubuntu.com/usn/usn-2165-1"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-updates/2014-04/msg00007.html"
},
{
"trust": 1.1,
"url": "http://git.openssl.org/gitweb/?p=openssl.git%3ba=commit%3bh=2198be3483259de374f91e57d247d0fc667aef29"
},
{
"trust": 1.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-5298"
},
{
"trust": 1.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0198"
},
{
"trust": 0.8,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/"
},
{
"trust": 0.8,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
},
{
"trust": 0.8,
"url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
},
{
"trust": 0.4,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-094-04"
},
{
"trust": 0.4,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05301946"
},
{
"trust": 0.3,
"url": "https://blogs.oracle.com/sunsecurity/entry/cve_2014_0076_cryptographic_issues"
},
{
"trust": 0.3,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10629\u0026cat=sirt_1\u0026actp=list\u0026showdraft=false"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2014/aug/att-93/esa-2014-079.txt"
},
{
"trust": 0.3,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095202"
},
{
"trust": 0.3,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095218"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas3bf6e25d1260a4de686257cc100631528"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas3824bd213d0f7c3d086257cc10063152c"
},
{
"trust": 0.3,
"url": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_openssl5"
},
{
"trust": 0.3,
"url": "http://openssl.org/"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100181245"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21686583"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/connections/blogs/psirt/entry/security_bulletin_aix_is_affected_by_a_vulnerability_in_openssl_cve_2014_0160?lang=en_us"
},
{
"trust": 0.3,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095187"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21670738"
},
{
"trust": 0.3,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095124"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1004581"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1004611"
},
{
"trust": 0.3,
"url": "http://www.freebsd.org/security/advisories/freebsd-sa-14:06.openssl.asc"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1020681"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04355095"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04343424"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04345210"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04349789"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04349897"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04378799"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04379485"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04337774"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04336637"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037392"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037189"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037307"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21671096"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676673"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21671128"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21671127"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21670640"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21670640"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21671100"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21671098"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676041"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21670316"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037451"
},
{
"trust": 0.3,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10071"
},
{
"trust": 0.3,
"url": "https://www.xerox.com/download/security/security-bulletin/33a01-5228bdf5d027e/cert_security_mini-_bulletin_xrx15ao_for_cq8570-cq8870_v1-0.pdf"
},
{
"trust": 0.3,
"url": "http://support.f5.com/kb/en-us/solutions/public/15000/200/sol15295.html"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1020021"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21670401"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037380"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037382"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037384"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21670905"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037379"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037381"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037383"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037393"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21670165"
},
{
"trust": 0.3,
"url": "http://forums.alienvault.com/discussion/3054/security-advisory-alienvault-v4-10-0-addresses-several-vulnerabilities"
},
{
"trust": 0.3,
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/archive/hw-345106.htm"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1004582"
},
{
"trust": 0.3,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095143"
},
{
"trust": 0.3,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095144"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676840"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1020038"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21671197"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682023"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21670301"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21670302"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21670576"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682026"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682025"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682024"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21669859"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1004616"
},
{
"trust": 0.3,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095841"
},
{
"trust": 0.3,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095217"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21673715"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21670339"
},
{
"trust": 0.3,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095203"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688949"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678668"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21676424"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21676092"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21695392"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21681249"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21671133"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1004608"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1020694"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21670560"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21670858"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21673696"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1020976"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1020952"
},
{
"trust": 0.3,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095066"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1004615"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21669664"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100179859"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100179858"
},
{
"trust": 0.3,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10629\u0026cat=sirt_1\u0026actp=list"
},
{
"trust": 0.3,
"url": "http://h17007.www1.hp.com/us/en/enterprise/servers/solutions/info-library/ind"
},
{
"trust": 0.2,
"url": "http://www.hp.com/swpublishing/mtx-511c3e0b2f6f4f6bbc796fc619"
},
{
"trust": 0.2,
"url": "http://www.hp.com/swpublishing/mtx-bd9a1cf60e344c549c4888db93"
},
{
"trust": 0.2,
"url": "http://www.hp.com/swpublishing/mtx-3395d737d98f42149125b9bb05"
},
{
"trust": 0.2,
"url": "http://www.hp.com/swpublishing/mtx-3a7aa5e233904ebe847a5e1555"
},
{
"trust": 0.2,
"url": "http://www.hp.com/swpublishing/mtx-d775367b0a28449ca05660778b"
},
{
"trust": 0.2,
"url": "http://www.hp.com/swpublishing/mtx-e8076c2a35804685ad65b2b1ba"
},
{
"trust": 0.2,
"url": "http://h18013.www1.hp.com/products/servers/management/hpsim/download.html"
},
{
"trust": 0.2,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_n"
},
{
"trust": 0.2,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0160"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/en/support/security/"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/en/support/security/advisories/"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0076"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3566"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/310.html"
},
{
"trust": 0.1,
"url": "https://github.com/uvhw/uvhw.bitcoin.js"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://threatpost.com/second-nsa-crypto-tool-found-in-rsa-bsafe/105143/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-0076"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=33767"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/2165-1/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4378"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3487"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4379"
},
{
"trust": 0.1,
"url": "http://support.apple.com/kb/ht1222"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0238"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0185"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1943"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4376"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-7345"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4377"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4350"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4381"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2525"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0237"
},
{
"trust": 0.1,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3480"
},
{
"trust": 0.1,
"url": "http://www.vsecurity.com/)"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2270"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0207"
},
{
"trust": 0.1,
"url": "http://gpgtools.org"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3515"
},
{
"trust": 0.1,
"url": "http://support.apple.com/kb/ht6367"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3479"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1391"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3478"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4049"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4374"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3981"
},
{
"trust": 0.1,
"url": "http://h18013.www1.hp.com/products/servers/management/fpdownload.html"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-2c54f23c6dbc4d598e86fdef95"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-4480df0f6d544779b0143f5c3b"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0289"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0288"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0287"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0209"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0195"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0160"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3571"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3566"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-5298"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0287"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0286"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3513"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0224"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8275"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3572"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0209"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0289"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3470"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3513"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0204"
},
{
"trust": 0.1,
"url": "http://openssl.org/news/secadv_20150319.txt"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0198"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3570"
},
{
"trust": 0.1,
"url": "http://openssl.org/news/secadv_20150108.txt"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0204"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3571"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0221"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0288"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0206"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0205"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0293"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3570"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0205"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8275"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3572"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3569"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0286"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3569"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0293"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0206"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/support/security_bulletin_archive"
},
{
"trust": 0.1,
"url": "https://www.hpe.com/info/report-security-vulnerability"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c01345499"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0705"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/support/subscriber_choice"
},
{
"trust": 0.1,
"url": "https://www.hp.com/go/swa"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-8208c3987b1b4a5093f3e8fcc3"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-c0d32bac154a4d93839d8cd1f2"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-8aefeaf490284a7691eca97d13"
},
{
"trust": 0.1,
"url": "http://security.freebsd.org/patches/sa-14:06/openssl.patch.asc"
},
{
"trust": 0.1,
"url": "http://security.freebsd.org/patches/sa-14:06/openssl-10.patch.asc"
},
{
"trust": 0.1,
"url": "http://www.freebsd.org/handbook/makeworld.html\u003e."
},
{
"trust": 0.1,
"url": "http://eprint.iacr.org/2014/140.pdf\u003e"
},
{
"trust": 0.1,
"url": "http://security.freebsd.org/\u003e."
},
{
"trust": 0.1,
"url": "http://security.freebsd.org/advisories/freebsd-sa-14:06.openssl.asc\u003e"
},
{
"trust": 0.1,
"url": "http://www.openssl.org/news/secadv_20140407.txt\u003e"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0076\u003e"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0160\u003e"
},
{
"trust": 0.1,
"url": "http://security.freebsd.org/patches/sa-14:06/openssl-10.patch"
},
{
"trust": 0.1,
"url": "http://svnweb.freebsd.org/base?view=revision\u0026revision=nnnnnn\u003e"
},
{
"trust": 0.1,
"url": "http://security.freebsd.org/patches/sa-14:06/openssl.patch"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-0076"
},
{
"db": "BID",
"id": "66363"
},
{
"db": "PACKETSTORM",
"id": "128315"
},
{
"db": "PACKETSTORM",
"id": "127607"
},
{
"db": "PACKETSTORM",
"id": "127362"
},
{
"db": "PACKETSTORM",
"id": "127213"
},
{
"db": "PACKETSTORM",
"id": "127266"
},
{
"db": "PACKETSTORM",
"id": "127608"
},
{
"db": "PACKETSTORM",
"id": "131044"
},
{
"db": "PACKETSTORM",
"id": "140720"
},
{
"db": "PACKETSTORM",
"id": "127086"
},
{
"db": "PACKETSTORM",
"id": "126228"
},
{
"db": "PACKETSTORM",
"id": "126961"
},
{
"db": "PACKETSTORM",
"id": "127265"
},
{
"db": "PACKETSTORM",
"id": "128001"
},
{
"db": "PACKETSTORM",
"id": "126097"
},
{
"db": "PACKETSTORM",
"id": "126087"
},
{
"db": "NVD",
"id": "CVE-2014-0076"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2014-0076"
},
{
"db": "BID",
"id": "66363"
},
{
"db": "PACKETSTORM",
"id": "128315"
},
{
"db": "PACKETSTORM",
"id": "127607"
},
{
"db": "PACKETSTORM",
"id": "127362"
},
{
"db": "PACKETSTORM",
"id": "127213"
},
{
"db": "PACKETSTORM",
"id": "127266"
},
{
"db": "PACKETSTORM",
"id": "127608"
},
{
"db": "PACKETSTORM",
"id": "131044"
},
{
"db": "PACKETSTORM",
"id": "140720"
},
{
"db": "PACKETSTORM",
"id": "127086"
},
{
"db": "PACKETSTORM",
"id": "126228"
},
{
"db": "PACKETSTORM",
"id": "126961"
},
{
"db": "PACKETSTORM",
"id": "127265"
},
{
"db": "PACKETSTORM",
"id": "128001"
},
{
"db": "PACKETSTORM",
"id": "126097"
},
{
"db": "PACKETSTORM",
"id": "126087"
},
{
"db": "NVD",
"id": "CVE-2014-0076"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-03-25T00:00:00",
"db": "VULMON",
"id": "CVE-2014-0076"
},
{
"date": "2014-02-24T00:00:00",
"db": "BID",
"id": "66363"
},
{
"date": "2014-09-19T15:26:13",
"db": "PACKETSTORM",
"id": "128315"
},
{
"date": "2014-07-24T23:47:46",
"db": "PACKETSTORM",
"id": "127607"
},
{
"date": "2014-07-06T18:53:39",
"db": "PACKETSTORM",
"id": "127362"
},
{
"date": "2014-06-25T21:32:38",
"db": "PACKETSTORM",
"id": "127213"
},
{
"date": "2014-06-27T18:43:56",
"db": "PACKETSTORM",
"id": "127266"
},
{
"date": "2014-07-24T23:48:05",
"db": "PACKETSTORM",
"id": "127608"
},
{
"date": "2015-03-27T20:42:44",
"db": "PACKETSTORM",
"id": "131044"
},
{
"date": "2017-01-25T21:54:44",
"db": "PACKETSTORM",
"id": "140720"
},
{
"date": "2014-06-13T13:31:32",
"db": "PACKETSTORM",
"id": "127086"
},
{
"date": "2014-04-21T19:46:40",
"db": "PACKETSTORM",
"id": "126228"
},
{
"date": "2014-06-05T21:13:52",
"db": "PACKETSTORM",
"id": "126961"
},
{
"date": "2014-06-27T18:43:23",
"db": "PACKETSTORM",
"id": "127265"
},
{
"date": "2014-08-26T11:11:00",
"db": "PACKETSTORM",
"id": "128001"
},
{
"date": "2014-04-09T23:30:40",
"db": "PACKETSTORM",
"id": "126097"
},
{
"date": "2014-04-09T22:49:02",
"db": "PACKETSTORM",
"id": "126087"
},
{
"date": "2014-03-25T13:25:21.977000",
"db": "NVD",
"id": "CVE-2014-0076"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-02-13T00:00:00",
"db": "VULMON",
"id": "CVE-2014-0076"
},
{
"date": "2017-05-23T16:25:00",
"db": "BID",
"id": "66363"
},
{
"date": "2023-02-13T00:31:07.977000",
"db": "NVD",
"id": "CVE-2014-0076"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "66363"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL CVE-2014-0076 Information Disclosure Weakness",
"sources": [
{
"db": "BID",
"id": "66363"
}
],
"trust": 0.3
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "66363"
}
],
"trust": 0.3
}
}
VAR-201605-0076
Vulnerability from variot - Updated: 2024-07-23 20:02Integer overflow in the EVP_EncryptUpdate function in crypto/evp/evp_enc.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of data. OpenSSL is prone to an integer-overflow vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions. Following product versions are affected: OpenSSL versions 1.0.2 prior to 1.0.2h are vulnerable. OpenSSL versions 1.0.1 prior to 1.0.1t are vulnerable. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector (mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat Native library.
Security Fix(es):
- It was discovered that httpd used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. After installing the updated packages, the httpd daemon will be restarted automatically. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03756en_us
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: hpesbhf03756en_us Version: 1
HPESBHF03756 rev.1 - HPE Network Products including Comware 7, iMC, and VCX running OpenSSL, Remote Denial of Service (DoS), Disclosure of Sensitive Information
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2017-06-05 Last Updated: 2017-06-05
Potential Security Impact: Remote: Denial of Service (DoS), Disclosure of Sensitive Information
Source: Hewlett Packard Enterprise, Product Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities with OpenSSL have been addressed for HPE network products including Comware 7, iMC, and VCX. The vulnerabilities could be remotely exploited resulting in Denial of Service (DoS) or disclosure of sensitive information.
References:
- CVE-2016-2105 - Remote Denial of Service (DoS)
- CVE-2016-2106 - Remote Denial of Service (DoS)
- CVE-2016-2107 - Remote disclosure of sensitive information
- CVE-2016-2108 - Remote Denial of Service (DoS)
- CVE-2016-2109 - Remote Denial of Service (DoS)
- CVE-2016-2176 - Remote Denial of Service (DoS)
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
- VCX Products All versions - Please refer to the RESOLUTION below for a list of updated products.
- Comware v7 (CW7) Products All versions - Please refer to the RESOLUTION below for a list of updated products.
- HP Intelligent Management Center (iMC) All versions - Please refer to the RESOLUTION below for a list of updated products.
BACKGROUND
CVSS Base Metrics ================= Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector
CVE-2016-2105
5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVE-2016-2106
5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVE-2016-2107
3.7 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
2.6 (AV:N/AC:H/Au:N/C:P/I:N/A:N)
CVE-2016-2108
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2016-2109
7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.8 (AV:N/AC:L/Au:N/C:N/I:N/A:C)
CVE-2016-2176
6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
6.4 (AV:N/AC:L/Au:N/C:P/I:N/A:P)
Information on CVSS is documented in
HPE Customer Notice HPSN-2008-002 here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499
RESOLUTION
HPE has made the following software updates available to resolve the vulnerabilities in the Comware 7, iMC and VCX products running OpenSSL.
COMWARE 7 Products
- 12500 (Comware 7) - Version: R7377P02
- HP Network Products
- JC072B HP 12500 Main Processing Unit
- JC085A HP A12518 Switch Chassis
- JC086A HP A12508 Switch Chassis
- JC652A HP 12508 DC Switch Chassis
- JC653A HP 12518 DC Switch Chassis
- JC654A HP 12504 AC Switch Chassis
- JC655A HP 12504 DC Switch Chassis
- JF430A HP A12518 Switch Chassis
- JF430B HP 12518 Switch Chassis
- JF430C HP 12518 AC Switch Chassis
- JF431A HP A12508 Switch Chassis
- JF431B HP 12508 Switch Chassis
- JF431C HP 12508 AC Switch Chassis
- JG497A HP 12500 MPU w/Comware V7 OS
- JG782A HP FF 12508E AC Switch Chassis
- JG783A HP FF 12508E DC Switch Chassis
- JG784A HP FF 12518E AC Switch Chassis
- JG785A HP FF 12518E DC Switch Chassis
- JG802A HP FF 12500E MPU
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 10500 (Comware 7) - Version: R7184
- HP Network Products
- JC611A HP 10508-V Switch Chassis
- JC612A HP 10508 Switch Chassis
- JC613A HP 10504 Switch Chassis
- JC748A HP 10512 Switch Chassis
- JG608A HP FlexFabric 11908-V Switch Chassis
- JG609A HP FlexFabric 11900 Main Processing Unit
- JG820A HP 10504 TAA Switch Chassis
- JG821A HP 10508 TAA Switch Chassis
- JG822A HP 10508-V TAA Switch Chassis
- JG823A HP 10512 TAA Switch Chassis
- JG496A HP 10500 Type A MPU w/Comware v7 OS
- JH198A HP 10500 Type D Main Processing Unit with Comware v7 Operating System
- JH206A HP 10500 Type D TAA-compliant with Comware v7 Operating System Main Processing Unit
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 5900/5920 (Comware 7) - Version: R2422P02
- HP Network Products
- JC772A HP 5900AF-48XG-4QSFP+ Switch
- JG296A HP 5920AF-24XG Switch
- JG336A HP 5900AF-48XGT-4QSFP+ Switch
- JG510A HP 5900AF-48G-4XG-2QSFP+ Switch
- JG554A HP 5900AF-48XG-4QSFP+ TAA Switch
- JG555A HP 5920AF-24XG TAA Switch
- JG838A HP FF 5900CP-48XG-4QSFP+ Switch
- JH036A HP FlexFabric 5900CP 48XG 4QSFP+ TAA-Compliant
- JH037A HP 5900AF 48XGT 4QSFP+ TAA-Compliant Switch
- JH038A HP 5900AF 48G 4XG 2QSFP+ TAA-Compliant
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- MSR1000 (Comware 7) - Version: R0306P52
- HP Network Products
- JG875A HP MSR1002-4 AC Router
- JH060A HP MSR1003-8S AC Router
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- MSR2000 (Comware 7) - Version: R0306P52
- HP Network Products
- JG411A HP MSR2003 AC Router
- JG734A HP MSR2004-24 AC Router
- JG735A HP MSR2004-48 Router
- JG866A HP MSR2003 TAA-compliant AC Router
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- MSR3000 (Comware 7) - Version: R0306P52
- HP Network Products
- JG404A HP MSR3064 Router
- JG405A HP MSR3044 Router
- JG406A HP MSR3024 AC Router
- JG407A HP MSR3024 DC Router
- JG408A HP MSR3024 PoE Router
- JG409A HP MSR3012 AC Router
- JG410A HP MSR3012 DC Router
- JG861A HP MSR3024 TAA-compliant AC Router
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- MSR4000 (Comware 7) - Version: R0306P52
- HP Network Products
- JG402A HP MSR4080 Router Chassis
- JG403A HP MSR4060 Router Chassis
- JG412A HP MSR4000 MPU-100 Main Processing Unit
- JG869A HP MSR4000 TAA-compliant MPU-100 Main Processing Unit
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- VSR (Comware 7) - Version: E0324
- HP Network Products
- JG810AAE HP VSR1001 Virtual Services Router 60 Day Evaluation Software
- JG811AAE HP VSR1001 Comware 7 Virtual Services Router
- JG812AAE HP VSR1004 Comware 7 Virtual Services Router
- JG813AAE HP VSR1008 Comware 7 Virtual Services Router
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 7900 (Comware 7) - Version: R2152
- HP Network Products
- JG682A HP FlexFabric 7904 Switch Chassis
- JG841A HP FlexFabric 7910 Switch Chassis
- JG842A HP FlexFabric 7910 7.2Tbps Fabric / Main Processing Unit
- JH001A HP FlexFabric 7910 2.4Tbps Fabric / Main Processing Unit
- JH122A HP FlexFabric 7904 TAA-compliant Switch Chassis
- JH123A HP FlexFabric 7910 TAA-compliant Switch Chassis
- JH124A HP FlexFabric 7910 7.2Tbps TAA-compliant Fabric/Main Processing Unit
- JH125A HP FlexFabric 7910 2.4Tbps TAA-compliant Fabric/Main Processing Unit
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 5130 (Comware 7) - Version: R3115
- HP Network Products
- JG932A HP 5130-24G-4SFP+ EI Switch
- JG933A HP 5130-24G-SFP-4SFP+ EI Switch
- JG934A HP 5130-48G-4SFP+ EI Switch
- JG936A HP 5130-24G-PoE+-4SFP+ (370W) EI Switch
- JG937A HP 5130-48G-PoE+-4SFP+ (370W) EI Switch
- JG938A HP 5130-24G-2SFP+-2XGT EI Switch
- JG939A HP 5130-48G-2SFP+-2XGT EI Switch
- JG940A HP 5130-24G-PoE+-2SFP+-2XGT (370W) EI Switch
- JG941A HP 5130-48G-PoE+-2SFP+-2XGT (370W) EI Switch
- JG975A HP 5130-24G-4SFP+ EI Brazil Switch
- JG976A HP 5130-48G-4SFP+ EI Brazil Switch
- JG977A HP 5130-24G-PoE+-4SFP+ (370W) EI Brazil Switch
- JG978A HP 5130-48G-PoE+-4SFP+ (370W) EI Brazil Switch
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 6125XLG - Version: R2422P02
- HP Network Products
- 711307-B21 HP 6125XLG Blade Switch
- 737230-B21 HP 6125XLG Blade Switch with TAA
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 6127XLG - Version: R2422P02
- HP Network Products
- 787635-B21 HP 6127XLG Blade Switch Opt Kit
- 787635-B22 HP 6127XLG Blade Switch with TAA
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- Moonshot - Version: R2432
- HP Network Products
- 786617-B21 - HP Moonshot-45Gc Switch Module
- 704654-B21 - HP Moonshot-45XGc Switch Module
- 786619-B21 - HP Moonshot-180XGc Switch Module
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 5700 (Comware 7) - Version: R2422P02
- HP Network Products
- JG894A HP FlexFabric 5700-48G-4XG-2QSFP+ Switch
- JG895A HP FlexFabric 5700-48G-4XG-2QSFP+ TAA-compliant Switch
- JG896A HP FlexFabric 5700-40XG-2QSFP+ Switch
- JG897A HP FlexFabric 5700-40XG-2QSFP+ TAA-compliant Switch
- JG898A HP FlexFabric 5700-32XGT-8XG-2QSFP+ Switch
- JG899A HP FlexFabric 5700-32XGT-8XG-2QSFP+ TAA-compliant Switch
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 5930 (Comware 7) - Version: R2422P02
- HP Network Products
- JG726A HP FlexFabric 5930 32QSFP+ Switch
- JG727A HP FlexFabric 5930 32QSFP+ TAA-compliant Switch
- JH178A HP FlexFabric 5930 2QSFP+ 2-slot Switch
- JH179A HP FlexFabric 5930 4-slot Switch
- JH187A HP FlexFabric 5930 2QSFP+ 2-slot TAA-compliant Switch
- JH188A HP FlexFabric 5930 4-slot TAA-compliant Switch
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 1950 (Comware 7) - Version: R3115
- HP Network Products
- JG960A HP 1950-24G-4XG Switch
- JG961A HP 1950-48G-2SFP+-2XGT Switch
- JG962A HP 1950-24G-2SFP+-2XGT-PoE+(370W) Switch
- JG963A HP 1950-48G-2SFP+-2XGT-PoE+(370W) Switch
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 7500 (Comware 7) - Version: R7184
- HP Network Products
- JD238C HP 7510 Switch Chassis
- JD239C HP 7506 Switch Chassis
- JD240C HP 7503 Switch Chassis
- JD242C HP 7502 Switch Chassis
- JH207A HP 7500 1.2Tbps Fabric with 2-port 40GbE QSFP+ for IRF-Only Main Processing Unit
- JH208A HP 7502 Main Processing Unit
- JH209A HP 7500 2.4Tbps Fabric with 8-port 1/10GbE SFP+ and 2-port 40GbE QSFP+ Main Processing Unit
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 5510HI (Comware 7) - Version: R1120P10
- HP Network Products
- JH145A HPE 5510 24G 4SFP+ HI 1-slot Switch
- JH146A HPE 5510 48G 4SFP+ HI 1-slot Switch
- JH147A HPE 5510 24G PoE+ 4SFP+ HI 1-slot Switch
- JH148A HPE 5510 48G PoE+ 4SFP+ HI 1-slot Switch
- JH149A HPE 5510 24G SFP 4SFP+ HI 1-slot Switch
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 5130HI (Comware 7) - Version: R1120P10
- HP Network Products
- JH323A HPE 5130 24G 4SFP+ 1-slot HI Switch
- JH324A HPE 5130 48G 4SFP+ 1-slot HI Switch
- JH325A HPE 5130 24G PoE+ 4SFP+ 1-slot HI Switch
- JH326A HPE 5130 48G PoE+ 4SFP+ 1-slot HI Switch
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 5940 - Version: R2509
- HP Network Products
- JH390A HPE FlexFabric 5940 48SFP+ 6QSFP28 Switch
- JH391A HPE FlexFabric 5940 48XGT 6QSFP28 Switch
- JH394A HPE FlexFabric 5940 48XGT 6QSFP+ Switch
- JH395A HPE FlexFabric 5940 48SFP+ 6QSFP+ Switch
- JH396A HPE FlexFabric 5940 32QSFP+ Switch
- JH397A HPE FlexFabric 5940 2-slot Switch
- JH398A HPE FlexFabric 5940 4-slot Switch
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 5950 - Version: R6123
- HP Network Products
- JH321A HPE FlexFabric 5950 32QSFP28 Switch
- JH402A HPE FlexFabric 5950 48SFP28 8QSFP28 Switch
- JH404A HPE FlexFabric 5950 4-slot Switch
- 12900E (Comware 7) - Version: R2609
- HP Network Products
- JG619A HP FlexFabric 12910 Switch AC Chassis
- JG621A HP FlexFabric 12910 Main Processing Unit
- JG632A HP FlexFabric 12916 Switch AC Chassis
- JG634A HP FlexFabric 12916 Main Processing Unit
- JH104A HP FlexFabric 12900E Main Processing Unit
- JH114A HP FlexFabric 12910 TAA-compliant Main Processing Unit
- JH263A HP FlexFabric 12904E Main Processing Unit
- JH255A HP FlexFabric 12908E Switch Chassis
- JH262A HP FlexFabric 12904E Switch Chassis
- JH113A HP FlexFabric 12910 TAA-compliant Switch AC Chassis
- JH103A HP FlexFabric 12916E Switch Chassis
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
iMC Products
- iNode PC 7.2 (E0410) - Version: 7.2 E0410
- HP Network Products
- JD144A HP A-IMC User Access Management Software Module with 200-user License
- JD147A HP IMC Endpoint Admission Defense Software Module with 200-user License
- JD435A HP A-IMC Endpoint Admission Defense Client Software
- JF388A HP IMC User Authentication Management Software Module with 200-user License
- JF388AAE HP IMC User Authentication Management Software Module with 200-user E-LTU
- JF391A HP IMC Endpoint Admission Defense Software Module with 200-user License
- JF391AAE HP IMC Endpoint Admission Defense Software Module with 200-user E-LTU
- JG752AAE HP IMC User Access Manager Software Module with 50-user E-LTU
- JG754AAE) HP IMC Endpoint Admission Defense Software Module with 50-user E-LTU
- CVEs
- CVE-2016-2106
- CVE-2016-2109
- CVE-2016-2176
- iMC UAM_TAM 7.2-E0409 - Version: 7.2 E0409
- HP Network Products
- JF388A HP IMC UAM S/W MODULE W/200-USER LICENSE
- JF388AAE HP IMC UAM S/W MODULE W/200-USER E-LTU
- JG752AAE HP IMC UAM SW MOD W/ 50-USER E-LTU
- JG483A HP IMC TAM S/W MODULE W/100-NODE LIC
- JG483AAE HP IMC TAM S/W MODULE W/100-NODE E-LTU
- JG764AAE HP IMC TAM SW MOD W/ 50-NODE E-LTU
- CVEs
- CVE-2016-2106
- CVE-2016-2109
- CVE-2016-2176
VCX Products
- VCX - Version: 9.8.19
- HP Network Products
- J9672A HP VCX V7205 Platform w/ DL360 G7 Srvr
- J9668A HP VCX IPC V7005 Pltfrm w/ DL120 G6 Srvr
- JC517A HP VCX V7205 Platform w/DL 360 G6 Server
- JE355A HP VCX V6000 Branch Platform 9.0
- JC516A HP VCX V7005 Platform w/DL 120 G6 Server
- JC518A HP VCX Connect 200 Primry 120 G6 Server
- J9669A HP VCX IPC V7310 Pltfrm w/ DL360 G7 Srvr
- JE341A HP VCX Connect 100 Secondary
- JE252A HP VCX Connect Primary MIM Module
- JE253A HP VCX Connect Secondary MIM Module
- JE254A HP VCX Branch MIM Module
- JE355A HP VCX V6000 Branch Platform 9.0
- JD028A HP MS30-40 RTR w/VCX + T1/FXO/FXS/Mod
- JD023A HP MSR30-40 Router with VCX MIM Module
- JD024A HP MSR30-16 RTR w/VCX Ent Br Com MIM
- JD025A HP MSR30-16 RTR w/VCX + 4FXO/2FXS Mod
- JD026A HP MSR30-16 RTR w/VCX + 8FXO/4FXS Mod
- JD027A HP MSR30-16 RTR w/VCX + 8BRI/4FXS Mod
- JD029A HP MSR30-16 RTR w/VCX + E1/4BRI/4FXS
- JE340A HP VCX Connect 100 Pri Server 9.0
- JE342A HP VCX Connect 100 Sec Server 9.0
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
Note: Please contact HPE Technical Support if any assistance is needed acquiring the software updates.
HISTORY Version:1 (rev.1) - 2 June 2017 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running Hewlett Packard Enterprise (HPE) software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HPE Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hpe.com.
Report: To report a potential security vulnerability for any HPE supported product: Web form: https://www.hpe.com/info/report-security-vulnerability Email: security-alert@hpe.com
Subscribe: To initiate a subscription to receive future HPE Security Bulletin alerts via Email: http://www.hpe.com/support/Subscriber_Choice
Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://www.hpe.com/support/Security_Bulletin_Archive
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HPE General Software HF = HPE Hardware and Firmware MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PV = ProCurve ST = Storage Software UX = HP-UX
Copyright 2016 Hewlett Packard Enterprise
Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett Packard Enterprise and the names of Hewlett Packard Enterprise products referenced herein are trademarks of Hewlett Packard Enterprise in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. (CVE-2016-5387)
-
It was discovered that OpenSSL would accept ephemeral RSA keys when using non-export RSA cipher suites. A malicious server could make a TLS/SSL client using OpenSSL use a weaker key exchange method. (CVE-2016-3110)
-
It was found that OpenSSL's BigNumber Squaring implementation could produce incorrect results under certain special conditions. Note that this issue occurred rarely and with a low probability, and there is currently no known way of exploiting it.
The References section of this erratum contains a download link (you must log in to download the update).
Gentoo Linux Security Advisory GLSA 201612-16
https://security.gentoo.org/
Severity: Normal Title: OpenSSL: Multiple vulnerabilities Date: December 07, 2016 Bugs: #581234, #585142, #585276, #591454, #592068, #592074, #592082, #594500, #595186 ID: 201612-16
Synopsis
Multiple vulnerabilities have been found in OpenSSL, the worst of which allows attackers to conduct a time based side-channel attack. Please review the CVE identifiers and the International Association for Cryptologic Research's (IACR) paper, "Make Sure DSA Signing Exponentiations Really are Constant-Time" for further details. Additionally, a time based side-channel attack may allow a local attacker to recover a private DSA key.
Workaround
There is no known workaround at this time.
Resolution
All OpenSSL users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/openssl-1.0.2j"
References
[ 1 ] CVE-2016-2105 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2105 [ 2 ] CVE-2016-2106 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2106 [ 3 ] CVE-2016-2107 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2107 [ 4 ] CVE-2016-2108 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2108 [ 5 ] CVE-2016-2109 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2109 [ 6 ] CVE-2016-2176 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2176 [ 7 ] CVE-2016-2177 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2177 [ 8 ] CVE-2016-2178 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2178 [ 9 ] CVE-2016-2180 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2180 [ 10 ] CVE-2016-2183 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2183 [ 11 ] CVE-2016-6304 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6304 [ 12 ] CVE-2016-6305 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6305 [ 13 ] CVE-2016-6306 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6306 [ 14 ] CVE-2016-7052 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7052 [ 15 ] Make Sure DSA Signing Exponentiations Really are Constant-Time http://eprint.iacr.org/2016/594.pdf
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201612-16
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. Description:
Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7.
This release includes bug fixes and enhancements, as well as a new release of OpenSSL that addresses a number of outstanding security flaws. For further information, see the knowledge base article linked to in the References section. The JBoss server process must be restarted for the update to take effect. (CVE-2016-2108)
-
Multiple flaws were found in the way httpd parsed HTTP requests and responses using chunked transfer encoding. A remote attacker could use these flaws to create a specially crafted request, which httpd would decode differently from an HTTP proxy software in front of it, possibly leading to HTTP request smuggling attacks. (CVE-2015-3195)
-
A flaw was found in the way the TLS protocol composes the Diffie-Hellman exchange (for both export and non-export grade cipher suites). An attacker could use this flaw to downgrade a DHE connection to use export-grade key sizes, which could then be broken by sufficient pre-computation. This can lead to a passive man-in-the-middle attack in which the attacker is able to decrypt all traffic. (CVE-2016-2106)
-
It was discovered that it is possible to remotely Segfault Apache http server with a specially crafted string sent to the mod_cluster via service messages (MCMP). (CVE-2016-2109)
-
It was discovered that specifying configuration with a JVMRoute path longer than 80 characters will cause segmentation fault leading to a server crash. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: openssl security update Advisory ID: RHSA-2016:0722-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-0722.html Issue date: 2016-05-09 CVE Names: CVE-2016-0799 CVE-2016-2105 CVE-2016-2106 CVE-2016-2107 CVE-2016-2108 CVE-2016-2109 CVE-2016-2842 =====================================================================
- Summary:
An update for openssl is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
- Description:
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.
Security Fix(es):
-
A flaw was found in the way OpenSSL encoded certain ASN.1 data structures. (CVE-2016-2105, CVE-2016-2106)
-
It was discovered that OpenSSL leaked timing information when decrypting TLS/SSL and DTLS protocol encrypted records when the connection used the AES CBC cipher suite and the server supported AES-NI. A remote attacker could possibly use this flaw to retrieve plain text from encrypted packets by using a TLS/SSL or DTLS server as a padding oracle. (CVE-2016-2107)
-
Several flaws were found in the way BIO_*printf functions were implemented in OpenSSL. (CVE-2016-0799, CVE-2016-2842)
-
A denial of service flaw was found in the way OpenSSL parsed certain ASN.1-encoded data from BIO (OpenSSL's I/O abstraction) inputs. An application using OpenSSL that accepts untrusted ASN.1 BIO input could be forced to allocate an excessive amount of data. (CVE-2016-2109)
Red Hat would like to thank the OpenSSL project for reporting CVE-2016-2108, CVE-2016-2842, CVE-2016-2105, CVE-2016-2106, CVE-2016-2107, and CVE-2016-0799. Upstream acknowledges Huzaifa Sidhpurwala (Red Hat), Hanno Böck, and David Benjamin (Google) as the original reporters of CVE-2016-2108; Guido Vranken as the original reporter of CVE-2016-2842, CVE-2016-2105, CVE-2016-2106, and CVE-2016-0799; and Juraj Somorovsky as the original reporter of CVE-2016-2107.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.
- Package List:
Red Hat Enterprise Linux Client (v. 7):
Source: openssl-1.0.1e-51.el7_2.5.src.rpm
x86_64: openssl-1.0.1e-51.el7_2.5.x86_64.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.x86_64.rpm openssl-libs-1.0.1e-51.el7_2.5.i686.rpm openssl-libs-1.0.1e-51.el7_2.5.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64: openssl-debuginfo-1.0.1e-51.el7_2.5.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.x86_64.rpm openssl-devel-1.0.1e-51.el7_2.5.i686.rpm openssl-devel-1.0.1e-51.el7_2.5.x86_64.rpm openssl-perl-1.0.1e-51.el7_2.5.x86_64.rpm openssl-static-1.0.1e-51.el7_2.5.i686.rpm openssl-static-1.0.1e-51.el7_2.5.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: openssl-1.0.1e-51.el7_2.5.src.rpm
x86_64: openssl-1.0.1e-51.el7_2.5.x86_64.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.x86_64.rpm openssl-libs-1.0.1e-51.el7_2.5.i686.rpm openssl-libs-1.0.1e-51.el7_2.5.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
x86_64: openssl-debuginfo-1.0.1e-51.el7_2.5.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.x86_64.rpm openssl-devel-1.0.1e-51.el7_2.5.i686.rpm openssl-devel-1.0.1e-51.el7_2.5.x86_64.rpm openssl-perl-1.0.1e-51.el7_2.5.x86_64.rpm openssl-static-1.0.1e-51.el7_2.5.i686.rpm openssl-static-1.0.1e-51.el7_2.5.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: openssl-1.0.1e-51.el7_2.5.src.rpm
ppc64: openssl-1.0.1e-51.el7_2.5.ppc64.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.ppc.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.ppc64.rpm openssl-devel-1.0.1e-51.el7_2.5.ppc.rpm openssl-devel-1.0.1e-51.el7_2.5.ppc64.rpm openssl-libs-1.0.1e-51.el7_2.5.ppc.rpm openssl-libs-1.0.1e-51.el7_2.5.ppc64.rpm
ppc64le: openssl-1.0.1e-51.el7_2.5.ppc64le.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.ppc64le.rpm openssl-devel-1.0.1e-51.el7_2.5.ppc64le.rpm openssl-libs-1.0.1e-51.el7_2.5.ppc64le.rpm
s390x: openssl-1.0.1e-51.el7_2.5.s390x.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.s390.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.s390x.rpm openssl-devel-1.0.1e-51.el7_2.5.s390.rpm openssl-devel-1.0.1e-51.el7_2.5.s390x.rpm openssl-libs-1.0.1e-51.el7_2.5.s390.rpm openssl-libs-1.0.1e-51.el7_2.5.s390x.rpm
x86_64: openssl-1.0.1e-51.el7_2.5.x86_64.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.x86_64.rpm openssl-devel-1.0.1e-51.el7_2.5.i686.rpm openssl-devel-1.0.1e-51.el7_2.5.x86_64.rpm openssl-libs-1.0.1e-51.el7_2.5.i686.rpm openssl-libs-1.0.1e-51.el7_2.5.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64: openssl-debuginfo-1.0.1e-51.el7_2.5.ppc.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.ppc64.rpm openssl-perl-1.0.1e-51.el7_2.5.ppc64.rpm openssl-static-1.0.1e-51.el7_2.5.ppc.rpm openssl-static-1.0.1e-51.el7_2.5.ppc64.rpm
ppc64le: openssl-debuginfo-1.0.1e-51.el7_2.5.ppc64le.rpm openssl-perl-1.0.1e-51.el7_2.5.ppc64le.rpm openssl-static-1.0.1e-51.el7_2.5.ppc64le.rpm
s390x: openssl-debuginfo-1.0.1e-51.el7_2.5.s390.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.s390x.rpm openssl-perl-1.0.1e-51.el7_2.5.s390x.rpm openssl-static-1.0.1e-51.el7_2.5.s390.rpm openssl-static-1.0.1e-51.el7_2.5.s390x.rpm
x86_64: openssl-debuginfo-1.0.1e-51.el7_2.5.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.x86_64.rpm openssl-perl-1.0.1e-51.el7_2.5.x86_64.rpm openssl-static-1.0.1e-51.el7_2.5.i686.rpm openssl-static-1.0.1e-51.el7_2.5.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: openssl-1.0.1e-51.el7_2.5.src.rpm
x86_64: openssl-1.0.1e-51.el7_2.5.x86_64.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.x86_64.rpm openssl-devel-1.0.1e-51.el7_2.5.i686.rpm openssl-devel-1.0.1e-51.el7_2.5.x86_64.rpm openssl-libs-1.0.1e-51.el7_2.5.i686.rpm openssl-libs-1.0.1e-51.el7_2.5.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64: openssl-debuginfo-1.0.1e-51.el7_2.5.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.x86_64.rpm openssl-perl-1.0.1e-51.el7_2.5.x86_64.rpm openssl-static-1.0.1e-51.el7_2.5.i686.rpm openssl-static-1.0.1e-51.el7_2.5.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2016-0799 https://access.redhat.com/security/cve/CVE-2016-2105 https://access.redhat.com/security/cve/CVE-2016-2106 https://access.redhat.com/security/cve/CVE-2016-2107 https://access.redhat.com/security/cve/CVE-2016-2108 https://access.redhat.com/security/cve/CVE-2016-2109 https://access.redhat.com/security/cve/CVE-2016-2842 https://access.redhat.com/security/updates/classification/#important
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFXMFlTXlSAg2UNWIIRAhYAAJ0T9Ib2vXUa5te34i6fphHrbe0HlwCfePy5 WjaK8x9OaI0FgbWyfxvwq6o= =jHjh -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce. ============================================================================ Ubuntu Security Notice USN-2959-1 May 03, 2016
openssl vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 LTS
- Ubuntu 15.10
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary:
Several security issues were fixed in OpenSSL. (CVE-2016-2106)
Brian Carpenter discovered that OpenSSL incorrectly handled memory when ASN.1 data is read from a BIO. (CVE-2016-2109)
As a security improvement, this update also modifies OpenSSL behaviour to reject DH key sizes below 1024 bits, preventing a possible downgrade attack.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 16.04 LTS: libssl1.0.0 1.0.2g-1ubuntu4.1
Ubuntu 15.10: libssl1.0.0 1.0.2d-0ubuntu1.5
Ubuntu 14.04 LTS: libssl1.0.0 1.0.1f-1ubuntu2.19
Ubuntu 12.04 LTS: libssl1.0.0 1.0.1-4ubuntu5.36
After a standard system update you need to reboot your computer to make all the necessary changes
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201605-0076",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.2b"
},
{
"model": "enterprise linux hpc node eus",
"scope": "eq",
"trust": 1.3,
"vendor": "redhat",
"version": "7.2"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.3,
"vendor": "redhat",
"version": "7.2"
},
{
"model": "enterprise linux server eus",
"scope": "eq",
"trust": 1.3,
"vendor": "redhat",
"version": "7.2"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2f"
},
{
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2a"
},
{
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2e"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2c"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2g"
},
{
"model": "openssl",
"scope": "lte",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1s"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2d"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "registered envelope service",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence video communication server",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "0"
},
{
"model": "paging server",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": "11.5.1"
},
{
"model": "nexus series switches 5.2 sv3",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": "1000v"
},
{
"model": "network performance analytics",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "0"
},
{
"model": "ironport encryption appliance",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "0"
},
{
"model": "spa51x series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mate collector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ata series analog terminal adaptor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1900"
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "network health framework",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence server on virtual machine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "spa232d multi-line dect ata",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2"
},
{
"model": "show and share",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(1)"
},
{
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.2.1"
},
{
"model": "unified series ip phones",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "780011.5.2"
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.3.0.0"
},
{
"model": "clean access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "lancope stealthwatch flowcollector netflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8"
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(3.10000.9)"
},
{
"model": "hosted collaboration mediation fulfillment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.6(3)"
},
{
"model": "10.2-release-p8",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.3"
},
{
"model": "proactive network operations center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence server mr2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "87104.2"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.40"
},
{
"model": "emergency responder",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"model": "video distribution suite for internet streaming",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3.2"
},
{
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.2"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.53"
},
{
"model": "tivoli netcool system service monitor fp1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6"
},
{
"model": "video surveillance media server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11"
},
{
"model": "project openssl 1.0.1e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "lancope stealthwatch udp director",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.2"
},
{
"model": "nexus series blade switches 0.9.8zf",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4000"
},
{
"model": "telepresence isdn link",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.1.6"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.5"
},
{
"model": "project openssl 1.0.2g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0.1"
},
{
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32400"
},
{
"model": "telepresence sx series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.3.7"
},
{
"model": "project openssl 1.0.1a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5.1.6"
},
{
"model": "unified intelligent contact management enterprise",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.51"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "85100"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5.1.131"
},
{
"model": "unified workforce optimization",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.1"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1.4"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"model": "lancope stealthwatch flowcollector netflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.1"
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.2"
},
{
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.26"
},
{
"model": "mediasense 9.0",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "abyp-4tl-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "powerkvm",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"model": "cognos business intelligence interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.119"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1209"
},
{
"model": "asr series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50000"
},
{
"model": "aspera shares",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.9.6"
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4.0.0"
},
{
"model": "10.1-release-p26",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "edge digital media player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3400"
},
{
"model": "enterprise content delivery system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.8"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.2"
},
{
"model": "prime collaboration assurance sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"model": "tivoli netcool system service monitors fp3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(1)"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.3"
},
{
"model": "workload deployer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.16"
},
{
"model": "unified contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.11"
},
{
"model": "intelligent automation for cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jabber guest",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0(2)"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3361"
},
{
"model": "10.1-release-p5",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "unified ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "69010"
},
{
"model": "prime security manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9.5.4.3"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.13-34"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"model": "im and presence service",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"model": "ata analog telephone adaptor",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1879.2.5"
},
{
"model": "tivoli netcool system service monitors fp15",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "jabber guest",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "show and share",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5(2)"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.1"
},
{
"model": "real-time compression appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.2"
},
{
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.4.0.1"
},
{
"model": "cloud manager with openstack interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.3"
},
{
"model": "prime license manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ucs central 1.5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "prime collaboration deployment",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"model": "series ip phones vpn feature",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8800-11.5.2"
},
{
"model": "mobile foundation consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.0.1"
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3394"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.2"
},
{
"model": "visual quality experience server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "filenet system monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"model": "project openssl 1.0.1t",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "anyconnect secure mobility client for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3"
},
{
"model": "content security management appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "10.1-release-p28",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "agent for openflow",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.4.0"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.1"
},
{
"model": "image construction and composition tool",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.1.0"
},
{
"model": "webex recording playback client",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime collaboration assurance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "asa next-generation firewall services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "9.3-release-p38",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "telepresence content server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tandberg codian mse model",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83200"
},
{
"model": "mysql enterprise backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.10.1"
},
{
"model": "local collector appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2.8"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.2"
},
{
"model": "9.3-release-p10",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.3-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "digital media players series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44000"
},
{
"model": "mds series multilayer switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "90008.3"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.16-37"
},
{
"model": "10.2-release-p13",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "nexus series switches 7.3.1nx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"model": "opensuse evergreen",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.4"
},
{
"model": "prime infrastructure standalone plug and play gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "spa50x series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings for blackberry",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tivoli netcool system service monitors interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.014-01"
},
{
"model": "security identity manager virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.3"
},
{
"model": "lancope stealthwatch flowcollector sflow",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 1.0.1g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "media experience engines",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.5.1"
},
{
"model": "exalogic infrastructure",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2.0"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.4"
},
{
"model": "telepresence integrator c series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.3.7"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "anyconnect secure mobility client",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7"
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.1"
},
{
"model": "workload deployer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"model": "telepresence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "87100"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.1"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.4-23"
},
{
"model": "10.2-release-p14",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "10.1-release-p17",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.25-57"
},
{
"model": "sterling connect:express for unix ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.6.1146-109"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.18-43"
},
{
"model": "cloud manager with openstack interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.5"
},
{
"model": "workload deployer if12",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.7"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"model": "media services interface",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus intercloud",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1000v0"
},
{
"model": "media experience engines",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.5"
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.0"
},
{
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.1"
},
{
"model": "ips",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 1.0.1i",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.4.2"
},
{
"model": "unified workforce optimization quality management sr3 es5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.0"
},
{
"model": "qradar",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0"
},
{
"model": "meetingplace",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.7"
},
{
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0.1"
},
{
"model": "security identity manager virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.2"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.2"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.913"
},
{
"model": "unified attendant console advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime access registrar",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.0.1.7"
},
{
"model": "anyconnect secure mobility client for ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "webex messenger service ep1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.9.9"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.3"
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "mediasense",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5.1"
},
{
"model": "unified ip phone 9.4.2sr3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8961"
},
{
"model": "10.2-release-p9",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "unified wireless ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 1.0.1s",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "10.1-release-p27",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "spa122 ata with router",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.4.5"
},
{
"model": "media experience engines",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.6"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.2"
},
{
"model": "webex meeting center",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.9.1"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "lancope stealthwatch flowcollector netflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.2"
},
{
"model": "webex node for mcs",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.12.9.8"
},
{
"model": "jabber for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance 4300e/4500e high-definition ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2.8"
},
{
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.20"
},
{
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.0.0"
},
{
"model": "10.2-release-p6",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "cloud manager with openstack interix fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.3"
},
{
"model": "unified sip proxy",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "virtual security gateway for microsoft hyper-v",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(1)"
},
{
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32100"
},
{
"model": "unified attendant console premium edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "digital media players series 5.4 rb",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4300"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.11-28"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"model": "qradar",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.31"
},
{
"model": "mysql workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.1.5"
},
{
"model": "prime optical for sps",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "pureapplication system",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1"
},
{
"model": "abyp-2t-1s-1l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "mds series multilayer switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "90006.2.17"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.19"
},
{
"model": "project openssl 1.0.1r",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "anyconnect secure mobility client for linux",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3"
},
{
"model": "vm server for",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "x863.3"
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0.0"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.03"
},
{
"model": "aspera console",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.1"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.0.997"
},
{
"model": "anyconnect secure mobility client for os",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x4.3"
},
{
"model": "unified ip phone series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "79000"
},
{
"model": "anyconnect secure mobility client for android",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3"
},
{
"model": "lancope stealthwatch flowsensor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "connected analytics for collaboration 1.0.1q",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "jabber guest",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.0"
},
{
"model": "abyp-2t-1s-1l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "show and share",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(2)"
},
{
"model": "lancope stealthwatch flowcollector sflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.7.3"
},
{
"model": "mmp server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "13.2"
},
{
"model": "tivoli provisioning manager for images",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.19"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.30.0-13"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1"
},
{
"model": "abyp-10g-2sr-2lr-1-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "tivoli provisioning manager for images build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.20280.6"
},
{
"model": "computer telephony integration object server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.51"
},
{
"model": "unified communications for microsoft lync",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.6.7"
},
{
"model": "prime security manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.3.4.2-4"
},
{
"model": "anyres live",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.14"
},
{
"model": "ons series multiservice provisioning platforms",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1545410.6.1"
},
{
"model": "telepresence isdn link",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70104.4"
},
{
"model": "packet tracer",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2"
},
{
"model": "openssh for gpfs for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.0.31"
},
{
"model": "agent for openflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0.7"
},
{
"model": "unified attendant console business edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cloud manager with openstack interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.5"
},
{
"model": "cognos business intelligence interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.117"
},
{
"model": "unified contact center enterprise",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.51"
},
{
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32200"
},
{
"model": "show and share",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(3)"
},
{
"model": "globalprotect agent",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "3.1.0"
},
{
"model": "webex meetings for wp8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.54"
},
{
"model": "abyp-2t-2s-0l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "powerkvm",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "webex meetings for android",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1"
},
{
"model": "mds series multilayer switches 7.3.1nx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9000"
},
{
"model": "mds series multilayer switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"model": "ios software and cisco ios xe software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "16.3.1"
},
{
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.2"
},
{
"model": "webex meeting center",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.9.0.5"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.15-36"
},
{
"model": "ace application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "300"
},
{
"model": "lancope stealthwatch flowsensor",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.7.3"
},
{
"model": "exalogic infrastructure",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0"
},
{
"model": "proventia network enterprise scanner",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.4"
},
{
"model": "tivoli provisioning manager for os deployment build",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1051.08"
},
{
"model": "nac guest server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "local collector appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2.10"
},
{
"model": "enterprise content delivery system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(1)"
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.22"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.11"
},
{
"model": "mobile foundation consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.0.0"
},
{
"model": "prime collaboration deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings client hosted t31r1sp6",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cloud manager with openstack interim fix1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.6"
},
{
"model": "9.3-release-p35",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "dx series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "virtualization experience media engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance series ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "60002.8"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3x000"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.18"
},
{
"model": "packet tracer",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3"
},
{
"model": "unified sip proxy",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0"
},
{
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.12"
},
{
"model": "aspera shares",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.9.3"
},
{
"model": "abyp-0t-4s-0l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "10.2-release-p10",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.0.1"
},
{
"model": "spa50x series ip phones",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.6.5"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "abyp-4ts-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.5"
},
{
"model": "ata series analog terminal adaptor",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1901.3"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.0"
},
{
"model": "digital media players series 5.4 rb",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4400"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.4"
},
{
"model": "virtualization experience media engine",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5.1"
},
{
"model": "abyp-10g-4lr-1-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3200"
},
{
"model": "abyp-10g-4lr-1-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "video surveillance ptz ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8"
},
{
"model": "9.3-release-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.6"
},
{
"model": "unified communications for microsoft lync",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jabber software development kit",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "spa122 ata with router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "10.1-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.3-stable",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "tivoli composite application manager for transactions if03",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.4.0.1"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.4"
},
{
"model": "identity services engine",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2.1"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.2"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.1"
},
{
"model": "tivoli provisioning manager for os deployment build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.151.05"
},
{
"model": "10.1-release-p9",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "webex meetings server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.7"
},
{
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3"
},
{
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.2.2"
},
{
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.21"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(2.10000.5)"
},
{
"model": "project openssl 1.0.1c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.1.0"
},
{
"model": "telepresence mx series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.3.7"
},
{
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"model": "telepresence server on multiparty media",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3204.4"
},
{
"model": "lancope stealthwatch flowcollector sflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8"
},
{
"model": "qradar siem/qrif/qrm/qvm patch",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.71"
},
{
"model": "digital media players series 5.3 rb",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4300"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1768"
},
{
"model": "telepresence profile series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.3.7"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.41"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.1"
},
{
"model": "openssh for gpfs for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5"
},
{
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.6"
},
{
"model": "abyp-0t-0s-4l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.5"
},
{
"model": "project openssl 1.0.1f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "nexus series switches 7.3.1nx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7000"
},
{
"model": "jabber for android mr",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6"
},
{
"model": "project openssl 1.0.2a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "abyp-4t-0s-0l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "algo audit and compliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "project openssl 1.0.2f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.5"
},
{
"model": "connected grid router-cgos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.2919"
},
{
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.0"
},
{
"model": "lancope stealthwatch smc",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tivoli provisioning manager for images",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.0"
},
{
"model": "telepresence server on virtual machine mr2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"model": "anyconnect secure mobility client",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3"
},
{
"model": "unified ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "69450"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "60008.3"
},
{
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.15"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.30.2-9"
},
{
"model": "abyp-0t-2s-2l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70008.3"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.2"
},
{
"model": "webex meetings server ssl gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.25"
},
{
"model": "sterling connect:express for unix ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.6.1146-110"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"model": "messagesight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2"
},
{
"model": "prime network services controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "lancope stealthwatch flowcollector sflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.1"
},
{
"model": "ironport email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "9.3-release-p3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "prime collaboration provisioning",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.2"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.12"
},
{
"model": "sterling connect:express for unix ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.6.1146-113"
},
{
"model": "lancope stealthwatch flowsensor",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.3"
},
{
"model": "spa30x series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.2"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.30-12"
},
{
"model": "webex meetings client on premises",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.3"
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.19"
},
{
"model": "telepresence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70100"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.3(1)"
},
{
"model": "hosted collaboration mediation fulfillment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "digital media manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.4"
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.2"
},
{
"model": "bm security identity governance and intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"model": "security manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.12"
},
{
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.0"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.7"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5(.1.131)"
},
{
"model": "project openssl 1.0.2d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "10.3"
},
{
"model": "prime access registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "onepk all-in-one vm",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1(1)"
},
{
"model": "prime lan management solution",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "algo audit and compliance if",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0.32"
},
{
"model": "spa525g",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cloud manager with openstack interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.4"
},
{
"model": "lancope stealthwatch flowsensor",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.1"
},
{
"model": "9.3-release-p25",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "abyp-0t-2s-2l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "unified attendant console department edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified ip phone 9.4.2sr3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9971"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.1"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.29-9"
},
{
"model": "series ip phones vpn feature",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8800-0"
},
{
"model": "nexus series switches 7.3.1dx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6000"
},
{
"model": "abyp-2t-0s-2l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "spa112 2-port phone adapter",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.4.5"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.6"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3387"
},
{
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.1.1"
},
{
"model": "telepresence server mr2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70104.2"
},
{
"model": "webex messenger service",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.20"
},
{
"model": "abyp-10g-4sr-1-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "media experience engines",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.0"
},
{
"model": "10.3-stable",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.1.4"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.2.2"
},
{
"model": "mysql enterprise backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.10"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "connected grid router 15.6.2.15t",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "video distribution suite for internet streaming",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "digital media players series 5.4 rb",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4300"
},
{
"model": "telepresence server on multiparty media mr2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3204.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5"
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.116"
},
{
"model": "cloupia unified infrastructure controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "hosted collaboration mediation fulfillment",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5:20"
},
{
"model": "jabber for mac",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.7"
},
{
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.20"
},
{
"model": "agent desktop for cisco unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1"
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"model": "telepresence server on multiparty media mr2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3104.2"
},
{
"model": "adaptive security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70006.2.17"
},
{
"model": "digital media players series 5.3 rb",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4400"
},
{
"model": "project openssl 1.0.1n",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3204.1"
},
{
"model": "lancope stealthwatch smc",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.7.3"
},
{
"model": "packet tracer",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.0"
},
{
"model": "network analysis module",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.3.1"
},
{
"model": "project openssl 1.0.1o",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"model": "unified wireless ip phone",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5.1"
},
{
"model": "anyconnect secure mobility client for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "security access manager for web",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.4"
},
{
"model": "virtual security gateway vsg2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "linux x86 64 -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "workload deployer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.17"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "10.1"
},
{
"model": "policy suite",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"model": "webex meetings client on premises",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "-2.7"
},
{
"model": "10.2-release-p12",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "spa51x series ip phones",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.6.5"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.55"
},
{
"model": "unified ip conference phone for third-party call control",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"model": "unified intelligence center",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5.1"
},
{
"model": "telepresence server on virtual machine",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.4"
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.0.0"
},
{
"model": "common services platform collector",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.9.1"
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.7"
},
{
"model": "project openssl 1.0.2e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.2"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(3.10000.9)"
},
{
"model": "hosted collaboration mediation fulfillment",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"model": "project openssl 1.0.1q",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "dcm series 9900-digital content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.3"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.16"
},
{
"model": "digital media manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3"
},
{
"model": "anyconnect secure mobility client for ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.0"
},
{
"model": "tivoli provisioning manager for os deployment intirim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.133"
},
{
"model": "telepresence sx series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.1.2"
},
{
"model": "lancope stealthwatch flowcollector sflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.2"
},
{
"model": "anyconnect secure mobility client for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2"
},
{
"model": "webex meetings client hosted",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "webex meetings for wp8",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.13"
},
{
"model": "sterling connect:express for unix ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.6.1146-108"
},
{
"model": "sterling connect:express for unix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.13"
},
{
"model": "show and share",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(2.1)"
},
{
"model": "webex meetings for wp8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.1"
},
{
"model": "physical access control gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "wide area application services",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.5.7"
},
{
"model": "9.3-release-p24",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "webex messenger service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security privileged identity manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"model": "10.1-release-p19",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "mmp server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.10"
},
{
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.1"
},
{
"model": "prime ip express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "application and content networking system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.5.41"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.0"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"model": "mysql workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.1.4"
},
{
"model": "10.1-release-p30",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.3-release-p13",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.2.1"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "intelligent automation for cloud",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "0.9.8"
},
{
"model": "cognos business intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "edge digital media player 1.6rb4 5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "300"
},
{
"model": "mds series multilayer switches 7.3.1dx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9000"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "99510"
},
{
"model": "abyp-10g-4sr-1-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "9.3-release-p36",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89450"
},
{
"model": "digital media manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.4.1"
},
{
"model": "tivoli provisioning manager for os deployment build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.20280.6"
},
{
"model": "lancope stealthwatch flowsensor",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.2"
},
{
"model": "video surveillance series ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30002.8"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.10"
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.2"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.12"
},
{
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.28"
},
{
"model": "webex meeting center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.11"
},
{
"model": "partner supporting service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.11"
},
{
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.29"
},
{
"model": "mobility services engine",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.0"
},
{
"model": "edge digital media player",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3401.2.0.20"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.1"
},
{
"model": "abyp-0t-4s-0l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "spa30x series ip phones",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.6.5"
},
{
"model": "unified series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "78000"
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.8"
},
{
"model": "digital media players series 5.4 rb",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4400"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.13"
},
{
"model": "10.2-release-p11",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "enterprise content management system monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "42000"
},
{
"model": "security access manager for web",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.1.0"
},
{
"model": "socialminer",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "standalone rack server cimc",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5"
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.0.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "spa112 2-port phone adapter",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mysql enterprise backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.12.2"
},
{
"model": "intracer",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "lancope stealthwatch smc",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8"
},
{
"model": "jabber for apple ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6.2"
},
{
"model": "video surveillance series high-definition ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "40002.4.7"
},
{
"model": "video surveillance media server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.7"
},
{
"model": "9.3-release-p33",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.5"
},
{
"model": "tivoli provisioning manager for os deployment build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1051.07"
},
{
"model": "mq appliance m2001",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.24"
},
{
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "84200"
},
{
"model": "jabber for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ironport email security appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "10.2"
},
{
"model": "anyconnect secure mobility client for linux",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.112"
},
{
"model": "spa525g",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.6.5"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.3"
},
{
"model": "mmp server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.9.0.5"
},
{
"model": "9.3-release-p41",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "tivoli netcool system service monitors fp1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "telepresence integrator c series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.1.2"
},
{
"model": "lancope stealthwatch udp director",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime network registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cloud object store",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.8"
},
{
"model": "anyconnect secure mobility client for android",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "cognos business intelligence fixpack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.12"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.1.4"
},
{
"model": "telepresence sx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "10.1-release-p25",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "enterprise content management system monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.1.5"
},
{
"model": "registered envelope service",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"model": "lancope stealthwatch smc",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.1"
},
{
"model": "tivoli netcool system service monitors fp2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "cognos business intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"model": "tivoli netcool system service monitor fp14",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "99710"
},
{
"model": "telepresence content server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.2"
},
{
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.5(4)"
},
{
"model": "meetingplace",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence server on multiparty media",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3104.4"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.4"
},
{
"model": "security guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.0.2"
},
{
"model": "anyconnect secure mobility client for linux",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.6"
},
{
"model": "mq appliance m2000",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "ata analog telephone adaptor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1870"
},
{
"model": "asa cx and prime security manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "universal small cell series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "50003.5.12.21"
},
{
"model": "project openssl 1.0.1m",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "13.1"
},
{
"model": "expressway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"model": "anyconnect secure mobility client for android",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0(1)"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "50007.3.1"
},
{
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.5(3)"
},
{
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"model": "10.1-release-p6",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "security identity manager virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.0"
},
{
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0.2"
},
{
"model": "edge digital media player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3000"
},
{
"model": "unified ip phone 9.4.2sr3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8945"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.18-49"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0(1.10000.12)"
},
{
"model": "telepresence ex series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.1.2"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1000v0"
},
{
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.3"
},
{
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.3"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.6"
},
{
"model": "mate design",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.1"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.5"
},
{
"model": "10.3-rc2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.13-41"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "aspera console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"model": "show and share",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "network admission control",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified communications for microsoft lync",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6"
},
{
"model": "identity services engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.4"
},
{
"model": "project openssl 1.0.1j",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "universal small cell series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70003.4.2.0"
},
{
"model": "10.1-release-p33",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "nexus series switches 7.3.1dx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"model": "telepresence conductor",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"model": "abyp-0t-0s-4l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "unified attendant console standard",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.115"
},
{
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.4.0.0"
},
{
"model": "security identity manager virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.1"
},
{
"model": "jazz reporting service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "connected grid routers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mate live",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.13"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5(.1.6)"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1"
},
{
"model": "telepresence integrator c series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified workforce optimization sr3 es5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.0"
},
{
"model": "project openssl 1.0.1d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.2"
},
{
"model": "unified communications manager 10.5 su3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "jazz reporting service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "aspera shares",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.9.4"
},
{
"model": "abyp-2t-2s-0l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "abyp-4tl-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "nac server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "lancope stealthwatch udp director",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.7.3"
},
{
"model": "application policy infrastructure controller",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0(0.400)"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3381"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.9-34"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.3.2"
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.3"
},
{
"model": "abyp-4ts-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "digital media players series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "43000"
},
{
"model": "workload deployer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.11"
},
{
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3100"
},
{
"model": "9.3-release-p31",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "security proventia network active bypass 0343c3c",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.23"
},
{
"model": "cloud manager with openstack interim fix1",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.6"
},
{
"model": "unified ip phones 9.3 sr3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6901"
},
{
"model": "digital media manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3.6"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.3"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11.0(0.98000.225)"
},
{
"model": "prime network",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "anyconnect secure mobility client for ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3"
},
{
"model": "prime performance manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.02"
},
{
"model": "prime collaboration provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "network analysis module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "websphere application server liberty profile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5"
},
{
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.30"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.12"
},
{
"model": "vm server for",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "x863.4"
},
{
"model": "unity connection",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"model": "telepresence video communication server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.8"
},
{
"model": "lancope stealthwatch flowcollector netflow",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "lancope stealthwatch smc",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.2"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(1.98991.13)"
},
{
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.2.0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.16"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "abyp-10g-2sr-2lr-1-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "prime optical for sps",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.6"
},
{
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "45000"
},
{
"model": "telepresence server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "87104.4"
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1.0.0"
},
{
"model": "telepresence isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32410"
},
{
"model": "aspera console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.4"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "50008.3"
},
{
"model": "10.1-release-p31",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.0"
},
{
"model": "tivoli netcool system service monitors interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.12-04"
},
{
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.2.1"
},
{
"model": "netflow generation appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "pureapplication system",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.2.3"
},
{
"model": "aspera shares",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.9.2"
},
{
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3104.1"
},
{
"model": "telepresence ex series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings server ssl gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "-2.7"
},
{
"model": "telepresence server on virtual machine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.6"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.5"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5"
},
{
"model": "webex meetings for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(1.10000.5)"
},
{
"model": "aspera console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.6"
},
{
"model": "tivoli composite application manager for transactions if37",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0.1"
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.6"
},
{
"model": "tivoli network manager ip edition fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.94"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.0"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.0"
},
{
"model": "prime license manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3376"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "messagesight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.3"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.18-42"
},
{
"model": "video surveillance series ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70002.8"
},
{
"model": "expressway series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.8"
},
{
"model": "abyp-4t-0s-0l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "email security appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.2"
},
{
"model": "virtual security gateway for microsoft hyper-v vsg2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.14"
},
{
"model": "connected grid router cgos 15.6.2.15t",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "wide area application services",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2.3"
},
{
"model": "9.3-release-p5",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "tivoli netcool system service monitors interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.12-01"
},
{
"model": "unified intelligent contact management enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security identity manager virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.1"
},
{
"model": "nexus series switches 7.3.1nx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6000"
},
{
"model": "application and content networking system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mmp server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.9.1"
},
{
"model": "project openssl 1.0.1k",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "9.3-release-p39",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "anyconnect secure mobility client for ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "sterling connect:express for unix ifix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.6.1146-114"
},
{
"model": "telepresence mx series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.1.2"
},
{
"model": "aspera console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.5"
},
{
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.16"
},
{
"model": "spa232d multi-line dect ata",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.4.5"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "tivoli provisioning manager for images build",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.20290.1"
},
{
"model": "project openssl 1.0.1b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "telepresence profile series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.1.2"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.13"
},
{
"model": "anyconnect secure mobility client for os",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x4.2"
},
{
"model": "tivoli netcool system service monitors interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.014-08"
},
{
"model": "lancope stealthwatch udp director",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8"
},
{
"model": "universal small cell series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70003.5.12.21"
},
{
"model": "telepresence conductor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "application policy infrastructure controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jabber for mac",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "globalprotect agent",
"scope": "ne",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "3.1.1"
},
{
"model": "dcm series 9900-digital content manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "19.0"
},
{
"model": "image construction and composition tool",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.2.0"
},
{
"model": "10.3-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"model": "security access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "video surveillance 4300e/4500e high-definition ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1876"
},
{
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0"
},
{
"model": "10.3-release-p2",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "unified ip phone 9.4.2sr3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9951"
},
{
"model": "local collector appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2.12"
},
{
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.1"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.32"
},
{
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0.0"
},
{
"model": "content security appliance updater servers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "10.1-release-p29",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "connected analytics for collaboration",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "multicast manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "10.1-release-p23",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "lancope stealthwatch flowcollector netflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.7.3"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"model": "telepresence ex series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.3.7"
},
{
"model": "mac os security update",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x2016"
},
{
"model": "10.1-release-p16",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "jazz reporting service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "50006.2.17"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.30.4-12"
},
{
"model": "webex node for mcs",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "emergency responder 10.5",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "security identity manager virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.0"
},
{
"model": "qradar siem mr2 patch",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.113"
},
{
"model": "unified communications manager session management edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "900012.0"
},
{
"model": "lancope stealthwatch udp director",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.1"
},
{
"model": "9.3-release-p6",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "video surveillance ptz ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "virtualization experience media engine",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.7(0)"
},
{
"model": "telepresence serial gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "9.3-release-p9",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "aspera console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.3"
},
{
"model": "project openssl 1.0.2c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "webex meetings server 2.5mr2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "virtual security gateway for microsoft hyper-v",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "services analytic platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jabber for apple ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.7"
},
{
"model": "unified ip phone series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "79009.4(2)"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89610"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "60006.2.17"
},
{
"model": "workload deployer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.12"
},
{
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.2"
},
{
"model": "unified series ip conference phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"model": "video surveillance media server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.9"
},
{
"model": "unified communications manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "agent for openflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1.5"
},
{
"model": "10.2-release-p16",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.27"
},
{
"model": "project openssl 1.0.2h",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "virtual security gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(1)"
},
{
"model": "unified attendant console enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3379"
},
{
"model": "policy suite",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0"
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2"
},
{
"model": "project openssl 1.0.2b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "mysql server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.22"
},
{
"model": "prime data center network manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "unified communications manager session management edition",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"model": "videoscape control suite",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "53000"
},
{
"model": "prime access registrar",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.1"
},
{
"model": "anyres live",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9.4.5"
},
{
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.3.0"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.0"
},
{
"model": "9.3-release-p34",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0(1)"
},
{
"model": "tivoli provisioning manager for images system edition build",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "x7.1.1.20290.1"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.10"
},
{
"model": "jabber software development kit",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.7"
},
{
"model": "unified contact center express",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"model": "webex meetings server mr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "telepresence mx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.99.2"
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.1"
},
{
"model": "jazz reporting service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "telepresence isdn gw mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83210"
},
{
"model": "telepresence profile series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "abyp-2t-0s-2l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "visual quality experience tools server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cloud manager with openstack interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.3"
},
{
"model": "prime access registrar",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.2"
},
{
"model": "mysql enterprise backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.1"
},
{
"model": "nexus series switches 7.3.1dx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7000"
},
{
"model": "asa cx and cisco prime security manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9.5.4.3"
},
{
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "project openssl 1.0.1l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "im and presence service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3"
},
{
"model": "9.3-release-p29",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "firesight system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "management appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vm server for",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "x863.2"
},
{
"model": "aspera console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.2"
},
{
"model": "tivoli provisioning manager for images system edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x7.1.1.0"
},
{
"model": "unity connection",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.1"
},
{
"model": "cloud object store",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "anyconnect secure mobility client for os",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x4.0"
},
{
"model": "project openssl 1.0.1h",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(2.13900.9)"
},
{
"model": "ip interoperability and collaboration system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(0.98000.88)"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.1"
},
{
"model": "project openssl 1.0.1p",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "89744"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-082"
},
{
"db": "NVD",
"id": "CVE-2016-2106"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2g:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2:beta3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.0.1s",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2:beta2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-2106"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Guido Vranken",
"sources": [
{
"db": "BID",
"id": "89744"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-082"
}
],
"trust": 0.9
},
"cve": "CVE-2016-2106",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2016-2106",
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-2106",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201605-082",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2016-2106",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-2106"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-082"
},
{
"db": "NVD",
"id": "CVE-2016-2106"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Integer overflow in the EVP_EncryptUpdate function in crypto/evp/evp_enc.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of data. OpenSSL is prone to an integer-overflow vulnerability. \nAn attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions. \nFollowing product versions are affected:\nOpenSSL versions 1.0.2 prior to 1.0.2h are vulnerable. \nOpenSSL versions 1.0.1 prior to 1.0.1t are vulnerable. It is comprised of the Apache\nHTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector\n(mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat\nNative library. \n\nSecurity Fix(es):\n\n* It was discovered that httpd used the value of the Proxy header from HTTP\nrequests to initialize the HTTP_PROXY environment variable for CGI scripts,\nwhich in turn was incorrectly used by certain HTTP client implementations\nto configure the proxy for outgoing HTTP requests. After installing the updated\npackages, the httpd daemon will be restarted automatically. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03756en_us\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: hpesbhf03756en_us\nVersion: 1\n\nHPESBHF03756 rev.1 - HPE Network Products including Comware 7, iMC, and VCX\nrunning OpenSSL, Remote Denial of Service (DoS), Disclosure of Sensitive\nInformation\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2017-06-05\nLast Updated: 2017-06-05\n\nPotential Security Impact: Remote: Denial of Service (DoS), Disclosure of\nSensitive Information\n\nSource: Hewlett Packard Enterprise, Product Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities with OpenSSL have been addressed for HPE\nnetwork products including Comware 7, iMC, and VCX. The vulnerabilities could\nbe remotely exploited resulting in Denial of Service (DoS) or disclosure of\nsensitive information. \n\nReferences:\n\n - CVE-2016-2105 - Remote Denial of Service (DoS)\n - CVE-2016-2106 - Remote Denial of Service (DoS)\n - CVE-2016-2107 - Remote disclosure of sensitive information\n - CVE-2016-2108 - Remote Denial of Service (DoS)\n - CVE-2016-2109 - Remote Denial of Service (DoS)\n - CVE-2016-2176 - Remote Denial of Service (DoS)\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \n\n - VCX Products All versions - Please refer to the RESOLUTION below for a\nlist of updated products. \n - Comware v7 (CW7) Products All versions - Please refer to the RESOLUTION\nbelow for a list of updated products. \n - HP Intelligent Management Center (iMC) All versions - Please refer to the\nRESOLUTION below for a list of updated products. \n\nBACKGROUND\n\n CVSS Base Metrics\n =================\n Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector\n\n CVE-2016-2105\n 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\n 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n CVE-2016-2106\n 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\n 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n CVE-2016-2107\n 3.7 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N\n 2.6 (AV:N/AC:H/Au:N/C:P/I:N/A:N)\n\n CVE-2016-2108\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2016-2109\n 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\n 7.8 (AV:N/AC:L/Au:N/C:N/I:N/A:C)\n\n CVE-2016-2176\n 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L\n 6.4 (AV:N/AC:L/Au:N/C:P/I:N/A:P)\n\n Information on CVSS is documented in\n HPE Customer Notice HPSN-2008-002 here:\n\nhttps://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499\n\nRESOLUTION\n\nHPE has made the following software updates available to resolve the\nvulnerabilities in the Comware 7, iMC and VCX products running OpenSSL. \n\n**COMWARE 7 Products**\n\n + 12500 (Comware 7) - Version: R7377P02\n * HP Network Products\n - JC072B HP 12500 Main Processing Unit\n - JC085A HP A12518 Switch Chassis\n - JC086A HP A12508 Switch Chassis\n - JC652A HP 12508 DC Switch Chassis\n - JC653A HP 12518 DC Switch Chassis\n - JC654A HP 12504 AC Switch Chassis\n - JC655A HP 12504 DC Switch Chassis\n - JF430A HP A12518 Switch Chassis\n - JF430B HP 12518 Switch Chassis\n - JF430C HP 12518 AC Switch Chassis\n - JF431A HP A12508 Switch Chassis\n - JF431B HP 12508 Switch Chassis\n - JF431C HP 12508 AC Switch Chassis\n - JG497A HP 12500 MPU w/Comware V7 OS\n - JG782A HP FF 12508E AC Switch Chassis\n - JG783A HP FF 12508E DC Switch Chassis\n - JG784A HP FF 12518E AC Switch Chassis\n - JG785A HP FF 12518E DC Switch Chassis\n - JG802A HP FF 12500E MPU\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 10500 (Comware 7) - Version: R7184\n * HP Network Products\n - JC611A HP 10508-V Switch Chassis\n - JC612A HP 10508 Switch Chassis\n - JC613A HP 10504 Switch Chassis\n - JC748A HP 10512 Switch Chassis\n - JG608A HP FlexFabric 11908-V Switch Chassis\n - JG609A HP FlexFabric 11900 Main Processing Unit\n - JG820A HP 10504 TAA Switch Chassis\n - JG821A HP 10508 TAA Switch Chassis\n - JG822A HP 10508-V TAA Switch Chassis\n - JG823A HP 10512 TAA Switch Chassis\n - JG496A HP 10500 Type A MPU w/Comware v7 OS\n - JH198A HP 10500 Type D Main Processing Unit with Comware v7 Operating\nSystem\n - JH206A HP 10500 Type D TAA-compliant with Comware v7 Operating System\nMain Processing Unit\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 5900/5920 (Comware 7) - Version: R2422P02\n * HP Network Products\n - JC772A HP 5900AF-48XG-4QSFP+ Switch\n - JG296A HP 5920AF-24XG Switch\n - JG336A HP 5900AF-48XGT-4QSFP+ Switch\n - JG510A HP 5900AF-48G-4XG-2QSFP+ Switch\n - JG554A HP 5900AF-48XG-4QSFP+ TAA Switch\n - JG555A HP 5920AF-24XG TAA Switch\n - JG838A HP FF 5900CP-48XG-4QSFP+ Switch\n - JH036A HP FlexFabric 5900CP 48XG 4QSFP+ TAA-Compliant\n - JH037A HP 5900AF 48XGT 4QSFP+ TAA-Compliant Switch\n - JH038A HP 5900AF 48G 4XG 2QSFP+ TAA-Compliant\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + MSR1000 (Comware 7) - Version: R0306P52\n * HP Network Products\n - JG875A HP MSR1002-4 AC Router\n - JH060A HP MSR1003-8S AC Router\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + MSR2000 (Comware 7) - Version: R0306P52\n * HP Network Products\n - JG411A HP MSR2003 AC Router\n - JG734A HP MSR2004-24 AC Router\n - JG735A HP MSR2004-48 Router\n - JG866A HP MSR2003 TAA-compliant AC Router\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + MSR3000 (Comware 7) - Version: R0306P52\n * HP Network Products\n - JG404A HP MSR3064 Router\n - JG405A HP MSR3044 Router\n - JG406A HP MSR3024 AC Router\n - JG407A HP MSR3024 DC Router\n - JG408A HP MSR3024 PoE Router\n - JG409A HP MSR3012 AC Router\n - JG410A HP MSR3012 DC Router\n - JG861A HP MSR3024 TAA-compliant AC Router\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + MSR4000 (Comware 7) - Version: R0306P52\n * HP Network Products\n - JG402A HP MSR4080 Router Chassis\n - JG403A HP MSR4060 Router Chassis\n - JG412A HP MSR4000 MPU-100 Main Processing Unit\n - JG869A HP MSR4000 TAA-compliant MPU-100 Main Processing Unit\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + VSR (Comware 7) - Version: E0324\n * HP Network Products\n - JG810AAE HP VSR1001 Virtual Services Router 60 Day Evaluation\nSoftware\n - JG811AAE HP VSR1001 Comware 7 Virtual Services Router\n - JG812AAE HP VSR1004 Comware 7 Virtual Services Router\n - JG813AAE HP VSR1008 Comware 7 Virtual Services Router\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 7900 (Comware 7) - Version: R2152\n * HP Network Products\n - JG682A HP FlexFabric 7904 Switch Chassis\n - JG841A HP FlexFabric 7910 Switch Chassis\n - JG842A HP FlexFabric 7910 7.2Tbps Fabric / Main Processing Unit\n - JH001A HP FlexFabric 7910 2.4Tbps Fabric / Main Processing Unit\n - JH122A HP FlexFabric 7904 TAA-compliant Switch Chassis\n - JH123A HP FlexFabric 7910 TAA-compliant Switch Chassis\n - JH124A HP FlexFabric 7910 7.2Tbps TAA-compliant Fabric/Main\nProcessing Unit\n - JH125A HP FlexFabric 7910 2.4Tbps TAA-compliant Fabric/Main\nProcessing Unit\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 5130 (Comware 7) - Version: R3115\n * HP Network Products\n - JG932A HP 5130-24G-4SFP+ EI Switch\n - JG933A HP 5130-24G-SFP-4SFP+ EI Switch\n - JG934A HP 5130-48G-4SFP+ EI Switch\n - JG936A HP 5130-24G-PoE+-4SFP+ (370W) EI Switch\n - JG937A HP 5130-48G-PoE+-4SFP+ (370W) EI Switch\n - JG938A HP 5130-24G-2SFP+-2XGT EI Switch\n - JG939A HP 5130-48G-2SFP+-2XGT EI Switch\n - JG940A HP 5130-24G-PoE+-2SFP+-2XGT (370W) EI Switch\n - JG941A HP 5130-48G-PoE+-2SFP+-2XGT (370W) EI Switch\n - JG975A HP 5130-24G-4SFP+ EI Brazil Switch\n - JG976A HP 5130-48G-4SFP+ EI Brazil Switch\n - JG977A HP 5130-24G-PoE+-4SFP+ (370W) EI Brazil Switch\n - JG978A HP 5130-48G-PoE+-4SFP+ (370W) EI Brazil Switch\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 6125XLG - Version: R2422P02\n * HP Network Products\n - 711307-B21 HP 6125XLG Blade Switch\n - 737230-B21 HP 6125XLG Blade Switch with TAA\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 6127XLG - Version: R2422P02\n * HP Network Products\n - 787635-B21 HP 6127XLG Blade Switch Opt Kit\n - 787635-B22 HP 6127XLG Blade Switch with TAA\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + Moonshot - Version: R2432\n * HP Network Products\n - 786617-B21 - HP Moonshot-45Gc Switch Module\n - 704654-B21 - HP Moonshot-45XGc Switch Module\n - 786619-B21 - HP Moonshot-180XGc Switch Module\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 5700 (Comware 7) - Version: R2422P02\n * HP Network Products\n - JG894A HP FlexFabric 5700-48G-4XG-2QSFP+ Switch\n - JG895A HP FlexFabric 5700-48G-4XG-2QSFP+ TAA-compliant Switch\n - JG896A HP FlexFabric 5700-40XG-2QSFP+ Switch\n - JG897A HP FlexFabric 5700-40XG-2QSFP+ TAA-compliant Switch\n - JG898A HP FlexFabric 5700-32XGT-8XG-2QSFP+ Switch\n - JG899A HP FlexFabric 5700-32XGT-8XG-2QSFP+ TAA-compliant Switch\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 5930 (Comware 7) - Version: R2422P02\n * HP Network Products\n - JG726A HP FlexFabric 5930 32QSFP+ Switch\n - JG727A HP FlexFabric 5930 32QSFP+ TAA-compliant Switch\n - JH178A HP FlexFabric 5930 2QSFP+ 2-slot Switch\n - JH179A HP FlexFabric 5930 4-slot Switch\n - JH187A HP FlexFabric 5930 2QSFP+ 2-slot TAA-compliant Switch\n - JH188A HP FlexFabric 5930 4-slot TAA-compliant Switch\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 1950 (Comware 7) - Version: R3115\n * HP Network Products\n - JG960A HP 1950-24G-4XG Switch\n - JG961A HP 1950-48G-2SFP+-2XGT Switch\n - JG962A HP 1950-24G-2SFP+-2XGT-PoE+(370W) Switch\n - JG963A HP 1950-48G-2SFP+-2XGT-PoE+(370W) Switch\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 7500 (Comware 7) - Version: R7184\n * HP Network Products\n - JD238C HP 7510 Switch Chassis\n - JD239C HP 7506 Switch Chassis\n - JD240C HP 7503 Switch Chassis\n - JD242C HP 7502 Switch Chassis\n - JH207A HP 7500 1.2Tbps Fabric with 2-port 40GbE QSFP+ for IRF-Only\nMain Processing Unit\n - JH208A HP 7502 Main Processing Unit\n - JH209A HP 7500 2.4Tbps Fabric with 8-port 1/10GbE SFP+ and 2-port\n40GbE QSFP+ Main Processing Unit\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 5510HI (Comware 7) - Version: R1120P10\n * HP Network Products\n - JH145A HPE 5510 24G 4SFP+ HI 1-slot Switch\n - JH146A HPE 5510 48G 4SFP+ HI 1-slot Switch\n - JH147A HPE 5510 24G PoE+ 4SFP+ HI 1-slot Switch\n - JH148A HPE 5510 48G PoE+ 4SFP+ HI 1-slot Switch\n - JH149A HPE 5510 24G SFP 4SFP+ HI 1-slot Switch\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 5130HI (Comware 7) - Version: R1120P10\n * HP Network Products\n - JH323A HPE 5130 24G 4SFP+ 1-slot HI Switch\n - JH324A HPE 5130 48G 4SFP+ 1-slot HI Switch\n - JH325A HPE 5130 24G PoE+ 4SFP+ 1-slot HI Switch\n - JH326A HPE 5130 48G PoE+ 4SFP+ 1-slot HI Switch\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 5940 - Version: R2509\n * HP Network Products\n - JH390A HPE FlexFabric 5940 48SFP+ 6QSFP28 Switch\n - JH391A HPE FlexFabric 5940 48XGT 6QSFP28 Switch\n - JH394A HPE FlexFabric 5940 48XGT 6QSFP+ Switch\n - JH395A HPE FlexFabric 5940 48SFP+ 6QSFP+ Switch\n - JH396A HPE FlexFabric 5940 32QSFP+ Switch\n - JH397A HPE FlexFabric 5940 2-slot Switch\n - JH398A HPE FlexFabric 5940 4-slot Switch\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 5950 - Version: R6123\n * HP Network Products\n - JH321A HPE FlexFabric 5950 32QSFP28 Switch\n - JH402A HPE FlexFabric 5950 48SFP28 8QSFP28 Switch\n - JH404A HPE FlexFabric 5950 4-slot Switch\n + 12900E (Comware 7) - Version: R2609\n * HP Network Products\n - JG619A HP FlexFabric 12910 Switch AC Chassis\n - JG621A HP FlexFabric 12910 Main Processing Unit\n - JG632A HP FlexFabric 12916 Switch AC Chassis\n - JG634A HP FlexFabric 12916 Main Processing Unit\n - JH104A HP FlexFabric 12900E Main Processing Unit\n - JH114A HP FlexFabric 12910 TAA-compliant Main Processing Unit\n - JH263A HP FlexFabric 12904E Main Processing Unit\n - JH255A HP FlexFabric 12908E Switch Chassis\n - JH262A HP FlexFabric 12904E Switch Chassis\n - JH113A HP FlexFabric 12910 TAA-compliant Switch AC Chassis\n - JH103A HP FlexFabric 12916E Switch Chassis\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n\n\n**iMC Products**\n\n + iNode PC 7.2 (E0410) - Version: 7.2 E0410\n * HP Network Products\n - JD144A HP A-IMC User Access Management Software Module with 200-user\nLicense\n - JD147A HP IMC Endpoint Admission Defense Software Module with\n200-user License\n - JD435A HP A-IMC Endpoint Admission Defense Client Software\n - JF388A HP IMC User Authentication Management Software Module with\n200-user License\n - JF388AAE HP IMC User Authentication Management Software Module with\n200-user E-LTU\n - JF391A HP IMC Endpoint Admission Defense Software Module with\n200-user License\n - JF391AAE HP IMC Endpoint Admission Defense Software Module with\n200-user E-LTU\n - JG752AAE HP IMC User Access Manager Software Module with 50-user\nE-LTU\n - JG754AAE) HP IMC Endpoint Admission Defense Software Module with\n50-user E-LTU\n * CVEs\n - CVE-2016-2106\n - CVE-2016-2109\n - CVE-2016-2176\n + iMC UAM_TAM 7.2-E0409 - Version: 7.2 E0409\n * HP Network Products\n - JF388A HP IMC UAM S/W MODULE W/200-USER LICENSE\n - JF388AAE HP IMC UAM S/W MODULE W/200-USER E-LTU\n - JG752AAE HP IMC UAM SW MOD W/ 50-USER E-LTU\n - JG483A HP IMC TAM S/W MODULE W/100-NODE LIC\n - JG483AAE HP IMC TAM S/W MODULE W/100-NODE E-LTU\n - JG764AAE HP IMC TAM SW MOD W/ 50-NODE E-LTU\n * CVEs\n - CVE-2016-2106\n - CVE-2016-2109\n - CVE-2016-2176\n\n\n**VCX Products**\n\n + VCX - Version: 9.8.19\n * HP Network Products\n - J9672A HP VCX V7205 Platform w/ DL360 G7 Srvr\n - J9668A HP VCX IPC V7005 Pltfrm w/ DL120 G6 Srvr\n - JC517A HP VCX V7205 Platform w/DL 360 G6 Server\n - JE355A HP VCX V6000 Branch Platform 9.0\n - JC516A HP VCX V7005 Platform w/DL 120 G6 Server\n - JC518A HP VCX Connect 200 Primry 120 G6 Server\n - J9669A HP VCX IPC V7310 Pltfrm w/ DL360 G7 Srvr\n - JE341A HP VCX Connect 100 Secondary\n - JE252A HP VCX Connect Primary MIM Module\n - JE253A HP VCX Connect Secondary MIM Module\n - JE254A HP VCX Branch MIM Module\n - JE355A HP VCX V6000 Branch Platform 9.0\n - JD028A HP MS30-40 RTR w/VCX + T1/FXO/FXS/Mod\n - JD023A HP MSR30-40 Router with VCX MIM Module\n - JD024A HP MSR30-16 RTR w/VCX Ent Br Com MIM\n - JD025A HP MSR30-16 RTR w/VCX + 4FXO/2FXS Mod\n - JD026A HP MSR30-16 RTR w/VCX + 8FXO/4FXS Mod\n - JD027A HP MSR30-16 RTR w/VCX + 8BRI/4FXS Mod\n - JD029A HP MSR30-16 RTR w/VCX + E1/4BRI/4FXS\n - JE340A HP VCX Connect 100 Pri Server 9.0\n - JE342A HP VCX Connect 100 Sec Server 9.0\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n\n**Note:** Please contact HPE Technical Support if any assistance is needed\nacquiring the software updates. \n\nHISTORY\nVersion:1 (rev.1) - 2 June 2017 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running Hewlett Packard Enterprise (HPE) software\nproducts should be applied in accordance with the customer\u0027s patch management\npolicy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HPE Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hpe.com. \n\nReport: To report a potential security vulnerability for any HPE supported\nproduct:\n Web form: https://www.hpe.com/info/report-security-vulnerability\n Email: security-alert@hpe.com\n\nSubscribe: To initiate a subscription to receive future HPE Security Bulletin\nalerts via Email: http://www.hpe.com/support/Subscriber_Choice\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here: http://www.hpe.com/support/Security_Bulletin_Archive\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HPE General Software\nHF = HPE Hardware and Firmware\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPV = ProCurve\nST = Storage Software\nUX = HP-UX\n\nCopyright 2016 Hewlett Packard Enterprise\n\nHewlett Packard Enterprise shall not be liable for technical or editorial\nerrors or omissions contained herein. The information provided is provided\n\"as is\" without warranty of any kind. To the extent permitted by law, neither\nHP or its affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. Hewlett\nPackard Enterprise and the names of Hewlett Packard Enterprise products\nreferenced herein are trademarks of Hewlett Packard Enterprise in the United\nStates and other countries. Other product and company names mentioned herein\nmay be trademarks of their respective owners. \n(CVE-2016-5387)\n\n* It was discovered that OpenSSL would accept ephemeral RSA keys when using\nnon-export RSA cipher suites. A malicious server could make a TLS/SSL\nclient using OpenSSL use a weaker key exchange method. (CVE-2016-3110)\n\n* It was found that OpenSSL\u0027s BigNumber Squaring implementation could\nproduce incorrect results under certain special conditions. Note that this issue occurred rarely and with a low probability,\nand there is currently no known way of exploiting it. \n\nThe References section of this erratum contains a download link (you must\nlog in to download the update). \n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201612-16\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: OpenSSL: Multiple vulnerabilities\n Date: December 07, 2016\n Bugs: #581234, #585142, #585276, #591454, #592068, #592074,\n #592082, #594500, #595186\n ID: 201612-16\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in OpenSSL, the worst of which\nallows attackers to conduct a time based side-channel attack. Please review\nthe CVE identifiers and the International Association for Cryptologic\nResearch\u0027s (IACR) paper, \"Make Sure DSA Signing Exponentiations Really\nare Constant-Time\" for further details. Additionally, a time based side-channel\nattack may allow a local attacker to recover a private DSA key. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll OpenSSL users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-1.0.2j\"\n\nReferences\n==========\n\n[ 1 ] CVE-2016-2105\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2105\n[ 2 ] CVE-2016-2106\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2106\n[ 3 ] CVE-2016-2107\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2107\n[ 4 ] CVE-2016-2108\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2108\n[ 5 ] CVE-2016-2109\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2109\n[ 6 ] CVE-2016-2176\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2176\n[ 7 ] CVE-2016-2177\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2177\n[ 8 ] CVE-2016-2178\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2178\n[ 9 ] CVE-2016-2180\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2180\n[ 10 ] CVE-2016-2183\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2183\n[ 11 ] CVE-2016-6304\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6304\n[ 12 ] CVE-2016-6305\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6305\n[ 13 ] CVE-2016-6306\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6306\n[ 14 ] CVE-2016-7052\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7052\n[ 15 ] Make Sure DSA Signing Exponentiations Really are Constant-Time\n http://eprint.iacr.org/2016/594.pdf\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201612-16\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2016 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n\n. Description:\n\nRed Hat JBoss Enterprise Application Platform 6 is a platform for Java\napplications based on JBoss Application Server 7. \n\nThis release includes bug fixes and enhancements, as well as a new release\nof OpenSSL that addresses a number of outstanding security flaws. For\nfurther information, see the knowledge base article linked to in the\nReferences section. The JBoss server process must be restarted for the update\nto take effect. \n(CVE-2016-2108)\n\n* Multiple flaws were found in the way httpd parsed HTTP requests and\nresponses using chunked transfer encoding. A remote attacker could use\nthese flaws to create a specially crafted request, which httpd would decode\ndifferently from an HTTP proxy software in front of it, possibly leading to\nHTTP request smuggling attacks. (CVE-2015-3195)\n\n* A flaw was found in the way the TLS protocol composes the Diffie-Hellman\nexchange (for both export and non-export grade cipher suites). An attacker\ncould use this flaw to downgrade a DHE connection to use export-grade key\nsizes, which could then be broken by sufficient pre-computation. This can\nlead to a passive man-in-the-middle attack in which the attacker is able to\ndecrypt all traffic. (CVE-2016-2106)\n\n* It was discovered that it is possible to remotely Segfault Apache http\nserver with a specially crafted string sent to the mod_cluster via service\nmessages (MCMP). (CVE-2016-2109)\n\n* It was discovered that specifying configuration with a JVMRoute path\nlonger than 80 characters will cause segmentation fault leading to a server\ncrash. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: openssl security update\nAdvisory ID: RHSA-2016:0722-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2016-0722.html\nIssue date: 2016-05-09\nCVE Names: CVE-2016-0799 CVE-2016-2105 CVE-2016-2106 \n CVE-2016-2107 CVE-2016-2108 CVE-2016-2109 \n CVE-2016-2842 \n=====================================================================\n\n1. Summary:\n\nAn update for openssl is now available for Red Hat Enterprise Linux 7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - x86_64\n\n3. Description:\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and\nTransport Layer Security (TLS) protocols, as well as a full-strength\ngeneral-purpose cryptography library. \n\nSecurity Fix(es):\n\n* A flaw was found in the way OpenSSL encoded certain ASN.1 data\nstructures. \n(CVE-2016-2105, CVE-2016-2106)\n\n* It was discovered that OpenSSL leaked timing information when decrypting\nTLS/SSL and DTLS protocol encrypted records when the connection used the\nAES CBC cipher suite and the server supported AES-NI. A remote attacker\ncould possibly use this flaw to retrieve plain text from encrypted packets\nby using a TLS/SSL or DTLS server as a padding oracle. (CVE-2016-2107)\n\n* Several flaws were found in the way BIO_*printf functions were\nimplemented in OpenSSL. \n(CVE-2016-0799, CVE-2016-2842)\n\n* A denial of service flaw was found in the way OpenSSL parsed certain\nASN.1-encoded data from BIO (OpenSSL\u0027s I/O abstraction) inputs. An\napplication using OpenSSL that accepts untrusted ASN.1 BIO input could be\nforced to allocate an excessive amount of data. (CVE-2016-2109)\n\nRed Hat would like to thank the OpenSSL project for reporting\nCVE-2016-2108, CVE-2016-2842, CVE-2016-2105, CVE-2016-2106, CVE-2016-2107,\nand CVE-2016-0799. Upstream acknowledges Huzaifa Sidhpurwala (Red Hat),\nHanno B\u00f6ck, and David Benjamin (Google) as the original reporters of\nCVE-2016-2108; Guido Vranken as the original reporter of CVE-2016-2842,\nCVE-2016-2105, CVE-2016-2106, and CVE-2016-0799; and Juraj Somorovsky as\nthe original reporter of CVE-2016-2107. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library\nmust be restarted, or the system rebooted. \n\n5. Package List:\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nopenssl-1.0.1e-51.el7_2.5.src.rpm\n\nx86_64:\nopenssl-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-libs-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-libs-1.0.1e-51.el7_2.5.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-devel-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-devel-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-perl-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-static-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-static-1.0.1e-51.el7_2.5.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nopenssl-1.0.1e-51.el7_2.5.src.rpm\n\nx86_64:\nopenssl-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-libs-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-libs-1.0.1e-51.el7_2.5.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-devel-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-devel-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-perl-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-static-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-static-1.0.1e-51.el7_2.5.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nopenssl-1.0.1e-51.el7_2.5.src.rpm\n\nppc64:\nopenssl-1.0.1e-51.el7_2.5.ppc64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.ppc.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.ppc64.rpm\nopenssl-devel-1.0.1e-51.el7_2.5.ppc.rpm\nopenssl-devel-1.0.1e-51.el7_2.5.ppc64.rpm\nopenssl-libs-1.0.1e-51.el7_2.5.ppc.rpm\nopenssl-libs-1.0.1e-51.el7_2.5.ppc64.rpm\n\nppc64le:\nopenssl-1.0.1e-51.el7_2.5.ppc64le.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.ppc64le.rpm\nopenssl-devel-1.0.1e-51.el7_2.5.ppc64le.rpm\nopenssl-libs-1.0.1e-51.el7_2.5.ppc64le.rpm\n\ns390x:\nopenssl-1.0.1e-51.el7_2.5.s390x.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.s390.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.s390x.rpm\nopenssl-devel-1.0.1e-51.el7_2.5.s390.rpm\nopenssl-devel-1.0.1e-51.el7_2.5.s390x.rpm\nopenssl-libs-1.0.1e-51.el7_2.5.s390.rpm\nopenssl-libs-1.0.1e-51.el7_2.5.s390x.rpm\n\nx86_64:\nopenssl-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-devel-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-devel-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-libs-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-libs-1.0.1e-51.el7_2.5.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64:\nopenssl-debuginfo-1.0.1e-51.el7_2.5.ppc.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.ppc64.rpm\nopenssl-perl-1.0.1e-51.el7_2.5.ppc64.rpm\nopenssl-static-1.0.1e-51.el7_2.5.ppc.rpm\nopenssl-static-1.0.1e-51.el7_2.5.ppc64.rpm\n\nppc64le:\nopenssl-debuginfo-1.0.1e-51.el7_2.5.ppc64le.rpm\nopenssl-perl-1.0.1e-51.el7_2.5.ppc64le.rpm\nopenssl-static-1.0.1e-51.el7_2.5.ppc64le.rpm\n\ns390x:\nopenssl-debuginfo-1.0.1e-51.el7_2.5.s390.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.s390x.rpm\nopenssl-perl-1.0.1e-51.el7_2.5.s390x.rpm\nopenssl-static-1.0.1e-51.el7_2.5.s390.rpm\nopenssl-static-1.0.1e-51.el7_2.5.s390x.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-perl-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-static-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-static-1.0.1e-51.el7_2.5.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nopenssl-1.0.1e-51.el7_2.5.src.rpm\n\nx86_64:\nopenssl-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-devel-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-devel-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-libs-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-libs-1.0.1e-51.el7_2.5.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-perl-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-static-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-static-1.0.1e-51.el7_2.5.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2016-0799\nhttps://access.redhat.com/security/cve/CVE-2016-2105\nhttps://access.redhat.com/security/cve/CVE-2016-2106\nhttps://access.redhat.com/security/cve/CVE-2016-2107\nhttps://access.redhat.com/security/cve/CVE-2016-2108\nhttps://access.redhat.com/security/cve/CVE-2016-2109\nhttps://access.redhat.com/security/cve/CVE-2016-2842\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFXMFlTXlSAg2UNWIIRAhYAAJ0T9Ib2vXUa5te34i6fphHrbe0HlwCfePy5\nWjaK8x9OaI0FgbWyfxvwq6o=\n=jHjh\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce. ============================================================================\nUbuntu Security Notice USN-2959-1\nMay 03, 2016\n\nopenssl vulnerabilities\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 16.04 LTS\n- Ubuntu 15.10\n- Ubuntu 14.04 LTS\n- Ubuntu 12.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in OpenSSL. (CVE-2016-2106)\n\nBrian Carpenter discovered that OpenSSL incorrectly handled memory when\nASN.1 data is read from a BIO. \n(CVE-2016-2109)\n\nAs a security improvement, this update also modifies OpenSSL behaviour to\nreject DH key sizes below 1024 bits, preventing a possible downgrade\nattack. \n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 16.04 LTS:\n libssl1.0.0 1.0.2g-1ubuntu4.1\n\nUbuntu 15.10:\n libssl1.0.0 1.0.2d-0ubuntu1.5\n\nUbuntu 14.04 LTS:\n libssl1.0.0 1.0.1f-1ubuntu2.19\n\nUbuntu 12.04 LTS:\n libssl1.0.0 1.0.1-4ubuntu5.36\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-2106"
},
{
"db": "BID",
"id": "89744"
},
{
"db": "VULMON",
"id": "CVE-2016-2106"
},
{
"db": "PACKETSTORM",
"id": "138471"
},
{
"db": "PACKETSTORM",
"id": "142803"
},
{
"db": "PACKETSTORM",
"id": "138473"
},
{
"db": "PACKETSTORM",
"id": "140056"
},
{
"db": "PACKETSTORM",
"id": "139115"
},
{
"db": "PACKETSTORM",
"id": "136937"
},
{
"db": "PACKETSTORM",
"id": "136895"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-2106",
"trust": 2.7
},
{
"db": "BID",
"id": "89744",
"trust": 2.0
},
{
"db": "PACKETSTORM",
"id": "136912",
"trust": 1.7
},
{
"db": "PULSESECURE",
"id": "SA40202",
"trust": 1.7
},
{
"db": "TENABLE",
"id": "TNS-2016-18",
"trust": 1.7
},
{
"db": "SIEMENS",
"id": "SSA-412672",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1035721",
"trust": 1.7
},
{
"db": "MCAFEE",
"id": "SB10160",
"trust": 1.7
},
{
"db": "JUNIPER",
"id": "JSA10759",
"trust": 1.7
},
{
"db": "BID",
"id": "91787",
"trust": 1.7
},
{
"db": "AUSCERT",
"id": "ESB-2022.0696",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.2148",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201605-082",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-22-349-21",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-2106",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "138471",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "142803",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "138473",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "140056",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "139115",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136937",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136895",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-2106"
},
{
"db": "BID",
"id": "89744"
},
{
"db": "PACKETSTORM",
"id": "138471"
},
{
"db": "PACKETSTORM",
"id": "142803"
},
{
"db": "PACKETSTORM",
"id": "138473"
},
{
"db": "PACKETSTORM",
"id": "140056"
},
{
"db": "PACKETSTORM",
"id": "139115"
},
{
"db": "PACKETSTORM",
"id": "136937"
},
{
"db": "PACKETSTORM",
"id": "136895"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-082"
},
{
"db": "NVD",
"id": "CVE-2016-2106"
}
]
},
"id": "VAR-201605-0076",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.43052093714285716
},
"last_update_date": "2024-07-23T20:02:36.076000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "OpenSSL Fixes for integer overflow vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=61407"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2016/05/03/openssl_patches/"
},
{
"title": "Red Hat: Important: openssl security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20162073 - security advisory"
},
{
"title": "Red Hat: CVE-2016-2106",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2016-2106"
},
{
"title": "Ubuntu Security Notice: openssl vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-2959-1"
},
{
"title": "Debian Security Advisories: DSA-3566-1 openssl -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=055972eb84483959232c972f757685e0"
},
{
"title": "Amazon Linux AMI: ALAS-2016-695",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2016-695"
},
{
"title": "Tenable Security Advisories: [R5] OpenSSL \u002720160503\u0027 Advisory Affects Tenable Products",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=tns-2016-10"
},
{
"title": "Red Hat: Important: Red Hat JBoss Core Services Apache HTTP 2.4.23 Release",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20162957 - security advisory"
},
{
"title": "IBM: IBM Security Bulletin: Fabric OS firmware for Brocade 8Gb SAN Switch Module for BladeCenter is affected by vulnerabilities in OpenSSL and OpenSSH",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=b7f5b1e7edcafce07f28205855d4db49"
},
{
"title": "Tenable Security Advisories: [R3] PVS 5.1.0 Fixes Multiple Third-party Library Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=tns-2016-13"
},
{
"title": "Symantec Security Advisories: SA123 : OpenSSL Vulnerabilities 3-May-2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=5d65f6765e60e5fe9e6998a5bde1aadc"
},
{
"title": "Forcepoint Security Advisories: CVE-2016-2105, 2106, 2107, 2108, 2109, 2176 -- Security Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=forcepoint_security_advisories\u0026qid=01fd01e3d154696ffabfde89f4142310"
},
{
"title": "Oracle Linux Bulletins: Oracle Linux Bulletin - April 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=83bbd91f8369c8f064e6d68dac68400f"
},
{
"title": "Oracle Linux Bulletins: Oracle Linux Bulletin - July 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=0bd8c924b56aac98dda0f5b45f425f38"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - April 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=a31bff03e9909229fd67996884614fdf"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - July 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=3a04485ebb79f7fbc2472bf9af5ce489"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - April 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=143b3fb255063c81571469eaa3cf0a87"
},
{
"title": "Tenable Security Advisories: [R7] LCE 4.8.1 Fixes Multiple Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=tns-2016-18"
},
{
"title": "Oracle VM Server for x86 Bulletins: Oracle VM Server for x86 Bulletin - July 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_vm_server_for_x86_bulletins\u0026qid=6c15273f6bf4a785175f27073b98a1ce"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - April 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=976a4da35d55283870dbb31b88a6c655"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=05aabe19d38058b7814ef5514aab4c0c"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - January 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=e2a7f287e9acc8c64ab3df71130bc64d"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - July 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=586e6062440cdd312211d748e028164e"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - July 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=2f446a7e1ea263c0c3a365776c6713f2"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - July 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=5f8c525f1408011628af1792207b2099"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-2106 "
},
{
"title": "alpine-cvecheck",
"trust": 0.1,
"url": "https://github.com/tomwillfixit/alpine-cvecheck "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/imhunterand/hackerone-publicy-disclosed "
},
{
"title": "satellite-host-cve",
"trust": 0.1,
"url": "https://github.com/redhatsatellite/satellite-host-cve "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-2106"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-082"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-189",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-2106"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://rhn.redhat.com/errata/rhsa-2016-0722.html"
},
{
"trust": 2.0,
"url": "https://www.openssl.org/news/secadv/20160503.txt"
},
{
"trust": 2.0,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"trust": 2.0,
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
},
{
"trust": 2.0,
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
},
{
"trust": 2.0,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"trust": 2.0,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160504-openssl"
},
{
"trust": 1.8,
"url": "http://rhn.redhat.com/errata/rhsa-2016-1650.html"
},
{
"trust": 1.8,
"url": "http://rhn.redhat.com/errata/rhsa-2016-1648.html"
},
{
"trust": 1.8,
"url": "http://www.ubuntu.com/usn/usn-2959-1"
},
{
"trust": 1.8,
"url": "https://security.gentoo.org/glsa/201612-16"
},
{
"trust": 1.7,
"url": "https://kb.pulsesecure.net/articles/pulse_security_advisories/sa40202"
},
{
"trust": 1.7,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10160"
},
{
"trust": 1.7,
"url": "http://rhn.redhat.com/errata/rhsa-2016-0996.html"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2016/jul/msg00000.html"
},
{
"trust": 1.7,
"url": "https://support.apple.com/ht206903"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/91787"
},
{
"trust": 1.7,
"url": "http://rhn.redhat.com/errata/rhsa-2016-1649.html"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"trust": 1.7,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05320149"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/89744"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00016.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00014.html"
},
{
"trust": 1.7,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-may/184605.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00018.html"
},
{
"trust": 1.7,
"url": "https://www.freebsd.org/security/advisories/freebsd-sa-16:17.openssl.asc"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00010.html"
},
{
"trust": 1.7,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-may/183457.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00036.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00015.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00017.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00001.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00013.html"
},
{
"trust": 1.7,
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2016\u0026m=slackware-security.542103"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00019.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00055.html"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1035721"
},
{
"trust": 1.7,
"url": "http://www.debian.org/security/2016/dsa-3566"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00030.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00011.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00008.html"
},
{
"trust": 1.7,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-may/183607.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00029.html"
},
{
"trust": 1.7,
"url": "https://bto.bluecoat.com/security-advisory/sa123"
},
{
"trust": 1.7,
"url": "http://packetstormsecurity.com/files/136912/slackware-security-advisory-openssl-updates.html"
},
{
"trust": 1.7,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10759"
},
{
"trust": 1.7,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05390722"
},
{
"trust": 1.7,
"url": "https://www.tenable.com/security/tns-2016-18"
},
{
"trust": 1.7,
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03756en_us"
},
{
"trust": 1.7,
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03765en_us"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"trust": 1.7,
"url": "https://security.netapp.com/advisory/ntap-20160504-0001/"
},
{
"trust": 1.7,
"url": "https://source.android.com/security/bulletin/pixel/2017-11-01"
},
{
"trust": 1.7,
"url": "http://rhn.redhat.com/errata/rhsa-2016-2957.html"
},
{
"trust": 1.7,
"url": "http://rhn.redhat.com/errata/rhsa-2016-2073.html"
},
{
"trust": 1.7,
"url": "http://rhn.redhat.com/errata/rhsa-2016-2056.html"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
},
{
"trust": 1.1,
"url": "https://git.openssl.org/?p=openssl.git%3ba=commit%3bh=3f3582139fbb259a1c3cbb0a25236500a409bf26"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2106"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2105"
},
{
"trust": 0.6,
"url": "https://git.openssl.org/?p=openssl.git;a=commit;h=3f3582139fbb259a1c3cbb0a25236500a409bf26"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
},
{
"trust": 0.6,
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10887855"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.2148/"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2108"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2109"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2016-2106"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2016-2105"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.4,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2107"
},
{
"trust": 0.3,
"url": "http://openssl.org/"
},
{
"trust": 0.3,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1331536"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2016/may/25"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05320149"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1023779"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1023814"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1024319"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1024507"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg2c1000158"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1021361"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1021376"
},
{
"trust": 0.3,
"url": "https://www.openssl.org/news/vulnerabilities.html"
},
{
"trust": 0.3,
"url": "https://securityadvisories.paloaltonetworks.com/home/detail/56?aspxautodetectcookiesupport=1"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21987903"
},
{
"trust": 0.3,
"url": "https://support.asperasoft.com/hc/en-us/articles/229505687-security-bulletin-multiple-openssl-vulnerabilities-affect-ibm-aspera-shares-1-9-2-or-earlier-%20-ibm-aspera-console-3-0-6-or-earlier"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1024066"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21988007"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1009147"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21984323"
},
{
"trust": 0.3,
"url": "https://www-01.ibm.com/support/docview.wss?uid=swg21984483"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21984583"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21984609"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21984794"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21984920"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21984977"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21985736"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986068"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986123"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986152"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986260"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986473"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986506"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986563"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986564"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986669"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21987671"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21987779"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21987968"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21988055"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21988071"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21988189"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21988350"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21988383"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21988976"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21989046"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21992493"
},
{
"trust": 0.3,
"url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory20.asc"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2016-3110"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-3110"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-5387"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/site/documentation/en-us/jboss_enterprise_web_server/2/html-single/installation_guide/index.html"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-5387"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_web_server/2.1/html/2.1.1_release_notes/index.html"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/vulnerabilities/httpoxy"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/site/documentation/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2176"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-2109"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-2108"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/189.html"
},
{
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-2106"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2016:2073"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/2959-1/"
},
{
"trust": 0.1,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-21"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=49332"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/support/security_bulletin_archive"
},
{
"trust": 0.1,
"url": "https://www.hpe.com/info/report-security-vulnerability"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-hpesbhf03756en_us"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c01345499"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/support/subscriber_choice"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-0204"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0204"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3570"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-3570"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?product=webserver\u0026downloadtype=distributions\u0026version=2.1.1"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2180"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2105"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2178"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2183"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2107"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2178"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2176"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2177"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-7052"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-6304"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-6305"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2106"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2108"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7052"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6306"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2109"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6304"
},
{
"trust": 0.1,
"url": "http://eprint.iacr.org/2016/594.pdf"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6305"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2180"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2177"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2183"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-6306"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2016-2055.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/2688611"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/solutions/222023"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4459"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-4000"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4000"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3195"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3183"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-4459"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-3195"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-3183"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/jboss_enterprise_application_platform/6.4/index.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?product=appplatform\u0026downloadtype=securitypatches\u0026version=6.4"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2107"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0799"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2842"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0799"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2842"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.2d-0ubuntu1.5"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu2.19"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.2g-1ubuntu4.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1-4ubuntu5.36"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-2106"
},
{
"db": "BID",
"id": "89744"
},
{
"db": "PACKETSTORM",
"id": "138471"
},
{
"db": "PACKETSTORM",
"id": "142803"
},
{
"db": "PACKETSTORM",
"id": "138473"
},
{
"db": "PACKETSTORM",
"id": "140056"
},
{
"db": "PACKETSTORM",
"id": "139115"
},
{
"db": "PACKETSTORM",
"id": "136937"
},
{
"db": "PACKETSTORM",
"id": "136895"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-082"
},
{
"db": "NVD",
"id": "CVE-2016-2106"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2016-2106"
},
{
"db": "BID",
"id": "89744"
},
{
"db": "PACKETSTORM",
"id": "138471"
},
{
"db": "PACKETSTORM",
"id": "142803"
},
{
"db": "PACKETSTORM",
"id": "138473"
},
{
"db": "PACKETSTORM",
"id": "140056"
},
{
"db": "PACKETSTORM",
"id": "139115"
},
{
"db": "PACKETSTORM",
"id": "136937"
},
{
"db": "PACKETSTORM",
"id": "136895"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-082"
},
{
"db": "NVD",
"id": "CVE-2016-2106"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-05-05T00:00:00",
"db": "VULMON",
"id": "CVE-2016-2106"
},
{
"date": "2016-05-03T00:00:00",
"db": "BID",
"id": "89744"
},
{
"date": "2016-08-22T23:23:00",
"db": "PACKETSTORM",
"id": "138471"
},
{
"date": "2017-06-05T18:18:00",
"db": "PACKETSTORM",
"id": "142803"
},
{
"date": "2016-08-22T23:25:00",
"db": "PACKETSTORM",
"id": "138473"
},
{
"date": "2016-12-07T16:37:31",
"db": "PACKETSTORM",
"id": "140056"
},
{
"date": "2016-10-12T20:28:07",
"db": "PACKETSTORM",
"id": "139115"
},
{
"date": "2016-05-09T14:05:44",
"db": "PACKETSTORM",
"id": "136937"
},
{
"date": "2016-05-03T22:56:05",
"db": "PACKETSTORM",
"id": "136895"
},
{
"date": "2016-05-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201605-082"
},
{
"date": "2016-05-05T01:59:02.217000",
"db": "NVD",
"id": "CVE-2016-2106"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2016-2106"
},
{
"date": "2017-05-02T01:10:00",
"db": "BID",
"id": "89744"
},
{
"date": "2022-12-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201605-082"
},
{
"date": "2023-11-07T02:30:55.767000",
"db": "NVD",
"id": "CVE-2016-2106"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "136895"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-082"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL Integer overflow vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201605-082"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "digital error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201605-082"
}
],
"trust": 0.6
}
}
VAR-201609-0347
Vulnerability from variot - Updated: 2024-07-23 20:02The tls_decrypt_ticket function in ssl/t1_lib.c in OpenSSL before 1.1.0 does not consider the HMAC size during validation of the ticket length, which allows remote attackers to cause a denial of service via a ticket that is too short. OpenSSL is prone to denial-of-service vulnerability. An attacker may exploit this issue to cause a denial-of-service condition. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: openssl security update Advisory ID: RHSA-2016:1940-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-1940.html Issue date: 2016-09-27 CVE Names: CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-2180 CVE-2016-2181 CVE-2016-2182 CVE-2016-6302 CVE-2016-6304 CVE-2016-6306 =====================================================================
- Summary:
An update for openssl is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
- Description:
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.
Security Fix(es):
-
A memory leak flaw was found in the way OpenSSL handled TLS status request extension data during session renegotiation. A remote attacker could cause a TLS server using OpenSSL to consume an excessive amount of memory and, possibly, exit unexpectedly after exhausting all available memory, if it enabled OCSP stapling support. (CVE-2016-6304)
-
It was discovered that OpenSSL did not always use constant time operations when computing Digital Signature Algorithm (DSA) signatures. A local attacker could possibly use this flaw to obtain a private DSA key belonging to another user or service running on the same system. (CVE-2016-2178)
-
It was discovered that the Datagram TLS (DTLS) implementation could fail to release memory in certain cases. A malicious DTLS client could cause a DTLS server using OpenSSL to consume an excessive amount of memory and, possibly, exit unexpectedly after exhausting all available memory. (CVE-2016-2179)
-
A flaw was found in the Datagram TLS (DTLS) replay protection implementation in OpenSSL. A remote attacker could possibly use this flaw to make a DTLS server using OpenSSL to reject further packets sent from a DTLS client over an established DTLS connection. (CVE-2016-2181)
-
An out of bounds write flaw was discovered in the OpenSSL BN_bn2dec() function. An attacker able to make an application using OpenSSL to process a large BIGNUM could cause the application to crash or, possibly, execute arbitrary code. (CVE-2016-2182)
-
A flaw was found in the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite. (CVE-2016-2183)
This update mitigates the CVE-2016-2183 issue by lowering priority of DES cipher suites so they are not preferred over cipher suites using AES. For compatibility reasons, DES cipher suites remain enabled by default and included in the set of cipher suites identified by the HIGH cipher string. Future updates may move them to MEDIUM or not enable them by default.
-
An integer underflow flaw leading to a buffer over-read was found in the way OpenSSL parsed TLS session tickets. A remote attacker could use this flaw to crash a TLS server using OpenSSL if it used SHA-512 as HMAC for session tickets. (CVE-2016-6302)
-
Multiple integer overflow flaws were found in the way OpenSSL performed pointer arithmetic. A remote attacker could possibly use these flaws to cause a TLS/SSL server or client using OpenSSL to crash. (CVE-2016-2177)
-
An out of bounds read flaw was found in the way OpenSSL formatted Public Key Infrastructure Time-Stamp Protocol data for printing. An attacker could possibly cause an application using OpenSSL to crash if it printed time stamp data from the attacker. (CVE-2016-2180)
-
Multiple out of bounds read flaws were found in the way OpenSSL handled certain TLS/SSL protocol handshake messages. A remote attacker could possibly use these flaws to crash a TLS/SSL server or client using OpenSSL. (CVE-2016-6306)
Red Hat would like to thank the OpenSSL project for reporting CVE-2016-6304 and CVE-2016-6306 and OpenVPN for reporting CVE-2016-2183. Upstream acknowledges Shi Lei (Gear Team of Qihoo 360 Inc.) as the original reporter of CVE-2016-6304 and CVE-2016-6306; and Karthikeyan Bhargavan (Inria) and GaA<<tan Leurent (Inria) as the original reporters of CVE-2016-2183.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.
- Bugs fixed (https://bugzilla.redhat.com/):
1341705 - CVE-2016-2177 openssl: Possible integer overflow vulnerabilities in codebase 1343400 - CVE-2016-2178 openssl: Non-constant time codepath followed for certain operations in DSA implementation 1359615 - CVE-2016-2180 OpenSSL: OOB read in TS_OBJ_print_bio() 1367340 - CVE-2016-2182 openssl: Out-of-bounds write caused by unchecked errors in BN_bn2dec() 1369113 - CVE-2016-2181 openssl: DTLS replay protection bypass allows DoS against DTLS connection 1369383 - CVE-2016-2183 SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32) 1369504 - CVE-2016-2179 openssl: DTLS memory exhaustion DoS when messages are not removed from fragment buffer 1369855 - CVE-2016-6302 openssl: Insufficient TLS session ticket HMAC length checks 1377594 - CVE-2016-6306 openssl: certificate message OOB reads 1377600 - CVE-2016-6304 openssl: OCSP Status Request extension unbounded memory growth
- Package List:
Red Hat Enterprise Linux Desktop (v. 6):
Source: openssl-1.0.1e-48.el6_8.3.src.rpm
i386: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm
x86_64: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
i386: openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm openssl-perl-1.0.1e-48.el6_8.3.i686.rpm openssl-static-1.0.1e-48.el6_8.3.i686.rpm
x86_64: openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm openssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-static-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source: openssl-1.0.1e-48.el6_8.3.src.rpm
x86_64: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
x86_64: openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm openssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-static-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source: openssl-1.0.1e-48.el6_8.3.src.rpm
i386: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm
ppc64: openssl-1.0.1e-48.el6_8.3.ppc.rpm openssl-1.0.1e-48.el6_8.3.ppc64.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.ppc.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.ppc64.rpm openssl-devel-1.0.1e-48.el6_8.3.ppc.rpm openssl-devel-1.0.1e-48.el6_8.3.ppc64.rpm
s390x: openssl-1.0.1e-48.el6_8.3.s390.rpm openssl-1.0.1e-48.el6_8.3.s390x.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.s390.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.s390x.rpm openssl-devel-1.0.1e-48.el6_8.3.s390.rpm openssl-devel-1.0.1e-48.el6_8.3.s390x.rpm
x86_64: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
i386: openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-perl-1.0.1e-48.el6_8.3.i686.rpm openssl-static-1.0.1e-48.el6_8.3.i686.rpm
ppc64: openssl-debuginfo-1.0.1e-48.el6_8.3.ppc64.rpm openssl-perl-1.0.1e-48.el6_8.3.ppc64.rpm openssl-static-1.0.1e-48.el6_8.3.ppc64.rpm
s390x: openssl-debuginfo-1.0.1e-48.el6_8.3.s390x.rpm openssl-perl-1.0.1e-48.el6_8.3.s390x.rpm openssl-static-1.0.1e-48.el6_8.3.s390x.rpm
x86_64: openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm openssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-static-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source: openssl-1.0.1e-48.el6_8.3.src.rpm
i386: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm
x86_64: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
i386: openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-perl-1.0.1e-48.el6_8.3.i686.rpm openssl-static-1.0.1e-48.el6_8.3.i686.rpm
x86_64: openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm openssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-static-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux Client (v. 7):
Source: openssl-1.0.1e-51.el7_2.7.src.rpm
x86_64: openssl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-libs-1.0.1e-51.el7_2.7.i686.rpm openssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64: openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-devel-1.0.1e-51.el7_2.7.i686.rpm openssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm openssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-static-1.0.1e-51.el7_2.7.i686.rpm openssl-static-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: openssl-1.0.1e-51.el7_2.7.src.rpm
x86_64: openssl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-libs-1.0.1e-51.el7_2.7.i686.rpm openssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
x86_64: openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-devel-1.0.1e-51.el7_2.7.i686.rpm openssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm openssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-static-1.0.1e-51.el7_2.7.i686.rpm openssl-static-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: openssl-1.0.1e-51.el7_2.7.src.rpm
ppc64: openssl-1.0.1e-51.el7_2.7.ppc64.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.ppc.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.ppc64.rpm openssl-devel-1.0.1e-51.el7_2.7.ppc.rpm openssl-devel-1.0.1e-51.el7_2.7.ppc64.rpm openssl-libs-1.0.1e-51.el7_2.7.ppc.rpm openssl-libs-1.0.1e-51.el7_2.7.ppc64.rpm
ppc64le: openssl-1.0.1e-51.el7_2.7.ppc64le.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.ppc64le.rpm openssl-devel-1.0.1e-51.el7_2.7.ppc64le.rpm openssl-libs-1.0.1e-51.el7_2.7.ppc64le.rpm
s390x: openssl-1.0.1e-51.el7_2.7.s390x.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.s390.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.s390x.rpm openssl-devel-1.0.1e-51.el7_2.7.s390.rpm openssl-devel-1.0.1e-51.el7_2.7.s390x.rpm openssl-libs-1.0.1e-51.el7_2.7.s390.rpm openssl-libs-1.0.1e-51.el7_2.7.s390x.rpm
x86_64: openssl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-devel-1.0.1e-51.el7_2.7.i686.rpm openssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm openssl-libs-1.0.1e-51.el7_2.7.i686.rpm openssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64: openssl-debuginfo-1.0.1e-51.el7_2.7.ppc.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.ppc64.rpm openssl-perl-1.0.1e-51.el7_2.7.ppc64.rpm openssl-static-1.0.1e-51.el7_2.7.ppc.rpm openssl-static-1.0.1e-51.el7_2.7.ppc64.rpm
ppc64le: openssl-debuginfo-1.0.1e-51.el7_2.7.ppc64le.rpm openssl-perl-1.0.1e-51.el7_2.7.ppc64le.rpm openssl-static-1.0.1e-51.el7_2.7.ppc64le.rpm
s390x: openssl-debuginfo-1.0.1e-51.el7_2.7.s390.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.s390x.rpm openssl-perl-1.0.1e-51.el7_2.7.s390x.rpm openssl-static-1.0.1e-51.el7_2.7.s390.rpm openssl-static-1.0.1e-51.el7_2.7.s390x.rpm
x86_64: openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-static-1.0.1e-51.el7_2.7.i686.rpm openssl-static-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: openssl-1.0.1e-51.el7_2.7.src.rpm
x86_64: openssl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-devel-1.0.1e-51.el7_2.7.i686.rpm openssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm openssl-libs-1.0.1e-51.el7_2.7.i686.rpm openssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64: openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-static-1.0.1e-51.el7_2.7.i686.rpm openssl-static-1.0.1e-51.el7_2.7.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2016-2177 https://access.redhat.com/security/cve/CVE-2016-2178 https://access.redhat.com/security/cve/CVE-2016-2179 https://access.redhat.com/security/cve/CVE-2016-2180 https://access.redhat.com/security/cve/CVE-2016-2181 https://access.redhat.com/security/cve/CVE-2016-2182 https://access.redhat.com/security/cve/CVE-2016-6302 https://access.redhat.com/security/cve/CVE-2016-6304 https://access.redhat.com/security/cve/CVE-2016-6306 https://access.redhat.com/security/updates/classification/#important https://www.openssl.org/news/secadv/20160922.txt
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFX6nnFXlSAg2UNWIIRAqklAJ9uGMit/wxZ0CfuGjR7Vi2+AjmGMwCfTpEI xpTW7ApBLmKhVjs49DGYouI= =4VgY -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Solution:
The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).
After installing the updated packages, the httpd daemon will be restarted automatically. Additional information can be found at https://www.openssl.org/blog/blog/2016/06/27/undefined-pointer-arithmetic/
CVE-2016-2178
Cesar Pereida, Billy Brumley and Yuval Yarom discovered a timing
leak in the DSA code.
CVE-2016-2179 / CVE-2016-2181
Quan Luo and the OCAP audit team discovered denial of service
vulnerabilities in DTLS.
For the stable distribution (jessie), these problems have been fixed in version 1.0.1t-1+deb8u4.
For the unstable distribution (sid), these problems will be fixed soon.
We recommend that you upgrade your openssl packages. ========================================================================== Ubuntu Security Notice USN-3087-1 September 22, 2016
openssl vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary:
Several security issues were fixed in OpenSSL. This issue has only been addressed in Ubuntu 16.04 LTS in this update. (CVE-2016-2178)
Quan Luo discovered that OpenSSL did not properly restrict the lifetime of queue entries in the DTLS implementation. (CVE-2016-2181)
Shi Lei discovered that OpenSSL incorrectly validated division results. (CVE-2016-2182)
Karthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES ciphers were vulnerable to birthday attacks. (CVE-2016-2183)
Shi Lei discovered that OpenSSL incorrectly handled certain ticket lengths. (CVE-2016-6303)
Shi Lei discovered that OpenSSL incorrectly performed certain message length checks. (CVE-2016-6306)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 16.04 LTS: libssl1.0.0 1.0.2g-1ubuntu4.4
Ubuntu 14.04 LTS: libssl1.0.0 1.0.1f-1ubuntu2.20
Ubuntu 12.04 LTS: libssl1.0.0 1.0.1-4ubuntu5.37
After a standard system update you need to reboot your computer to make all the necessary changes. Description:
This release adds the new Apache HTTP Server 2.4.29 packages that are part of the JBoss Core Services offering.
This release serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.23, and includes bug fixes and enhancements. Refer to the Release Notes for information on the most significant bug fixes, enhancements and component upgrades included in this release. Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied. JIRA issues fixed (https://issues.jboss.org/):
JBCS-373 - Errata for httpd 2.4.29 GA RHEL 7
7
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201609-0347",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "solaris",
"scope": "eq",
"trust": 2.1,
"vendor": "oracle",
"version": "10"
},
{
"model": "solaris",
"scope": "eq",
"trust": 2.1,
"vendor": "oracle",
"version": "11.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.8,
"vendor": "oracle",
"version": "6"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.8,
"vendor": "oracle",
"version": "7"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.1e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.1h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.1b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.1d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.1g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.1c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.1i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.1a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.1f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1q"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1m"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1s"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1l"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1t"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1r"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1p"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1o"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1n"
},
{
"model": "openssl",
"scope": "lt",
"trust": 0.8,
"vendor": "openssl",
"version": "1.1.0"
},
{
"model": "capssuite",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v3.0 to v4.0"
},
{
"model": "enterpriseidentitymanager",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "esmpro/serveragentservice",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "(linux edition )"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "sg3600 all series"
},
{
"model": "ix1000 series",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "ix2000 series",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "ix3000 series",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "secureware/pki application development kit",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "ver3.2"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "enterprise v8.2 to v9.4"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "express v8.2 to v9.4"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "foundation v8.2 to v8.5"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "standard v8.2 to v9.4"
},
{
"model": "webotx enterprise service bus",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v8.2 to v8.5"
},
{
"model": "webotx portal",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v8.2 to v9.1"
},
{
"model": "paging server",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "0"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.10"
},
{
"model": "webex centers t32",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "sterling connect:express for unix ifix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.13150-13"
},
{
"model": "clean access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus series blade switches 4.1 e1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4000"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.9"
},
{
"model": "telepresence content server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "proactive network operations center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.5"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "69010"
},
{
"model": "anyconnect secure mobility client for linux",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.7"
},
{
"model": "ucs central software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance media server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.13"
},
{
"model": "stealthwatch management console",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tivoli provisioning manager for os deployment 5.1.fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"model": "ios and cisco ios xe software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "16.2"
},
{
"model": "anyconnect secure mobility client for android",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.7"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.5"
},
{
"model": "jabber software development kit",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"model": "computer telephony integration object server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified workforce optimization",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "industrial router 1.2.1rb4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "910"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6"
},
{
"model": "powerkvm",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.14"
},
{
"model": "ip interoperability and collaboration system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "asr series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50000"
},
{
"model": "edge digital media player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3400"
},
{
"model": "nexus series switches standalone nx-os mode",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9000-0"
},
{
"model": "unified contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network protection",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.3.1"
},
{
"model": "nexus series switches standalone nx-os mode 7.0 i5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9000-"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.11"
},
{
"model": "nexus series switches 5.2.8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7000"
},
{
"model": "anyconnect secure mobility client for desktop platforms",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.26"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"model": "smartcloud entry appliance fi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.4"
},
{
"model": "jabber guest",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime license manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance ptz ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.9"
},
{
"model": "series digital media players 5.3.6 rb3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4300"
},
{
"model": "stealthwatch flowcollector sflow",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "visual quality experience server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.11"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2.2"
},
{
"model": "video surveillance series ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "60002.9"
},
{
"model": "content security management appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime collaboration provisioning",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6"
},
{
"model": "agent for openflow",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.3"
},
{
"model": "anyconnect secure mobility client for desktop platforms",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.4"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.2"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.8"
},
{
"model": "ons series multiservice provisioning platforms",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.15"
},
{
"model": "telepresence sx series ce8.2.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "prime collaboration assurance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "asa next-generation firewall services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "email security appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0.1"
},
{
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8200"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.9"
},
{
"model": "unified communications manager im \u0026 presence service (formerly c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ios and cisco ios xe software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "16.3"
},
{
"model": "webex meetings for blackberry",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.5"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security virtual server protection for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.1"
},
{
"model": "firesight system software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.0.1.3"
},
{
"model": "anyconnect secure mobility client for mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x4.0.7"
},
{
"model": "common services platform collector",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.11"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"model": "partner support service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "media services interface",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.9"
},
{
"model": "cloud web security",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime collaboration assurance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6"
},
{
"model": "jabber for iphone and ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0"
},
{
"model": "email gateway 7.6.2h968406",
"scope": null,
"trust": 0.3,
"vendor": "mcafee",
"version": null
},
{
"model": "unified attendant console advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "common services platform collector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "anyconnect secure mobility client for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence mx series ce8.2.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "spectrum control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.8"
},
{
"model": "webex meetings client on-premises",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "unified intelligence center",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6(1)"
},
{
"model": "services provisioning platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ucs b-series blade servers",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1.3"
},
{
"model": "nac appliance clean access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.6"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10000"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "tivoli provisioning manager for os deployment build",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.20290.1"
},
{
"model": "jabber for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "asa next-generation firewall services",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1.2"
},
{
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.0.0"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.405"
},
{
"model": "unified attendant console premium edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "api gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1.2.4.0"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.5"
},
{
"model": "services provisioning platform sfp1.1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.8"
},
{
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mysql workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.1.5"
},
{
"model": "video surveillance series high-definition ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40000"
},
{
"model": "jabber for android",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"model": "anyconnect secure mobility client for desktop platforms",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3.4"
},
{
"model": "series digital media players 5.3.6 rb3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4400"
},
{
"model": "video surveillance series ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30002.9"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.20"
},
{
"model": "mysql workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.3.8"
},
{
"model": "cognos metrics manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"model": "stealthwatch identity",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "aironet series access points",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "270016.2"
},
{
"model": "application policy infrastructure controller",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2(1)"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.2"
},
{
"model": "aironet series access points",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "270016.1"
},
{
"model": "unified workforce optimization quality management solution 11.5 su1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "show and share",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence system ex series tc7.3.7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "universal small cell iuh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.2"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.5"
},
{
"model": "tivoli provisioning manager for images",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.19"
},
{
"model": "ucs director",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tivoli provisioning manager for images build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.20280.6"
},
{
"model": "jabber client framework components",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"model": "telepresence isdn link",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence profile series tc7.3.7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings client on-premises t32",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "dcm series d9900 digital content manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70006.2.19"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.5.1"
},
{
"model": "unified attendant console business edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "aironet series access points",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "270016.4"
},
{
"model": "powerkvm",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "mds series multilayer switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"model": "prime network services controller 1.01u",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "oss support tools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.9.15.9.8"
},
{
"model": "firesight system software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.4.0.10"
},
{
"model": "worklight consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.0"
},
{
"model": "universal small cell series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50000"
},
{
"model": "nexus series switches 5.2 sv3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1000v"
},
{
"model": "telepresence system tx1310",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified communications domain manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence server on multiparty media and",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3103204.4"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.4"
},
{
"model": "tivoli provisioning manager for os deployment build",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1051.08"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.10"
},
{
"model": "nac guest server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "enterprise content delivery system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.11"
},
{
"model": "anyconnect secure mobility client for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.1"
},
{
"model": "telepresence system ex series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime collaboration deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex business suite",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "dx series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ios and cisco ios xe software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "15.5(3)"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.18"
},
{
"model": "anyconnect secure mobility client for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus series blade switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40000"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.11"
},
{
"model": "telepresence system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "500-376.1"
},
{
"model": "jabber for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"model": "telepresence profile series ce8.2.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "enterprise manager base platform",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "13.1.0.0"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.10"
},
{
"model": "ace30 application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.28"
},
{
"model": "edge digital media player 1.6rb5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "300"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.12"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "69450"
},
{
"model": "telepresence isdn gateway mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83210"
},
{
"model": "wireless lan controller",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.4"
},
{
"model": "jabber software development kit",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "uc integration for microsoft lync",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6.3"
},
{
"model": "unified contact center enterprise",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6.1"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.404"
},
{
"model": "telepresence system tx1310",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1"
},
{
"model": "spa112 2-port phone adapter",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.4.2"
},
{
"model": "tivoli provisioning manager for os deployment build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.151.05"
},
{
"model": "connected grid routers",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.3"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.4.1.2"
},
{
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3"
},
{
"model": "enterprise manager base platform",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.33"
},
{
"model": "telepresence mx series tc7.3.7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ip interoperability and collaboration system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0(1)"
},
{
"model": "spa122 analog telephone adapter with router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "universal small cell series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "50003.5.12.23"
},
{
"model": "universal small cell series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50003.4.2.0"
},
{
"model": "connected grid routers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "uc integration for microsoft lync",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0.1"
},
{
"model": "openssh for gpfs for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.401"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.8"
},
{
"model": "unity express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.7"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.21"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "13000"
},
{
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.0"
},
{
"model": "tivoli provisioning manager for images",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.0"
},
{
"model": "tandberg codian isdn gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "email gateway 7.6.405h1165239",
"scope": null,
"trust": 0.3,
"vendor": "mcafee",
"version": null
},
{
"model": "jabber guest",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.9"
},
{
"model": "business intelligence enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1.1.9.0"
},
{
"model": "digital media manager 5.3.6 rb3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "series digital media players",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44000"
},
{
"model": "ata series analog terminal adaptors",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1901.3"
},
{
"model": "prime network services controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ata series analog terminal adaptors",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1900"
},
{
"model": "asr series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "500021.2"
},
{
"model": "ons series multiservice provisioning platforms",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1545410.7"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.12"
},
{
"model": "telepresence system series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "cognos metrics manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.19"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2.3"
},
{
"model": "worklight consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.2"
},
{
"model": "hosted collaboration mediation fulfillment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified communications manager session management edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.19"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.0"
},
{
"model": "security guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.2"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.25"
},
{
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.0"
},
{
"model": "webex meetings server multimedia platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "unified ip conference phone 10.3.1sr4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8831"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.7"
},
{
"model": "prime network registrar",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.3.5"
},
{
"model": "series stackable managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"model": "prime access registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified intelligent contact management enterprise",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6.1"
},
{
"model": "stealthwatch flowcollector netflow",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.3.2"
},
{
"model": "ucs manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.11"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "network analysis module",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2(2)"
},
{
"model": "video surveillance 4300e and 4500e high-definition ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified attendant console department edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ip series phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "78000"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "27000"
},
{
"model": "onepk all-in-one virtual machine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "industrial router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9100"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.1"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "unified intelligence center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "video distribution suite for internet streaming",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "13006.1"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.7.1"
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.116"
},
{
"model": "cloupia unified infrastructure controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50000"
},
{
"model": "telepresence system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11006.1"
},
{
"model": "agent desktop for cisco unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "packaged contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.0"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"model": "adaptive security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.2"
},
{
"model": "telepresence sx series tc7.3.7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cognos metrics manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.5"
},
{
"model": "nac appliance clean access server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"model": "firesight system software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1.0.1"
},
{
"model": "webex meetings for windows phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "80"
},
{
"model": "spa232d multi-line dect analog telephone adapter",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime optical for service providers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smart care",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network protection",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.11"
},
{
"model": "edge digital media player 1.2rb1.0.3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "340"
},
{
"model": "universal small cell cloudbase factory recovery root filesystem",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.99.4"
},
{
"model": "network performance analysis",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "60006.2.19"
},
{
"model": "unified ip conference phone for third-party call control",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "webex meetings for windows phone",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "82.8"
},
{
"model": "security guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "spectrum control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.10"
},
{
"model": "universal small cell cloudbase factory recovery root filesystem",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.7"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.0"
},
{
"model": "secure access control system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.8.0.32.7"
},
{
"model": "telepresence integrator c series ce8.2.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "tivoli provisioning manager for os deployment intirim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.133"
},
{
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.3"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2"
},
{
"model": "webex meetings client hosted",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.13"
},
{
"model": "content security management appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1.140"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.8"
},
{
"model": "security virtual server protection for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"model": "stealthwatch udp director",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus series switches 5.2.8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6000"
},
{
"model": "intrusion prevention system solutions",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified ip conference phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2.1"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.14"
},
{
"model": "smartcloud entry appliance fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.4"
},
{
"model": "jabber client framework components",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime ip express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified sip proxy software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.4"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"model": "mysql workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.1.4"
},
{
"model": "security manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0"
},
{
"model": "netflow generation appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jabber for mac",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.403"
},
{
"model": "unified sip proxy software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "99510"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89450"
},
{
"model": "telepresence supervisor mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "80500"
},
{
"model": "tivoli provisioning manager for os deployment build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.20280.6"
},
{
"model": "telepresence server and mse",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "701087104.4"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.10"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.6"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.12"
},
{
"model": "ucs series and series fabric interconnects",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "620063000"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2.2"
},
{
"model": "webex meeting center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.11"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.4"
},
{
"model": "lotus protector for mail security",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.8.3.0"
},
{
"model": "netflow generation appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.1(1)"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.13"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.5.2"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.6"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2.2"
},
{
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.71"
},
{
"model": "socialminer",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "powerkvm update",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.1.3-6513"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.28"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "spa112 2-port phone adapter",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance series high-definition ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "40002.9"
},
{
"model": "intracer",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.29"
},
{
"model": "tivoli provisioning manager for os deployment build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1051.07"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.3"
},
{
"model": "jabber for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "oss support tools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.8.15.7.15"
},
{
"model": "business intelligence enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.2.1.3.0"
},
{
"model": "prime infrastructure",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "telepresence video communication server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance 4300e and 4500e high-definition ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.9"
},
{
"model": "powerkvm update",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.23"
},
{
"model": "computer telephony integration object server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6.1"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11000"
},
{
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "7"
},
{
"model": "telepresence sx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence server on multiparty media and",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3103200"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.24"
},
{
"model": "content security appliance update servers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"model": "videoscape anyres live",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9.7.2"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "99710"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.6"
},
{
"model": "security guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.0.2"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.4"
},
{
"model": "firesight system software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.4.1.9"
},
{
"model": "universal small cell iuh",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.17.3"
},
{
"model": "ata analog telephone adaptor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1870"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1.1"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.2"
},
{
"model": "ios and cisco ios xe software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "16.4"
},
{
"model": "telepresence system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "500-326.1"
},
{
"model": "unity express",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10"
},
{
"model": "expressway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "virtualization experience media edition",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"model": "vm virtualbox",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "5.1.8"
},
{
"model": "small business series managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3000"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.3.1"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.6"
},
{
"model": "telepresence system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10006.1"
},
{
"model": "telepresence isdn gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32410"
},
{
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "edge digital media player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3000"
},
{
"model": "series smart plus switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2200"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"model": "smartcloud entry appliance fi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.0.4"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1000v0"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.5.1"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.6"
},
{
"model": "virtual security gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.4.3.0"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.5"
},
{
"model": "telepresence tx9000 series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smartcloud entry appliance fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.4"
},
{
"model": "series digital media players",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "43000"
},
{
"model": "telepresence system series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30006.1"
},
{
"model": "universal small cell series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70003.4.2.0"
},
{
"model": "unity connection",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.4"
},
{
"model": "security manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.13"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.12"
},
{
"model": "ucs b-series blade servers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"model": "ucs standalone c-series rack server integrated management cont",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "security network protection",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2.5"
},
{
"model": "telepresence integrator c series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "spectrum control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.9"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.32"
},
{
"model": "enterprise content delivery system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.9"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.5.1"
},
{
"model": "mds series multilayer switches 5.2.8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9000"
},
{
"model": "series digital media players 5.4.1 rb4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4300"
},
{
"model": "ucs standalone c-series rack server integrated management cont",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "-3.0"
},
{
"model": "ios and cisco ios xe software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "16.1"
},
{
"model": "prime network",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence tx9000 series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1"
},
{
"model": "prime performance manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smart net total care local collector appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "prime collaboration provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.12"
},
{
"model": "connected grid routers",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "15.8.9"
},
{
"model": "network analysis module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.5.2"
},
{
"model": "nexus series fabric switches aci mode",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9000-0"
},
{
"model": "prime performance manager sp1611",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.7"
},
{
"model": "worklight consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.1"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.12"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.22"
},
{
"model": "unified ip phone 9.3 sr3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6901"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.23"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.16"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.10"
},
{
"model": "telepresence server and mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "701087100"
},
{
"model": "mds series multilayer switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "90006.2.19"
},
{
"model": "aironet series access points",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "270015.5(3)"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.30"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.4"
},
{
"model": "spectrum control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.11"
},
{
"model": "telepresence server on virtual machine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus series switches 5.2.8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"model": "digital media manager 5.4.1 rb4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "unified workforce optimization quality management solution",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "telepresence integrator c series tc7.3.7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.3"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.13"
},
{
"model": "spa122 analog telephone adapter with router",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.4.2"
},
{
"model": "cloud object storage",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.5"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.1"
},
{
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.2"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.14"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.3"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.4"
},
{
"model": "unified intelligent contact management enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2.4"
},
{
"model": "application and content networking system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "anyconnect secure mobility client for ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "business intelligence enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1.1.7.0"
},
{
"model": "ace application control engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "47100"
},
{
"model": "oss support tools",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "8.15.17.3.14"
},
{
"model": "anyconnect secure mobility client for mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x0"
},
{
"model": "business intelligence enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.2.1.2.0"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.4.1.2"
},
{
"model": "tivoli provisioning manager for images build",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.20290.1"
},
{
"model": "prime infrastructure plug and play standalone gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.2"
},
{
"model": "virtual security gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1.6"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "50006.2.19"
},
{
"model": "telepresence conductor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.3"
},
{
"model": "application policy infrastructure controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jabber for mac",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jabber for iphone and ipad",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"model": "prime network registrar",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.3"
},
{
"model": "cognos metrics manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2"
},
{
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.1"
},
{
"model": "telepresence video communication server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x8.8.3"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.16"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.4.1"
},
{
"model": "series digital media players 5.4.1 rb4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4400"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0"
},
{
"model": "multicast manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "aironet series access points",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "270016.3"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"model": "anyconnect secure mobility client for ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.7"
},
{
"model": "secure access control system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.8.0.32.8"
},
{
"model": "webex node for mcs",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence mcu",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5(1.89)"
},
{
"model": "management appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "anyconnect secure mobility client for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.7"
},
{
"model": "videoscape anyres live",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance ptz ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video distribution suite for internet streaming",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.003(002)"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.31"
},
{
"model": "telepresence serial gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence server on multiparty media",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8204.4"
},
{
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.3"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.13"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.400"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89610"
},
{
"model": "expressway series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x8.8.3"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.3"
},
{
"model": "prime network",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "431"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500-320"
},
{
"model": "unified attendant console enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.26"
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"model": "network analysis module 6.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "telepresence system ex series ce8.2.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "prime data center network manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mxe series media experience engines",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "35000"
},
{
"model": "universal small cell cloudbase factory recovery root filesystem",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.17.3"
},
{
"model": "videoscape control suite",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tandberg codian mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83200"
},
{
"model": "ip series phones vpn feature",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8800-0"
},
{
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.0"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.9"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.3"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.27"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.17"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.18"
},
{
"model": "enterprise manager base platform",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "13.2.0.0"
},
{
"model": "unified meetingplace 8.6mr1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "email gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.406-3402.103"
},
{
"model": "telepresence mx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tapi service provider",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance series ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70002.9"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500-370"
},
{
"model": "spa525g 5-line ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence profile series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "secure access control system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.22"
},
{
"model": "unified ip conference phone for third-party call control 9.3 sr3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8831"
},
{
"model": "unified ip series phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "79000"
},
{
"model": "spa232d multi-line dect analog telephone adapter",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.4.2"
},
{
"model": "nexus series fabric switches aci mode",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9000-0"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.6"
},
{
"model": "visual quality experience tools server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "virtualization experience media edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "email gateway 7.6.405h1157986",
"scope": null,
"trust": 0.3,
"vendor": "mcafee",
"version": null
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.7"
},
{
"model": "registered envelope service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "universal small cell series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70003.5.12.23"
},
{
"model": "firesight system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smartcloud entry appliance fi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.0.4"
},
{
"model": "webex meetings client hosted t32",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.15"
},
{
"model": "unified meetingplace",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security virtual server protection for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1"
},
{
"model": "unified contact center express",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6"
},
{
"model": "webex meetings server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.1.30"
},
{
"model": "tivoli provisioning manager for images system edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x7.1.1.0"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.402"
}
],
"sources": [
{
"db": "BID",
"id": "92628"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004781"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-449"
},
{
"db": "NVD",
"id": "CVE-2016-6302"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1m:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1j:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1h:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1r:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2g:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2h:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1t:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1p:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1k:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1n:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1q:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1l:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1o:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1i:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-6302"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Shi Lei.,The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201608-449"
}
],
"trust": 0.6
},
"cve": "CVE-2016-6302",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2016-6302",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2016-6302",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-6302",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201608-449",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2016-6302",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-6302"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004781"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-449"
},
{
"db": "NVD",
"id": "CVE-2016-6302"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The tls_decrypt_ticket function in ssl/t1_lib.c in OpenSSL before 1.1.0 does not consider the HMAC size during validation of the ticket length, which allows remote attackers to cause a denial of service via a ticket that is too short. OpenSSL is prone to denial-of-service vulnerability. \nAn attacker may exploit this issue to cause a denial-of-service condition. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: openssl security update\nAdvisory ID: RHSA-2016:1940-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2016-1940.html\nIssue date: 2016-09-27\nCVE Names: CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 \n CVE-2016-2180 CVE-2016-2181 CVE-2016-2182 \n CVE-2016-6302 CVE-2016-6304 CVE-2016-6306 \n=====================================================================\n\n1. Summary:\n\nAn update for openssl is now available for Red Hat Enterprise Linux 6 and\nRed Hat Enterprise Linux 7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Desktop (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux HPC Node (v. 6) - x86_64\nRed Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64\nRed Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - x86_64\n\n3. Description:\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and\nTransport Layer Security (TLS) protocols, as well as a full-strength\ngeneral-purpose cryptography library. \n\nSecurity Fix(es):\n\n* A memory leak flaw was found in the way OpenSSL handled TLS status\nrequest extension data during session renegotiation. A remote attacker\ncould cause a TLS server using OpenSSL to consume an excessive amount of\nmemory and, possibly, exit unexpectedly after exhausting all available\nmemory, if it enabled OCSP stapling support. (CVE-2016-6304)\n\n* It was discovered that OpenSSL did not always use constant time\noperations when computing Digital Signature Algorithm (DSA) signatures. A\nlocal attacker could possibly use this flaw to obtain a private DSA key\nbelonging to another user or service running on the same system. \n(CVE-2016-2178)\n\n* It was discovered that the Datagram TLS (DTLS) implementation could fail\nto release memory in certain cases. A malicious DTLS client could cause a\nDTLS server using OpenSSL to consume an excessive amount of memory and,\npossibly, exit unexpectedly after exhausting all available memory. \n(CVE-2016-2179)\n\n* A flaw was found in the Datagram TLS (DTLS) replay protection\nimplementation in OpenSSL. A remote attacker could possibly use this flaw\nto make a DTLS server using OpenSSL to reject further packets sent from a\nDTLS client over an established DTLS connection. (CVE-2016-2181)\n\n* An out of bounds write flaw was discovered in the OpenSSL BN_bn2dec()\nfunction. An attacker able to make an application using OpenSSL to process\na large BIGNUM could cause the application to crash or, possibly, execute\narbitrary code. (CVE-2016-2182)\n\n* A flaw was found in the DES/3DES cipher was used as part of the TLS/SSL\nprotocol. A man-in-the-middle attacker could use this flaw to recover some\nplaintext data by capturing large amounts of encrypted traffic between\nTLS/SSL server and client if the communication used a DES/3DES based\nciphersuite. (CVE-2016-2183)\n\nThis update mitigates the CVE-2016-2183 issue by lowering priority of DES\ncipher suites so they are not preferred over cipher suites using AES. For\ncompatibility reasons, DES cipher suites remain enabled by default and\nincluded in the set of cipher suites identified by the HIGH cipher string. \nFuture updates may move them to MEDIUM or not enable them by default. \n\n* An integer underflow flaw leading to a buffer over-read was found in the\nway OpenSSL parsed TLS session tickets. A remote attacker could use this\nflaw to crash a TLS server using OpenSSL if it used SHA-512 as HMAC for\nsession tickets. (CVE-2016-6302)\n\n* Multiple integer overflow flaws were found in the way OpenSSL performed\npointer arithmetic. A remote attacker could possibly use these flaws to\ncause a TLS/SSL server or client using OpenSSL to crash. (CVE-2016-2177)\n\n* An out of bounds read flaw was found in the way OpenSSL formatted Public\nKey Infrastructure Time-Stamp Protocol data for printing. An attacker could\npossibly cause an application using OpenSSL to crash if it printed time\nstamp data from the attacker. (CVE-2016-2180)\n\n* Multiple out of bounds read flaws were found in the way OpenSSL handled\ncertain TLS/SSL protocol handshake messages. A remote attacker could\npossibly use these flaws to crash a TLS/SSL server or client using OpenSSL. \n(CVE-2016-6306)\n\nRed Hat would like to thank the OpenSSL project for reporting CVE-2016-6304\nand CVE-2016-6306 and OpenVPN for reporting CVE-2016-2183. Upstream\nacknowledges Shi Lei (Gear Team of Qihoo 360 Inc.) as the original reporter\nof CVE-2016-6304 and CVE-2016-6306; and Karthikeyan Bhargavan (Inria) and\nGaA\u003c\u003ctan Leurent (Inria) as the original reporters of CVE-2016-2183. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library\nmust be restarted, or the system rebooted. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1341705 - CVE-2016-2177 openssl: Possible integer overflow vulnerabilities in codebase\n1343400 - CVE-2016-2178 openssl: Non-constant time codepath followed for certain operations in DSA implementation\n1359615 - CVE-2016-2180 OpenSSL: OOB read in TS_OBJ_print_bio()\n1367340 - CVE-2016-2182 openssl: Out-of-bounds write caused by unchecked errors in BN_bn2dec()\n1369113 - CVE-2016-2181 openssl: DTLS replay protection bypass allows DoS against DTLS connection\n1369383 - CVE-2016-2183 SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)\n1369504 - CVE-2016-2179 openssl: DTLS memory exhaustion DoS when messages are not removed from fragment buffer\n1369855 - CVE-2016-6302 openssl: Insufficient TLS session ticket HMAC length checks\n1377594 - CVE-2016-6306 openssl: certificate message OOB reads\n1377600 - CVE-2016-6304 openssl: OCSP Status Request extension unbounded memory growth\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 6):\n\nSource:\nopenssl-1.0.1e-48.el6_8.3.src.rpm\n\ni386:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\n\nx86_64:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Optional (v. 6):\n\ni386:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-static-1.0.1e-48.el6_8.3.i686.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-static-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node (v. 6):\n\nSource:\nopenssl-1.0.1e-48.el6_8.3.src.rpm\n\nx86_64:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Optional (v. 6):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-static-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 6):\n\nSource:\nopenssl-1.0.1e-48.el6_8.3.src.rpm\n\ni386:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\n\nppc64:\nopenssl-1.0.1e-48.el6_8.3.ppc.rpm\nopenssl-1.0.1e-48.el6_8.3.ppc64.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.ppc.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.ppc64.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.ppc.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.ppc64.rpm\n\ns390x:\nopenssl-1.0.1e-48.el6_8.3.s390.rpm\nopenssl-1.0.1e-48.el6_8.3.s390x.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.s390.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.s390x.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.s390.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.s390x.rpm\n\nx86_64:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 6):\n\ni386:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-static-1.0.1e-48.el6_8.3.i686.rpm\n\nppc64:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.ppc64.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.ppc64.rpm\nopenssl-static-1.0.1e-48.el6_8.3.ppc64.rpm\n\ns390x:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.s390x.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.s390x.rpm\nopenssl-static-1.0.1e-48.el6_8.3.s390x.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-static-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 6):\n\nSource:\nopenssl-1.0.1e-48.el6_8.3.src.rpm\n\ni386:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\n\nx86_64:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 6):\n\ni386:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-static-1.0.1e-48.el6_8.3.i686.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-static-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nopenssl-1.0.1e-51.el7_2.7.src.rpm\n\nx86_64:\nopenssl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-static-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-static-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nopenssl-1.0.1e-51.el7_2.7.src.rpm\n\nx86_64:\nopenssl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-static-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-static-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nopenssl-1.0.1e-51.el7_2.7.src.rpm\n\nppc64:\nopenssl-1.0.1e-51.el7_2.7.ppc64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.ppc.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.ppc64.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.ppc.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.ppc64.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.ppc.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.ppc64.rpm\n\nppc64le:\nopenssl-1.0.1e-51.el7_2.7.ppc64le.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.ppc64le.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.ppc64le.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.ppc64le.rpm\n\ns390x:\nopenssl-1.0.1e-51.el7_2.7.s390x.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.s390.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.s390x.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.s390.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.s390x.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.s390.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.s390x.rpm\n\nx86_64:\nopenssl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.ppc.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.ppc64.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.ppc64.rpm\nopenssl-static-1.0.1e-51.el7_2.7.ppc.rpm\nopenssl-static-1.0.1e-51.el7_2.7.ppc64.rpm\n\nppc64le:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.ppc64le.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.ppc64le.rpm\nopenssl-static-1.0.1e-51.el7_2.7.ppc64le.rpm\n\ns390x:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.s390.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.s390x.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.s390x.rpm\nopenssl-static-1.0.1e-51.el7_2.7.s390.rpm\nopenssl-static-1.0.1e-51.el7_2.7.s390x.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-static-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-static-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nopenssl-1.0.1e-51.el7_2.7.src.rpm\n\nx86_64:\nopenssl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-static-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-static-1.0.1e-51.el7_2.7.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2016-2177\nhttps://access.redhat.com/security/cve/CVE-2016-2178\nhttps://access.redhat.com/security/cve/CVE-2016-2179\nhttps://access.redhat.com/security/cve/CVE-2016-2180\nhttps://access.redhat.com/security/cve/CVE-2016-2181\nhttps://access.redhat.com/security/cve/CVE-2016-2182\nhttps://access.redhat.com/security/cve/CVE-2016-6302\nhttps://access.redhat.com/security/cve/CVE-2016-6304\nhttps://access.redhat.com/security/cve/CVE-2016-6306\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://www.openssl.org/news/secadv/20160922.txt\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFX6nnFXlSAg2UNWIIRAqklAJ9uGMit/wxZ0CfuGjR7Vi2+AjmGMwCfTpEI\nxpTW7ApBLmKhVjs49DGYouI=\n=4VgY\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. Solution:\n\nThe References section of this erratum contains a download link (you must\nlog in to download the update). Before applying the update, back up your\nexisting Red Hat JBoss Web Server installation (including all applications\nand configuration files). \n\nAfter installing the updated packages, the httpd daemon will be restarted\nautomatically. Additional information can be found at\n https://www.openssl.org/blog/blog/2016/06/27/undefined-pointer-arithmetic/ \n\nCVE-2016-2178\n\n Cesar Pereida, Billy Brumley and Yuval Yarom discovered a timing\n leak in the DSA code. \n\nCVE-2016-2179 / CVE-2016-2181\n\n Quan Luo and the OCAP audit team discovered denial of service\n vulnerabilities in DTLS. \n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 1.0.1t-1+deb8u4. \n\nFor the unstable distribution (sid), these problems will be fixed soon. \n\nWe recommend that you upgrade your openssl packages. ==========================================================================\nUbuntu Security Notice USN-3087-1\nSeptember 22, 2016\n\nopenssl vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 16.04 LTS\n- Ubuntu 14.04 LTS\n- Ubuntu 12.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in OpenSSL. This\nissue has only been addressed in Ubuntu 16.04 LTS in this update. (CVE-2016-2178)\n\nQuan Luo discovered that OpenSSL did not properly restrict the lifetime\nof queue entries in the DTLS implementation. (CVE-2016-2181)\n\nShi Lei discovered that OpenSSL incorrectly validated division results. \n(CVE-2016-2182)\n\nKarthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES\nciphers were vulnerable to birthday attacks. \n(CVE-2016-2183)\n\nShi Lei discovered that OpenSSL incorrectly handled certain ticket lengths. (CVE-2016-6303)\n\nShi Lei discovered that OpenSSL incorrectly performed certain message\nlength checks. (CVE-2016-6306)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 16.04 LTS:\n libssl1.0.0 1.0.2g-1ubuntu4.4\n\nUbuntu 14.04 LTS:\n libssl1.0.0 1.0.1f-1ubuntu2.20\n\nUbuntu 12.04 LTS:\n libssl1.0.0 1.0.1-4ubuntu5.37\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. Description:\n\nThis release adds the new Apache HTTP Server 2.4.29 packages that are part\nof the JBoss Core Services offering. \n\nThis release serves as a replacement for Red Hat JBoss Core Services\nApache HTTP Server 2.4.23, and includes bug fixes and enhancements. Refer\nto the Release Notes for information on the most significant bug fixes,\nenhancements and component upgrades included in this release. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. JIRA issues fixed (https://issues.jboss.org/):\n\nJBCS-373 - Errata for httpd 2.4.29 GA RHEL 7\n\n7",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-6302"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004781"
},
{
"db": "BID",
"id": "92628"
},
{
"db": "VULMON",
"id": "CVE-2016-6302"
},
{
"db": "PACKETSTORM",
"id": "138870"
},
{
"db": "PACKETSTORM",
"id": "148521"
},
{
"db": "PACKETSTORM",
"id": "148525"
},
{
"db": "PACKETSTORM",
"id": "138817"
},
{
"db": "PACKETSTORM",
"id": "138820"
},
{
"db": "PACKETSTORM",
"id": "148524"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-6302",
"trust": 3.4
},
{
"db": "BID",
"id": "92628",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1036885",
"trust": 1.7
},
{
"db": "TENABLE",
"id": "TNS-2016-16",
"trust": 1.7
},
{
"db": "TENABLE",
"id": "TNS-2016-21",
"trust": 1.7
},
{
"db": "TENABLE",
"id": "TNS-2016-20",
"trust": 1.7
},
{
"db": "PULSESECURE",
"id": "SA40312",
"trust": 1.7
},
{
"db": "SIEMENS",
"id": "SSA-412672",
"trust": 1.7
},
{
"db": "JUNIPER",
"id": "JSA10759",
"trust": 1.7
},
{
"db": "JVN",
"id": "JVNVU98667810",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004781",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2022.0696",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.2148",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201608-449",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-22-349-21",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-6302",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "138870",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148521",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148525",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "138817",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "138820",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148524",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-6302"
},
{
"db": "BID",
"id": "92628"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004781"
},
{
"db": "PACKETSTORM",
"id": "138870"
},
{
"db": "PACKETSTORM",
"id": "148521"
},
{
"db": "PACKETSTORM",
"id": "148525"
},
{
"db": "PACKETSTORM",
"id": "138817"
},
{
"db": "PACKETSTORM",
"id": "138820"
},
{
"db": "PACKETSTORM",
"id": "148524"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-449"
},
{
"db": "NVD",
"id": "CVE-2016-6302"
}
]
},
"id": "VAR-201609-0347",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.37975769357142847
},
"last_update_date": "2024-07-23T20:02:01.581000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20160927-openssl",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160927-openssl"
},
{
"title": "1995039",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039"
},
{
"title": "NV17-001",
"trust": 0.8,
"url": "http://jpn.nec.com/security-info/secinfo/nv17-001.html"
},
{
"title": "OpenSSL 1.0.1 Series Release Notes",
"trust": 0.8,
"url": "https://www.openssl.org/news/openssl-1.0.1-notes.html"
},
{
"title": "OpenSSL 1.0.2 Series Release Notes",
"trust": 0.8,
"url": "https://www.openssl.org/news/openssl-1.0.2-notes.html"
},
{
"title": "Sanity check ticket length.",
"trust": 0.8,
"url": "https://git.openssl.org/?p=openssl.git;a=commit;h=e97763c92c655dcf4af2860b3abd2bc4c8a267f9"
},
{
"title": "Oracle Critical Patch Update Advisory - October 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"title": "Oracle Linux Bulletin - October 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html"
},
{
"title": "Oracle Solaris Third Party Bulletin - October 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2016-3090566.html"
},
{
"title": "Oracle VM Server for x86 Bulletin - October 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html"
},
{
"title": "SA40312",
"trust": 0.8,
"url": "https://kb.pulsesecure.net/articles/pulse_security_advisories/sa40312"
},
{
"title": "SA132",
"trust": 0.8,
"url": "https://bto.bluecoat.com/security-advisory/sa132"
},
{
"title": "JSA10759",
"trust": 0.8,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10759"
},
{
"title": "Splunk Enterprise 6.4.5 addresses multiple vulnerabilities",
"trust": 0.8,
"url": "http://www.splunk.com/view/sp-caaapue"
},
{
"title": "Splunk Enterprise 6.5.1 addresses multiple OpenSSL vulnerabilities",
"trust": 0.8,
"url": "http://www.splunk.com/view/sp-caaapsv"
},
{
"title": "TNS-2016-16",
"trust": 0.8,
"url": "https://www.tenable.com/security/tns-2016-16"
},
{
"title": "OpenSSL Remediation measures for denial of service vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=63772"
},
{
"title": "Red Hat: Moderate: Red Hat JBoss Core Services Apache HTTP Server 2.4.29 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20182187 - security advisory"
},
{
"title": "Red Hat: Moderate: Red Hat JBoss Core Services Apache HTTP Server 2.4.29 RHEL 7 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20182185 - security advisory"
},
{
"title": "Red Hat: Important: openssl security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20161940 - security advisory"
},
{
"title": "Red Hat: Moderate: Red Hat JBoss Core Services Apache HTTP Server 2.4.29 RHEL 6 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20182186 - security advisory"
},
{
"title": "Red Hat: CVE-2016-6302",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2016-6302"
},
{
"title": "Arch Linux Issues: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=cve-2016-6302"
},
{
"title": "Ubuntu Security Notice: openssl regression",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3087-2"
},
{
"title": "Ubuntu Security Notice: openssl vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3087-1"
},
{
"title": "Amazon Linux AMI: ALAS-2016-755",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2016-755"
},
{
"title": "Arch Linux Advisories: [ASA-201609-23] openssl: multiple issues",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=asa-201609-23"
},
{
"title": "Arch Linux Advisories: [ASA-201609-24] lib32-openssl: multiple issues",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=asa-201609-24"
},
{
"title": "IBM: IBM Security Bulletin: Fabric OS firmware for Brocade 8Gb SAN Switch Module for BladeCenter is affected by vulnerabilities in OpenSSL and OpenSSH",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=b7f5b1e7edcafce07f28205855d4db49"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - January 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=69e9536e77203a3c76b24dd89f4f9300"
},
{
"title": "Tenable Security Advisories: [R7] Nessus 6.9 Fixes Multiple Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=tns-2016-16"
},
{
"title": "Symantec Security Advisories: SA132 : OpenSSL Vulnerabilities 22-Sep-2016 and 26-Sep-2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=1e6dcaf5dac6ef96a7d917a8c1393040"
},
{
"title": "Cisco: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: September 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20160927-openssl"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - April 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=a31bff03e9909229fd67996884614fdf"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=05aabe19d38058b7814ef5514aab4c0c"
},
{
"title": "Tenable Security Advisories: [R3] PVS 5.2.0 Fixes Multiple Third-party Library Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=tns-2016-20"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - July 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=586e6062440cdd312211d748e028164e"
},
{
"title": "Tenable Security Advisories: [R2] LCE 4.8.2 Fixes Multiple Third-party Library Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=tns-2016-21"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - October 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=6839c4d3fd328571c675c335d58b5591"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - July 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=2f446a7e1ea263c0c3a365776c6713f2"
},
{
"title": "Forcepoint Security Advisories: CVE-2016-2180 to -2183, -6302 to -6309, -2179, -7052 OpenSSL Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=forcepoint_security_advisories\u0026qid=a9dd8a175d084c7432b7ad47715ac50c"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - January 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=e2a7f287e9acc8c64ab3df71130bc64d"
},
{
"title": "Oracle VM Server for x86 Bulletins: Oracle VM Server for x86 Bulletin - October 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_vm_server_for_x86_bulletins\u0026qid=21c0efa2643d707e2f50a501209eb75c"
},
{
"title": "Oracle Linux Bulletins: Oracle Linux Bulletin - October 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=13f3551b67d913fba90df4b2c0dae0bf"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - April 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=4019ca77f50c7a34e4d97833e6f3321e"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - April 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=143b3fb255063c81571469eaa3cf0a87"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=523d3f220a64ff01dd95e064bd37566a"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-6302 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/holmes-py/reports-summary "
},
{
"title": "rhsecapi",
"trust": 0.1,
"url": "https://github.com/redhatofficial/rhsecapi "
},
{
"title": "alpine-cvecheck",
"trust": 0.1,
"url": "https://github.com/tomwillfixit/alpine-cvecheck "
},
{
"title": "cve-pylib",
"trust": 0.1,
"url": "https://github.com/redhatproductsecurity/cve-pylib "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/imhunterand/hackerone-publicy-disclosed "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-6302"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004781"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-449"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-004781"
},
{
"db": "NVD",
"id": "CVE-2016-6302"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"trust": 2.0,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2016-3090566.html"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039"
},
{
"trust": 2.0,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/92628"
},
{
"trust": 1.8,
"url": "http://rhn.redhat.com/errata/rhsa-2016-1940.html"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2018:2187"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2018:2186"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2018:2185"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html"
},
{
"trust": 1.7,
"url": "http://www.splunk.com/view/sp-caaapue"
},
{
"trust": 1.7,
"url": "http://www.splunk.com/view/sp-caaapsv"
},
{
"trust": 1.7,
"url": "https://kb.pulsesecure.net/articles/pulse_security_advisories/sa40312"
},
{
"trust": 1.7,
"url": "https://bto.bluecoat.com/security-advisory/sa132"
},
{
"trust": 1.7,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10759"
},
{
"trust": 1.7,
"url": "https://www.tenable.com/security/tns-2016-16"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1036885"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"trust": 1.7,
"url": "https://www.tenable.com/security/tns-2016-21"
},
{
"trust": 1.7,
"url": "https://www.tenable.com/security/tns-2016-20"
},
{
"trust": 1.7,
"url": "https://security.freebsd.org/advisories/freebsd-sa-16:26.openssl.asc"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
},
{
"trust": 1.1,
"url": "https://git.openssl.org/?p=openssl.git%3ba=commit%3bh=e97763c92c655dcf4af2860b3abd2bc4c8a267f9"
},
{
"trust": 0.9,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160927-openssl"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-6302"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu98667810/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-6302"
},
{
"trust": 0.8,
"url": "http://www.bizmobile.co.jp/news_02.php?id=4069\u0026nc=1"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2182"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6302"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6306"
},
{
"trust": 0.6,
"url": "https://git.openssl.org/?p=openssl.git;a=commit;h=e97763c92c655dcf4af2860b3abd2bc4c8a267f9"
},
{
"trust": 0.6,
"url": "https://www.openssl.org/news/vulnerabilities.html#y2017"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
},
{
"trust": 0.6,
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10887855"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.2148/"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2016-6306"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.4,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2016-2182"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2016-6302"
},
{
"trust": 0.3,
"url": "https://github.com/openssl/openssl/commit/1bbe48ab149893a78bf99c8eb8895c928900a16f"
},
{
"trust": 0.3,
"url": "http://openssl.org/"
},
{
"trust": 0.3,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369855"
},
{
"trust": 0.3,
"url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory21.asc"
},
{
"trust": 0.3,
"url": "https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-openssl-affect-ibm-worklight-and-ibm-mobilefirst-platform-foundation-2/"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1024394"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=isg3t1024401"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1024648"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1021643"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
},
{
"trust": 0.3,
"url": "https://kc.mcafee.com/resources/sites/mcafee/content/live/product_documentation/27000/pd27128/en_us/meg_7_6_406_3402_103_release_notes_en_us.pdf"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21991724"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21992348"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21992898"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21993061"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21993856"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21993875"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995129"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995392"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995393"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995691"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2178"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2179"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2177"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2181"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6304"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2180"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-3731"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-7055"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-3738"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-3731"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-3737"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-3732"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-3738"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-3732"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_core_services/2.4.29/"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2016-7055"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-3737"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-3736"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-3736"
},
{
"trust": 0.2,
"url": "https://issues.jboss.org/):"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6303"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2183"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/20.html"
},
{
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-6302"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/3087-2/"
},
{
"trust": 0.1,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-21"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=49001"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2180"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/news/secadv/20160922.txt"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2177"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2181"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-6304"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2179"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2178"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/blog/blog/2016/06/27/undefined-pointer-arithmetic/"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "http://www.ubuntu.com/usn/usn-3087-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1-4ubuntu5.37"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu2.20"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.2g-1ubuntu4.4"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-6302"
},
{
"db": "BID",
"id": "92628"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004781"
},
{
"db": "PACKETSTORM",
"id": "138870"
},
{
"db": "PACKETSTORM",
"id": "148521"
},
{
"db": "PACKETSTORM",
"id": "148525"
},
{
"db": "PACKETSTORM",
"id": "138817"
},
{
"db": "PACKETSTORM",
"id": "138820"
},
{
"db": "PACKETSTORM",
"id": "148524"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-449"
},
{
"db": "NVD",
"id": "CVE-2016-6302"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2016-6302"
},
{
"db": "BID",
"id": "92628"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004781"
},
{
"db": "PACKETSTORM",
"id": "138870"
},
{
"db": "PACKETSTORM",
"id": "148521"
},
{
"db": "PACKETSTORM",
"id": "148525"
},
{
"db": "PACKETSTORM",
"id": "138817"
},
{
"db": "PACKETSTORM",
"id": "138820"
},
{
"db": "PACKETSTORM",
"id": "148524"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-449"
},
{
"db": "NVD",
"id": "CVE-2016-6302"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-09-16T00:00:00",
"db": "VULMON",
"id": "CVE-2016-6302"
},
{
"date": "2016-08-24T00:00:00",
"db": "BID",
"id": "92628"
},
{
"date": "2016-09-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-004781"
},
{
"date": "2016-09-27T19:32:00",
"db": "PACKETSTORM",
"id": "138870"
},
{
"date": "2018-07-12T21:45:18",
"db": "PACKETSTORM",
"id": "148521"
},
{
"date": "2018-07-12T21:48:57",
"db": "PACKETSTORM",
"id": "148525"
},
{
"date": "2016-09-22T22:22:00",
"db": "PACKETSTORM",
"id": "138817"
},
{
"date": "2016-09-22T22:25:00",
"db": "PACKETSTORM",
"id": "138820"
},
{
"date": "2018-07-12T21:48:49",
"db": "PACKETSTORM",
"id": "148524"
},
{
"date": "2016-08-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201608-449"
},
{
"date": "2016-09-16T05:59:12.003000",
"db": "NVD",
"id": "CVE-2016-6302"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2016-6302"
},
{
"date": "2018-02-05T15:00:00",
"db": "BID",
"id": "92628"
},
{
"date": "2017-10-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-004781"
},
{
"date": "2022-12-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201608-449"
},
{
"date": "2023-11-07T02:33:56.930000",
"db": "NVD",
"id": "CVE-2016-6302"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "138870"
},
{
"db": "PACKETSTORM",
"id": "148525"
},
{
"db": "PACKETSTORM",
"id": "138820"
},
{
"db": "PACKETSTORM",
"id": "148524"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-449"
}
],
"trust": 1.0
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL of ssl/t1_lib.c of tls_decrypt_ticket Denial of service in function (DoS) Vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-004781"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201608-449"
}
],
"trust": 0.6
}
}
VAR-201701-1135
Vulnerability from variot - Updated: 2024-07-23 19:54NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to bypass the origin timestamp validation via a packet with an origin timestamp set to zero. The NTP.org reference implementation of ntpd contains multiple vulnerabilities. NTP is prone to a denial-of-service vulnerability. Successful exploits may allow the attacker to cause a denial-of-service condition. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03750en_us
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: hpesbhf03750en_us Version: 1
HPESBHF03750 rev.1 - HPE Network Products including Comware 5, Comware 7 and VCX running NTP, Remote Denial of Service (DoS), Unauthorized Modification, Local Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2017-05-25 Last Updated: 2017-05-25
Potential Security Impact: Local: Denial of Service (DoS); Remote: Denial of Service (DoS), Unauthorized Modification
Source: Hewlett Packard Enterprise, Product Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities with NTP have been addressed for HPE network products including Comware 5, Comware 7 and VCX.
- Comware v5 (CW5) Products All versions - Please refer to the RESOLUTION below for a list of updated products.
- Comware v7 (CW7) Products All versions - Please refer to the RESOLUTION below for a list of updated products.
- VCX Products All versions - Please refer to the RESOLUTION below for a list of updated products.
BACKGROUND
CVSS Base Metrics ================= Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector
CVE-2015-7973
6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
5.8 (AV:N/AC:M/Au:N/C:N/I:P/A:P)
CVE-2015-7974
3.1 CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
2.1 (AV:N/AC:H/Au:S/C:N/I:P/A:N)
CVE-2015-7975
4.0 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
2.1 (AV:L/AC:L/Au:N/C:N/I:N/A:P)
CVE-2015-7979
5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVE-2015-8138
5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
5.0 (AV:N/AC:L/Au:N/C:N/I:P/A:N)
CVE-2015-8158
5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
Information on CVSS is documented in
HPE Customer Notice HPSN-2008-002 here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499
RESOLUTION
HPE has made the following software updates available to resolve the vulnerabilities in the Comware and VCX products running NTP.
COMWARE 5 Products
- A6600 (Comware 5) - Version: R3303P31
- HP Network Products
- JC165A HP 6600 RPE-X1 Router Module
- JC177A HP 6608 Router
- JC177B HP 6608 Router Chassis
- JC178A HP 6604 Router Chassis
- JC178B HP 6604 Router Chassis
- JC496A HP 6616 Router Chassis
- JC566A HP 6600 RSE-X1 Router Main Processing Unit
- JG780A HP 6600 RSE-X1 TAA-compliant Main Processing Unit
- JG781A HP 6600 RPE-X1 TAA-compliant Main Processing Unit
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- HSR6602 (Comware 5) - Version: R3303P31
- HP Network Products
- JC176A HP 6602 Router Chassis
- JG353A HP HSR6602-G Router
- JG354A HP HSR6602-XG Router
- JG355A HP 6600 MCP-X1 Router Main Processing Unit
- JG356A HP 6600 MCP-X2 Router Main Processing Unit
- JG776A HP HSR6602-G TAA-compliant Router
- JG777A HP HSR6602-XG TAA-compliant Router
- JG778A HP 6600 MCP-X2 Router TAA-compliant Main Processing Unit
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- HSR6800 (Comware 5) - Version: R3303P31
- HP Network Products
- JG361A HP HSR6802 Router Chassis
- JG361B HP HSR6802 Router Chassis
- JG362A HP HSR6804 Router Chassis
- JG362B HP HSR6804 Router Chassis
- JG363A HP HSR6808 Router Chassis
- JG363B HP HSR6808 Router Chassis
- JG364A HP HSR6800 RSE-X2 Router Main Processing Unit
- JG779A HP HSR6800 RSE-X2 Router TAA-compliant Main Processing Unit
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- MSR20 (Comware 5) - Version: R2516P06
- HP Network Products
- JD432A HP A-MSR20-21 Router
- JD662A HP MSR20-20 Router
- JD663A HP A-MSR20-21 Router
- JD663B HP MSR20-21 Router
- JD664A HP MSR20-40 Router
- JF228A HP MSR20-40 Router
- JF283A HP MSR20-20 Router
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- MSR20-1X (Comware 5) - Version: R2516P06
- HP Network Products
- JD431A HP MSR20-10 Router
- JD667A HP MSR20-15 IW Multi-Service Router
- JD668A HP MSR20-13 Multi-Service Router
- JD669A HP MSR20-13 W Multi-Service Router
- JD670A HP MSR20-15 A Multi-Service Router
- JD671A HP MSR20-15 AW Multi-Service Router
- JD672A HP MSR20-15 I Multi-Service Router
- JD673A HP MSR20-11 Multi-Service Router
- JD674A HP MSR20-12 Multi-Service Router
- JD675A HP MSR20-12 W Multi-Service Router
- JD676A HP MSR20-12 T1 Multi-Service Router
- JF236A HP MSR20-15-I Router
- JF237A HP MSR20-15-A Router
- JF238A HP MSR20-15-I-W Router
- JF239A HP MSR20-11 Router
- JF240A HP MSR20-13 Router
- JF241A HP MSR20-12 Router
- JF806A HP MSR20-12-T Router
- JF807A HP MSR20-12-W Router
- JF808A HP MSR20-13-W Router
- JF809A HP MSR20-15-A-W Router
- JF817A HP MSR20-15 Router
- JG209A HP MSR20-12-T-W Router (NA)
- JG210A HP MSR20-13-W Router (NA)
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- MSR 30 (Comware 5) - Version: R2516
- HP Network Products
- JD654A HP MSR30-60 POE Multi-Service Router
- JD657A HP MSR30-40 Multi-Service Router
- JD658A HP MSR30-60 Multi-Service Router
- JD660A HP MSR30-20 POE Multi-Service Router
- JD661A HP MSR30-40 POE Multi-Service Router
- JD666A HP MSR30-20 Multi-Service Router
- JF229A HP MSR30-40 Router
- JF230A HP MSR30-60 Router
- JF232A HP RTMSR3040-AC-OVSAS-H3
- JF235A HP MSR30-20 DC Router
- JF284A HP MSR30-20 Router
- JF287A HP MSR30-40 DC Router
- JF801A HP MSR30-60 DC Router
- JF802A HP MSR30-20 PoE Router
- JF803A HP MSR30-40 PoE Router
- JF804A HP MSR30-60 PoE Router
- JG728A HP MSR30-20 TAA-compliant DC Router
- JG729A HP MSR30-20 TAA-compliant Router
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- MSR 30-16 (Comware 5) - Version: R2516P06
- HP Network Products
- JD659A HP MSR30-16 POE Multi-Service Router
- JD665A HP MSR30-16 Multi-Service Router
- JF233A HP MSR30-16 Router
- JF234A HP MSR30-16 PoE Router,
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- MSR 30-1X (Comware 5) - Version: R2516P06
- HP Network Products
- JF800A HP MSR30-11 Router
- JF816A HP MSR30-10 2 FE /2 SIC /1 MIM MS Rtr
- JG182A HP MSR30-11E Router
- JG183A HP MSR30-11F Router
- JG184A HP MSR30-10 DC Router
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- MSR 50 (Comware 5) - Version: R2516P06
- HP Network Products
- JD433A HP MSR50-40 Router
- JD653A HP MSR50 Processor Module
- JD655A HP MSR50-40 Multi-Service Router
- JD656A HP MSR50-60 Multi-Service Router
- JF231A HP MSR50-60 Router
- JF285A HP MSR50-40 DC Router
- JF640A HP MSR50-60 Rtr Chassis w DC PwrSupply
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- MSR 50-G2 (Comware 5) - Version: R2516P06
- HP Network Products
- JD429A HP MSR50 G2 Processor Module
- JD429B HP MSR50 G2 Processor Module
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- MSR 9XX (Comware 5) - Version: R2516P06
- HP Network Products
- JF812A HP MSR900 Router
- JF813A HP MSR920 Router
- JF814A HP MSR900-W Router
- JF815A HP MSR920 2FEWAN/8FELAN/.11 b/g Rtr
- JG207A HP MSR900-W Router (NA)
- JG208A HP MSR920-W Router (NA)
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- MSR 93X (Comware 5) - Version: R2516P06
- HP Network Products
- JG511A HP MSR930 Router
- JG511B HP MSR930 Router
- JG512A HP MSR930 Wireless Router
- JG513A HP MSR930 3G Router
- JG513B HP MSR930 3G Router
- JG514A HP MSR931 Router
- JG514B HP MSR931 Router
- JG515A HP MSR931 3G Router
- JG516A HP MSR933 Router
- JG517A HP MSR933 3G Router
- JG518A HP MSR935 Router
- JG518B HP MSR935 Router
- JG519A HP MSR935 Wireless Router
- JG520A HP MSR935 3G Router
- JG531A HP MSR931 Dual 3G Router
- JG531B HP MSR931 Dual 3G Router
- JG596A HP MSR930 4G LTE/3G CDMA Router
- JG597A HP MSR936 Wireless Router
- JG665A HP MSR930 4G LTE/3G WCDMA Global Router
- JG704A HP MSR930 4G LTE/3G WCDMA ATT Router
- JH009A HP MSR931 Serial (TI) Router
- JH010A HP MSR933 G.SHDSL (TI) Router
- JH011A HP MSR935 ADSL2+ (TI) Router
- JH012A HP MSR930 Wireless 802.11n (NA) Router
- JH012B HP MSR930 Wireless 802.11n (NA) Router
- JH013A HP MSR935 Wireless 802.11n (NA) Router
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- MSR1000 (Comware 5) - Version: R2516P06
- HP Network Products
- JG732A HP MSR1003-8 AC Router
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- 12500 (Comware 5) - Version: R1829P03
- HP Network Products
- JC072B HP 12500 Main Processing Unit
- JC085A HP A12518 Switch Chassis
- JC086A HP A12508 Switch Chassis
- JC652A HP 12508 DC Switch Chassis
- JC653A HP 12518 DC Switch Chassis
- JC654A HP 12504 AC Switch Chassis
- JC655A HP 12504 DC Switch Chassis
- JC808A HP 12500 TAA Main Processing Unit
- JF430A HP A12518 Switch Chassis
- JF430B HP 12518 Switch Chassis
- JF430C HP 12518 AC Switch Chassis
- JF431A HP A12508 Switch Chassis
- JF431B HP 12508 Switch Chassis
- JF431C HP 12508 AC Switch Chassis
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- 9500E (Comware 5) - Version: R1829P03
- HP Network Products
- JC124A HP A9508 Switch Chassis
- JC124B HP 9505 Switch Chassis
- JC125A HP A9512 Switch Chassis
- JC125B HP 9512 Switch Chassis
- JC474A HP A9508-V Switch Chassis
- JC474B HP 9508-V Switch Chassis
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- 10500 (Comware 5) - Version: R1210P03
- HP Network Products
- JC611A HP 10508-V Switch Chassis
- JC612A HP 10508 Switch Chassis
- JC613A HP 10504 Switch Chassis
- JC614A HP 10500 Main Processing Unit
- JC748A HP 10512 Switch Chassis
- JG375A HP 10500 TAA-compliant Main Processing Unit
- JG820A HP 10504 TAA-compliant Switch Chassis
- JG821A HP 10508 TAA-compliant Switch Chassis
- JG822A HP 10508-V TAA-compliant Switch Chassis
- JG823A HP 10512 TAA-compliant Switch Chassis
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- 7500 (Comware 5) - Version: R6710P03
- HP Network Products
- JC666A HP 7503-S 144Gbps Fabric/MPU with PoE Upgradable 20-port Gig-T/4-port GbE Combo
- JC697A HP 7502 TAA-compliant Main Processing Unit
- JC698A HP 7503-S 144Gbps TAA Fabric / MPU with 16 GbE SFP Ports and 8 GbE Combo Ports
- JC699A HP 7500 384Gbps TAA-compliant Fabric / MPU with 2 10GbE XFP Ports
- JC700A HP 7500 384Gbps TAA-compliant Fabric / Main Processing Unit
- JC701A HP 7500 768Gbps TAA-compliant Fabric / Main Processing Unit
- JD193A HP 7500 384Gbps Fabric Module with 2 XFP Ports
- JD193B HP 7500 384Gbps Fabric Module with 2 XFP Ports
- JD194A HP 7500 384Gbps Fabric Module
- JD194B HP 7500 384Gbps Fabric Module
- JD195A HP 7500 384Gbps Advanced Fabric Module
- JD196A HP 7502 Fabric Module
- JD220A HP 7500 768Gbps Fabric Module
- JD224A HP 7500 384Gbps Fabric Module with 12 SFP Ports
- JD238A HP 7510 Switch Chassis
- JD238B HP 7510 Switch Chassis
- JD239A HP 7506 Switch Chassis
- JD239B HP 7506 Switch Chassis
- JD240A HP 7503 Switch Chassis
- JD240B HP 7503 Switch Chassis
- JD241A HP 7506-V Switch Chassis
- JD241B HP 7506-V Switch Chassis
- JD242A HP 7502 Switch Chassis
- JD242B HP 7502 Switch Chassis
- JD243A HP 7503-S Switch Chassis with 1 Fabric Slot
- JD243B HP 7503-S Switch Chassis with 1 Fabric Slot
- JE164A HP E7902 Switch Chassis
- JE165A HP E7903 Switch Chassis
- JE166A HP E7903 1 Fabric Slot Switch Chassis
- JE167A HP E7906 Switch Chassis
- JE168A HP E7906 Vertical Switch Chassis
- JE169A HP E7910 Switch Chassis
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- 6125G/XG Blade Switch - Version: R2112P06
- HP Network Products
- 737220-B21 HP 6125G Blade Switch with TAA
- 737226-B21 HP 6125G/XG Blade Switch with TAA
- 658250-B21 HP 6125G/XG Blade Switch Opt Kit
- 658247-B21 HP 6125G Blade Switch Opt Kit
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- 5800 (Comware 5) - Version: R1810P07
- HP Network Products
- JC099A HP 5800-24G-PoE Switch
- JC099B HP 5800-24G-PoE+ Switch
- JC100A HP 5800-24G Switch
- JC100B HP 5800-24G Switch
- JC101A HP 5800-48G Switch with 2 Slots
- JC101B HP 5800-48G-PoE+ Switch with 2 Interface Slots
- JC103A HP 5800-24G-SFP Switch
- JC103B HP 5800-24G-SFP Switch with 1 Interface Slot
- JC104A HP 5800-48G-PoE Switch
- JC104B HP 5800-48G-PoE+ Switch with 1 Interface Slot
- JC105A HP 5800-48G Switch
- JC105B HP 5800-48G Switch with 1 Interface Slot
- JG254A HP 5800-24G-PoE+ TAA-compliant Switch
- JG254B HP 5800-24G-PoE+ TAA-compliant Switch
- JG255A HP 5800-24G TAA-compliant Switch
- JG255B HP 5800-24G TAA-compliant Switch
- JG256A HP 5800-24G-SFP TAA-compliant Switch with 1 Interface Slot
- JG256B HP 5800-24G-SFP TAA-compliant Switch with 1 Interface Slot
- JG257A HP 5800-48G-PoE+ TAA-compliant Switch with 1 Interface Slot
- JG257B HP 5800-48G-PoE+ TAA-compliant Switch with 1 Interface Slot
- JG258A HP 5800-48G TAA-compliant Switch with 1 Interface Slot
- JG258B HP 5800-48G TAA-compliant Switch with 1 Interface Slot
- JG225A HP 5800AF-48G Switch
- JG225B HP 5800AF-48G Switch
- JG242A HP 5800-48G-PoE+ TAA-compliant Switch with 2 Interface Slots
- JG242B HP 5800-48G-PoE+ TAA-compliant Switch with 2 Interface
- JG243A HP 5820-24XG-SFP+ TAA-compliant Switch
- JG243B HP 5820-24XG-SFP+ TAA-compliant Switch
- JG259A HP 5820X-14XG-SFP+ TAA-compliant Switch with 2 Interface Slots & 1 OAA Slot
- JG259B HP 5820-14XG-SFP+ TAA-compliant Switch with 2 Interface Slots and 1 OAA Slot
- JC106A HP 5820-14XG-SFP+ Switch with 2 Slots
- JC106B HP 5820-14XG-SFP+ Switch with 2 Interface Slots & 1 OAA Slot
- JG219A HP 5820AF-24XG Switch
- JG219B HP 5820AF-24XG Switch
- JC102A HP 5820-24XG-SFP+ Switch
- JC102B HP 5820-24XG-SFP+ Switch
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- 5500 HI (Comware 5) - Version: R5501P28
- HP Network Products
- JG311A HP 5500-24G-4SFP HI Switch with 2 Interface Slots
- JG312A HP 5500-48G-4SFP HI Switch with 2 Interface Slots
- JG541A HP 5500-24G-PoE+-4SFP HI Switch with 2 Interface Slots
- JG542A HP 5500-48G-PoE+-4SFP HI Switch with 2 Interface Slots
- JG543A HP 5500-24G-SFP HI Switch with 2 Interface Slots
- JG679A HP 5500-24G-PoE+-4SFP HI TAA-compliant Switch with 2 Interface Slots
- JG680A HP 5500-48G-PoE+-4SFP HI TAA-compliant Switch with 2 Interface Slots
- JG681A HP 5500-24G-SFP HI TAA-compliant Switch with 2 Interface Slots
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- 5500 EI (Comware 5) - Version: R2221P30
- HP Network Products
- JD373A HP 5500-24G DC EI Switch
- JD374A HP 5500-24G-SFP EI Switch
- JD375A HP 5500-48G EI Switch
- JD376A HP 5500-48G-PoE EI Switch
- JD377A HP 5500-24G EI Switch
- JD378A HP 5500-24G-PoE EI Switch
- JD379A HP 5500-24G-SFP DC EI Switch
- JG240A HP 5500-48G-PoE+ EI Switch with 2 Interface Slots
- JG241A HP 5500-24G-PoE+ EI Switch with 2 Interface Slots
- JG249A HP 5500-24G-SFP EI TAA-compliant Switch with 2 Interface
- JG250A HP 5500-24G EI TAA-compliant Switch with 2 Interface Slots
- JG251A HP 5500-48G EI TAA-compliant Switch with 2 Interface Slots
- JG252A HP 5500-24G-PoE+ EI TAA-compliant Switch with 2 Interface Slots
- JG253A HP 5500-48G-PoE+ EI TAA-compliant Switch with 2 Interface Slots
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- 4800G (Comware 5) - Version: R2221P30
- HP Network Products
- JD007A HP 4800-24G Switch
- JD008A HP 4800-24G-PoE Switch
- JD009A HP 4800-24G-SFP Switch
- JD010A HP 4800-48G Switch
- JD011A HP 4800-48G-PoE Switch
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- 5500SI (Comware 5) - Version: R2221P30
- HP Network Products
- JD369A HP 5500-24G SI Switch
- JD370A HP 5500-48G SI Switch
- JD371A HP 5500-24G-PoE SI Switch
- JD372A HP 5500-48G-PoE SI Switch
- JG238A HP 5500-24G-PoE+ SI Switch with 2 Interface Slots
- JG239A HP 5500-48G-PoE+ SI Switch with 2 Interface Slots
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- 4500G (Comware 5) - Version: R2221P30
- HP Network Products
- JF428A HP 4510-48G Switch
- JF847A HP 4510-24G Switch
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- 5120 EI (Comware 5) - Version: R2221P30
- HP Network Products
- JE066A HP 5120-24G EI Switch
- JE067A HP 5120-48G EI Switch
- JE068A HP 5120-24G EI Switch with 2 Interface Slots
- JE069A HP 5120-48G EI Switch with 2 Interface Slots
- JE070A HP 5120-24G-PoE EI 2-slot Switch
- JE071A HP 5120-48G-PoE EI 2-slot Switch
- JG236A HP 5120-24G-PoE+ EI Switch with 2 Interface Slots
- JG237A HP 5120-48G-PoE+ EI Switch with 2 Interface Slots
- JG245A HP 5120-24G EI TAA-compliant Switch with 2 Interface Slots
- JG246A HP 5120-48G EI TAA-compliant Switch with 2 Interface Slots
- JG247A HP 5120-24G-PoE+ EI TAA-compliant Switch with 2 Slots
- JG248A HP 5120-48G-PoE+ EI TAA-compliant Switch with 2 Slots
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- 4210G (Comware 5) - Version: R2221P30
- HP Network Products
- JF844A HP 4210-24G Switch
- JF845A HP 4210-48G Switch
- JF846A HP 4210-24G-PoE Switch
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- 5120 SI (Comware 5) - Version: R1518P03
- HP Network Products
- JE072A HP 5120-48G SI Switch
- JE072B HPE 5120 48G SI Switch
- JE073A HP 5120-16G SI Switch
- JE073B HPE 5120 16G SI Switch
- JE074A HP 5120-24G SI Switch
- JE074B HPE 5120 24G SI Switch
- JG091A HP 5120-24G-PoE+ (370W) SI Switch
- JG091B HPE 5120 24G PoE+ (370W) SI Switch
- JG092A HP 5120-24G-PoE+ (170W) SI Switch
- JG309B HPE 5120 8G PoE+ (180W) SI Switch
- JG310B HPE 5120 8G PoE+ (65W) SI Switch
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- 3610 (Comware 5) - Version: R5319P16
- HP Network Products
- JD335A HP 3610-48 Switch
- JD336A HP 3610-24-4G-SFP Switch
- JD337A HP 3610-24-2G-2G-SFP Switch
- JD338A HP 3610-24-SFP Switch
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- 3600V2 (Comware 5) - Version: R2111P04
- HP Network Products
- JG299A HP 3600-24 v2 EI Switch
- JG299B HP 3600-24 v2 EI Switch
- JG300A HP 3600-48 v2 EI Switch
- JG300B HP 3600-48 v2 EI Switch
- JG301A HP 3600-24-PoE+ v2 EI Switch
- JG301B HP 3600-24-PoE+ v2 EI Switch
- JG301C HP 3600-24-PoE+ v2 EI Switch
- JG302A HP 3600-48-PoE+ v2 EI Switch
- JG302B HP 3600-48-PoE+ v2 EI Switch
- JG302C HP 3600-48-PoE+ v2 EI Switch
- JG303A HP 3600-24-SFP v2 EI Switch
- JG303B HP 3600-24-SFP v2 EI Switch
- JG304A HP 3600-24 v2 SI Switch
- JG304B HP 3600-24 v2 SI Switch
- JG305A HP 3600-48 v2 SI Switch
- JG305B HP 3600-48 v2 SI Switch
- JG306A HP 3600-24-PoE+ v2 SI Switch
- JG306B HP 3600-24-PoE+ v2 SI Switch
- JG306C HP 3600-24-PoE+ v2 SI Switch
- JG307A HP 3600-48-PoE+ v2 SI Switch
- JG307B HP 3600-48-PoE+ v2 SI Switch
- JG307C HP 3600-48-PoE+ v2 SI Switch
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- 3100V2 (Comware 5) - Version: R5213P03
- HP Network Products
- JD313B HPE 3100 24 PoE v2 EI Switch
- JD318B HPE 3100 8 v2 EI Switch
- JD319B HPE 3100 16 v2 EI Switch
- JD320B HPE 3100 24 v2 EI Switch
- JG221A HPE 3100 8 v2 SI Switch
- JG222A HPE 3100 16 v2 SI Switch
- JG223A HPE 3100 24 v2 SI Switch
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- HP870 (Comware 5) - Version: R2607P55
- HP Network Products
- JG723A HP 870 Unified Wired-WLAN Appliance
- JG725A HP 870 Unified Wired-WLAN TAA-compliant Appliance
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- HP850 (Comware 5) - Version: R2607P55
- HP Network Products
- JG722A HP 850 Unified Wired-WLAN Appliance
- JG724A HP 850 Unified Wired-WLAN TAA-compliant Appliance
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- HP830 (Comware 5) - Version: R3507P55
- HP Network Products
- JG640A HP 830 24-Port PoE+ Unified Wired-WLAN Switch
- JG641A HP 830 8-port PoE+ Unified Wired-WLAN Switch
- JG646A HP 830 24-Port PoE+ Unified Wired-WLAN TAA-compliant Switch
- JG647A HP 830 8-Port PoE+ Unified Wired-WLAN TAA-compliant
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- HP6000 (Comware 5) - Version: R2507P55
- HP Network Products
- JG639A HP 10500/7500 20G Unified Wired-WLAN Module
- JG645A HP 10500/7500 20G Unified Wired-WLAN TAA-compliant Module
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- WX5004-EI (Comware 5) - Version: R2507P55
- HP Network Products
- JD447B HP WX5002 Access Controller
- JD448A HP WX5004 Access Controller
- JD448B HP WX5004 Access Controller
- JD469A HP WX5004 Access Controller
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- SecBlade FW (Comware 5) - Version: R3181P09
- HP Network Products
- JC635A HP 12500 VPN Firewall Module
- JD245A HP 9500 VPN Firewall Module
- JD249A HP 10500/7500 Advanced VPN Firewall Module
- JD250A HP 6600 Firewall Processing Router Module
- JD251A HP 8800 Firewall Processing Module
- JD255A HP 5820 VPN Firewall Module
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- F1000-E (Comware 5) - Version: TBD still fixing
- HP Network Products
- JD272A HP F1000-E VPN Firewall Appliance
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- F1000-A-EI (Comware 5) - Version: TBD still fixing
- HP Network Products
- JG214A HP F1000-A-EI VPN Firewall Appliance
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- F1000-S-EI (Comware 5) - Version: TBD still fixing
- HP Network Products
- JG213A HP F1000-S-EI VPN Firewall Appliance
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- F1000-A-EI/F1000-S-EI - Version: R3734P10
- HP Network Products
- JD272A HP F1000-E VPN Firewall Appliance
- JG214A HP F1000-A-EI VPN Firewall Appliance
- JG213A HP F1000-S-EI VPN Firewall Appliance
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- F5000-A (Comware 5) - Version: F3210P27
- HP Network Products
- JD259A HP A5000-A5 VPN Firewall Chassis
- JG215A HP F5000 Firewall Main Processing Unit
- JG216A HP F5000 Firewall Standalone Chassis
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- U200S and CS (Comware 5) - Version: F5123P34
- HP Network Products
- JD273A HP U200-S UTM Appliance
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- U200A and M (Comware 5) - Version: F5123P34
- HP Network Products
- JD275A HP U200-A UTM Appliance
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- F5000-C/S (Comware 5) - Version: TBD still fixing
- HP Network Products
- JG650A HP F5000-C VPN Firewall Appliance
- JG370A HP F5000-S VPN Firewall Appliance
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- SecBlade III (Comware 5) - Version: TBD still fixing
- HP Network Products
- JG371A HP 12500 20Gbps VPN Firewall Module
- JG372A HP 10500/11900/7500 20Gbps VPN Firewall Module
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- 6600 RSE RU (Comware 5 Low Encryption SW) - Version: R3303P31
- HP Network Products
- JC177A HP 6608 Router
- JC177B HP 6608 Router Chassis
- JC178A HP 6604 Router Chassis
- JC178B HP 6604 Router Chassis
- JC496A HP 6616 Router Chassis
- JC566A HP 6600 RSE-X1 Router Main Processing Unit
- JG780A HP 6600 RSE-X1 TAA-compliant Main Processing Unit
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- 6600 RPE RU (Comware 5 Low Encryption SW) - Version: R3303P31
- HP Network Products
- JC165A HP 6600 RPE-X1 Router Module
- JC177A HP 6608 Router
- JC177B HPE FlexNetwork 6608 Router Chassis
- JC178A HPE FlexNetwork 6604 Router Chassis
- JC178B HPE FlexNetwork 6604 Router Chassis
- JC496A HPE FlexNetwork 6616 Router Chassis
- JG781A HP 6600 RPE-X1 TAA-compliant Main Processing Unit
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- 6602 RU (Comware 5 Low Encryption SW) - Version: R3303P31
- HP Network Products
- JC176A HP 6602 Router Chassis
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- HSR6602 RU (Comware 5 Low Encryption SW) - Version: R3303P31
- HP Network Products
- JC177A HP 6608 Router
- JC177B HP 6608 Router Chassis
- JC178A HP 6604 Router Chassis
- JC178B HP 6604 Router Chassis
- JC496A HP 6616 Router Chassis
- JG353A HP HSR6602-G Router
- JG354A HP HSR6602-XG Router
- JG355A HP 6600 MCP-X1 Router Main Processing Unit
- JG356A HP 6600 MCP-X2 Router Main Processing Unit
- JG776A HP HSR6602-G TAA-compliant Router
- JG777A HP HSR6602-XG TAA-compliant Router
- JG778A HP 6600 MCP-X2 Router TAA-compliant Main Processing Unit
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- HSR6800 RU (Comware 5 Low Encryption SW) - Version: R3303P31
- HP Network Products
- JG361A HP HSR6802 Router Chassis
- JG361B HP HSR6802 Router Chassis
- JG362A HP HSR6804 Router Chassis
- JG362B HP HSR6804 Router Chassis
- JG363A HP HSR6808 Router Chassis
- JG363B HP HSR6808 Router Chassis
- JG364A HP HSR6800 RSE-X2 Router Main Processing Unit
- JG779A HP HSR6800 RSE-X2 Router TAA-compliant Main Processing Unit
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- SMB1910 (Comware 5) - Version: R1115
- HP Network Products
- JG540A HP 1910-48 Switch
- JG539A HP 1910-24-PoE+ Switch
- JG538A HP 1910-24 Switch
- JG537A HP 1910-8 -PoE+ Switch
- JG536A HP 1910-8 Switch
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- SMB1920 (Comware 5) - Version: R1114
- HP Network Products
- JG928A HP 1920-48G-PoE+ (370W) Switch
- JG927A HP 1920-48G Switch
- JG926A HP 1920-24G-PoE+ (370W) Switch
- JG925A HP 1920-24G-PoE+ (180W) Switch
- JG924A HP 1920-24G Switch
- JG923A HP 1920-16G Switch
- JG922A HP 1920-8G-PoE+ (180W) Switch
- JG921A HP 1920-8G-PoE+ (65W) Switch
- JG920A HP 1920-8G Switch
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- V1910 (Comware 5) - Version: R1518P03
- HP Network Products
- JE005A HP 1910-16G Switch
- JE006A HP 1910-24G Switch
- JE007A HP 1910-24G-PoE (365W) Switch
- JE008A HP 1910-24G-PoE(170W) Switch
- JE009A HP 1910-48G Switch
- JG348A HP 1910-8G Switch
- JG349A HP 1910-8G-PoE+ (65W) Switch
- JG350A HP 1910-8G-PoE+ (180W) Switch
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- SMB 1620 (Comware 5) - Version: R1112
- HP Network Products
- JG914A HP 1620-48G Switch
- JG913A HP 1620-24G Switch
- JG912A HP 1620-8G Switch
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- NJ5000 - Version: R1108
- HP Network Products
- JH237A HPE FlexNetwork NJ5000 5G PoE+ Walljack
- CVEs
- CVE-2015-7973
- CVE-2015-7974
COMWARE 7 Products
- 12500 (Comware 7) - Version: R7377P02
- HP Network Products
- JC072B HP 12500 Main Processing Unit
- JC085A HP A12518 Switch Chassis
- JC086A HP A12508 Switch Chassis
- JC652A HP 12508 DC Switch Chassis
- JC653A HP 12518 DC Switch Chassis
- JC654A HP 12504 AC Switch Chassis
- JC655A HP 12504 DC Switch Chassis
- JF430A HP A12518 Switch Chassis
- JF430B HP 12518 Switch Chassis
- JF430C HP 12518 AC Switch Chassis
- JF431A HP A12508 Switch Chassis
- JF431B HP 12508 Switch Chassis
- JF431C HP 12508 AC Switch Chassis
- JG497A HP 12500 MPU w/Comware V7 OS
- JG782A HP FF 12508E AC Switch Chassis
- JG783A HP FF 12508E DC Switch Chassis
- JG784A HP FF 12518E AC Switch Chassis
- JG785A HP FF 12518E DC Switch Chassis
- JG802A HP FF 12500E MPU
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- CVE-2015-7979
- CVE-2015-8138
- 10500 (Comware 7) - Version: R7184
- HP Network Products
- JC611A HP 10508-V Switch Chassis
- JC612A HP 10508 Switch Chassis
- JC613A HP 10504 Switch Chassis
- JC748A HP 10512 Switch Chassis
- JG608A HP FlexFabric 11908-V Switch Chassis
- JG609A HP FlexFabric 11900 Main Processing Unit
- JG820A HP 10504 TAA Switch Chassis
- JG821A HP 10508 TAA Switch Chassis
- JG822A HP 10508-V TAA Switch Chassis
- JG823A HP 10512 TAA Switch Chassis
- JG496A HP 10500 Type A MPU w/Comware v7 OS
- JH198A HP 10500 Type D Main Processing Unit with Comware v7 Operating System
- JH206A HP 10500 Type D TAA-compliant with Comware v7 Operating System Main Processing Unit
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- CVE-2015-7979
- CVE-2015-8138
- 5900 (Comware 7) - Version: R2422P02
- HP Network Products
- JC772A HP 5900AF-48XG-4QSFP+ Switch
- JG296A HP 5920AF-24XG Switch
- JG336A HP 5900AF-48XGT-4QSFP+ Switch
- JG510A HP 5900AF-48G-4XG-2QSFP+ Switch
- JG554A HP 5900AF-48XG-4QSFP+ TAA Switch
- JG555A HP 5920AF-24XG TAA Switch
- JG838A HP FF 5900CP-48XG-4QSFP+ Switch
- JH036A HP FlexFabric 5900CP 48XG 4QSFP+ TAA-Compliant
- JH037A HP 5900AF 48XGT 4QSFP+ TAA-Compliant Switch
- JH038A HP 5900AF 48G 4XG 2QSFP+ TAA-Compliant
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- CVE-2015-7979
- CVE-2015-8138
- MSR1000 (Comware 7) - Version: R0306P52
- HP Network Products
- JG875A HP MSR1002-4 AC Router
- JH060A HP MSR1003-8S AC Router
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- CVE-2015-7979
- CVE-2015-8138
- MSR2000 (Comware 7) - Version: R0306P52
- HP Network Products
- JG411A HP MSR2003 AC Router
- JG734A HP MSR2004-24 AC Router
- JG735A HP MSR2004-48 Router
- JG866A HP MSR2003 TAA-compliant AC Router
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- CVE-2015-7979
- CVE-2015-8138
- MSR3000 (Comware 7) - Version: R0306P52
- HP Network Products
- JG404A HP MSR3064 Router
- JG405A HP MSR3044 Router
- JG406A HP MSR3024 AC Router
- JG407A HP MSR3024 DC Router
- JG408A HP MSR3024 PoE Router
- JG409A HP MSR3012 AC Router
- JG410A HP MSR3012 DC Router
- JG861A HP MSR3024 TAA-compliant AC Router
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- CVE-2015-7979
- CVE-2015-8138
- MSR4000 (Comware 7) - Version: R0306P52
- HP Network Products
- JG402A HP MSR4080 Router Chassis
- JG403A HP MSR4060 Router Chassis
- JG412A HP MSR4000 MPU-100 Main Processing Unit
- JG869A HP MSR4000 TAA-compliant MPU-100 Main Processing Unit
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- CVE-2015-7979
- CVE-2015-8138
- VSR (Comware 7) - Version: E0324
- HP Network Products
- JG810AAE HP VSR1001 Virtual Services Router 60 Day Evaluation Software
- JG811AAE HP VSR1001 Comware 7 Virtual Services Router
- JG812AAE HP VSR1004 Comware 7 Virtual Services Router
- JG813AAE HP VSR1008 Comware 7 Virtual Services Router
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- CVE-2015-7979
- CVE-2015-8138
- 7900 (Comware 7) - Version: R2152
- HP Network Products
- JG682A HP FlexFabric 7904 Switch Chassis
- JG841A HP FlexFabric 7910 Switch Chassis
- JG842A HP FlexFabric 7910 7.2Tbps Fabric / Main Processing Unit
- JH001A HP FlexFabric 7910 2.4Tbps Fabric / Main Processing Unit
- JH122A HP FlexFabric 7904 TAA-compliant Switch Chassis
- JH123A HP FlexFabric 7910 TAA-compliant Switch Chassis
- JH124A HP FlexFabric 7910 7.2Tbps TAA-compliant Fabric/Main Processing Unit
- JH125A HP FlexFabric 7910 2.4Tbps TAA-compliant Fabric/Main Processing Unit
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- CVE-2015-7979
- CVE-2015-8138
- 5130 (Comware 7) - Version: R3115P01
- HP Network Products
- JG932A HP 5130-24G-4SFP+ EI Switch
- JG933A HP 5130-24G-SFP-4SFP+ EI Switch
- JG934A HP 5130-48G-4SFP+ EI Switch
- JG936A HP 5130-24G-PoE+-4SFP+ (370W) EI Switch
- JG937A HP 5130-48G-PoE+-4SFP+ (370W) EI Switch
- JG938A HP 5130-24G-2SFP+-2XGT EI Switch
- JG939A HP 5130-48G-2SFP+-2XGT EI Switch
- JG940A HP 5130-24G-PoE+-2SFP+-2XGT (370W) EI Switch
- JG941A HP 5130-48G-PoE+-2SFP+-2XGT (370W) EI Switch
- JG975A HP 5130-24G-4SFP+ EI Brazil Switch
- JG976A HP 5130-48G-4SFP+ EI Brazil Switch
- JG977A HP 5130-24G-PoE+-4SFP+ (370W) EI Brazil Switch
- JG978A HP 5130-48G-PoE+-4SFP+ (370W) EI Brazil Switch
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- CVE-2015-7979
- CVE-2015-8138
- 6125XLG - Version: R2422P02
- HP Network Products
- 711307-B21 HP 6125XLG Blade Switch
- 737230-B21 HP 6125XLG Blade Switch with TAA
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- CVE-2015-7979
- CVE-2015-8138
- 6127XLG - Version: R2422P02
- HP Network Products
- 787635-B21 HP 6127XLG Blade Switch Opt Kit
- 787635-B22 HP 6127XLG Blade Switch with TAA
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- CVE-2015-7979
- CVE-2015-8138
- Moonshot - Version: R2422P02
- HP Network Products
- 786617-B21 - HP Moonshot-45Gc Switch Module
- 704654-B21 - HP Moonshot-45XGc Switch Module
- 786619-B21 - HP Moonshot-180XGc Switch Module
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- CVE-2015-7979
- CVE-2015-8138
- 5700 (Comware 7) - Version: R2422P02
- HP Network Products
- JG894A HP FlexFabric 5700-48G-4XG-2QSFP+ Switch
- JG895A HP FlexFabric 5700-48G-4XG-2QSFP+ TAA-compliant Switch
- JG896A HP FlexFabric 5700-40XG-2QSFP+ Switch
- JG897A HP FlexFabric 5700-40XG-2QSFP+ TAA-compliant Switch
- JG898A HP FlexFabric 5700-32XGT-8XG-2QSFP+ Switch
- JG899A HP FlexFabric 5700-32XGT-8XG-2QSFP+ TAA-compliant Switch
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- CVE-2015-7979
- CVE-2015-8138
- 5930 (Comware 7) - Version: R2422P02
- HP Network Products
- JG726A HP FlexFabric 5930 32QSFP+ Switch
- JG727A HP FlexFabric 5930 32QSFP+ TAA-compliant Switch
- JH178A HP FlexFabric 5930 2QSFP+ 2-slot Switch
- JH179A HP FlexFabric 5930 4-slot Switch
- JH187A HP FlexFabric 5930 2QSFP+ 2-slot TAA-compliant Switch
- JH188A HP FlexFabric 5930 4-slot TAA-compliant Switch
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- CVE-2015-7979
- CVE-2015-8138
- HSR6600 (Comware 7) - Version: R7103P09
- HP Network Products
- JG353A HP HSR6602-G Router
- JG354A HP HSR6602-XG Router
- JG776A HP HSR6602-G TAA-compliant Router
- JG777A HP HSR6602-XG TAA-compliant Router
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- CVE-2015-7979
- CVE-2015-8138
- HSR6800 (Comware 7) - Version: R7103P10
- HP Network Products
- JG361A HP HSR6802 Router Chassis
- JG361B HP HSR6802 Router Chassis
- JG362A HP HSR6804 Router Chassis
- JG362B HP HSR6804 Router Chassis
- JG363A HP HSR6808 Router Chassis
- JG363B HP HSR6808 Router Chassis
- JG364A HP HSR6800 RSE-X2 Router Main Processing Unit
- JG779A HP HSR6800 RSE-X2 Router TAA-compliant Main Processing
- JH075A HP HSR6800 RSE-X3 Router Main Processing Unit
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- CVE-2015-7979
- CVE-2015-8138
- 1950 (Comware 7) - Version: R3115P01
- HP Network Products
- JG960A HP 1950-24G-4XG Switch
- JG961A HP 1950-48G-2SFP+-2XGT Switch
- JG962A HP 1950-24G-2SFP+-2XGT-PoE+(370W) Switch
- JG963A HP 1950-48G-2SFP+-2XGT-PoE+(370W) Switch
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- CVE-2015-7979
- CVE-2015-8138
- 7500 (Comware 7) - Version: R7184
- HP Network Products
- JD238C HP 7510 Switch Chassis
- JD239C HP 7506 Switch Chassis
- JD240C HP 7503 Switch Chassis
- JD242C HP 7502 Switch Chassis
- JH207A HP 7500 1.2Tbps Fabric with 2-port 40GbE QSFP+ for IRF-Only Main Processing Unit
- JH208A HP 7502 Main Processing Unit
- JH209A HP 7500 2.4Tbps Fabric with 8-port 1/10GbE SFP+ and 2-port 40GbE QSFP+ Main Processing Unit
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- CVE-2015-7979
- CVE-2015-8138
- 5510HI (Comware 7) - Version: R1120P10
- HP Network Products
- JH145A HPE 5510 24G 4SFP+ HI 1-slot Switch
- JH146A HPE 5510 48G 4SFP+ HI 1-slot Switch
- JH147A HPE 5510 24G PoE+ 4SFP+ HI 1-slot Switch
- JH148A HPE 5510 48G PoE+ 4SFP+ HI 1-slot Switch
- JH149A HPE 5510 24G SFP 4SFP+ HI 1-slot Switch
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- CVE-2015-7979
- CVE-2015-8138
- 5130HI (Comware 7) - Version: R1120P10
- HP Network Products
- JH323A HPE 5130 24G 4SFP+ 1-slot HI Switch
- JH324A HPE 5130 48G 4SFP+ 1-slot HI Switch
- JH325A HPE 5130 24G PoE+ 4SFP+ 1-slot HI Switch
- JH326A HPE 5130 48G PoE+ 4SFP+ 1-slot HI Switch
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- CVE-2015-7979
- CVE-2015-8138
- 5940 - Version: R2508
- HP Network Products
- JH390A HPE FlexFabric 5940 48SFP+ 6QSFP28 Switch
- JH391A HPE FlexFabric 5940 48XGT 6QSFP28 Switch
- JH394A HPE FlexFabric 5940 48XGT 6QSFP+ Switch
- JH395A HPE FlexFabric 5940 48SFP+ 6QSFP+ Switch
- JH396A HPE FlexFabric 5940 32QSFP+ Switch
- JH397A HPE FlexFabric 5940 2-slot Switch
- JH398A HPE FlexFabric 5940 4-slot Switch
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- CVE-2015-7979
- CVE-2015-8138
- 12900E (Comware 7) - Version: R2609
- HP Network Products
- JG619A HP FlexFabric 12910 Switch AC Chassis
- JG621A HP FlexFabric 12910 Main Processing Unit
- JG632A HP FlexFabric 12916 Switch AC Chassis
- JG634A HP FlexFabric 12916 Main Processing Unit
- JH104A HP FlexFabric 12900E Main Processing Unit
- JH114A HP FlexFabric 12910 TAA-compliant Main Processing Unit
- JH263A HP FlexFabric 12904E Main Processing Unit
- JH255A HP FlexFabric 12908E Switch Chassis
- JH262A HP FlexFabric 12904E Switch Chassis
- JH113A HP FlexFabric 12910 TAA-compliant Switch AC Chassis
- JH103A HP FlexFabric 12916E Switch Chassis
- CVEs
- CVE-2015-7973
- CVE-2015-7974
- CVE-2015-7979
- CVE-2015-8138
VCX Products
- VCX - Version: 9.8.19
- HP Network Products
- J9672A HP VCX V7205 Platform w/ DL360 G7 Srvr
- J9668A HP VCX IPC V7005 Pltfrm w/ DL120 G6 Srvr
- JC517A HP VCX V7205 Platform w/DL 360 G6 Server
- JE355A HP VCX V6000 Branch Platform 9.0
- JC516A HP VCX V7005 Platform w/DL 120 G6 Server
- JC518A HP VCX Connect 200 Primry 120 G6 Server
- J9669A HP VCX IPC V7310 Pltfrm w/ DL360 G7 Srvr
- JE341A HP VCX Connect 100 Secondary
- JE252A HP VCX Connect Primary MIM Module
- JE253A HP VCX Connect Secondary MIM Module
- JE254A HP VCX Branch MIM Module
- JE355A HP VCX V6000 Branch Platform 9.0
- JD028A HP MS30-40 RTR w/VCX + T1/FXO/FXS/Mod
- JD023A HP MSR30-40 Router with VCX MIM Module
- JD024A HP MSR30-16 RTR w/VCX Ent Br Com MIM
- JD025A HP MSR30-16 RTR w/VCX + 4FXO/2FXS Mod
- JD026A HP MSR30-16 RTR w/VCX + 8FXO/4FXS Mod
- JD027A HP MSR30-16 RTR w/VCX + 8BRI/4FXS Mod
- JD029A HP MSR30-16 RTR w/VCX + E1/4BRI/4FXS
- JE340A HP VCX Connect 100 Pri Server 9.0
- JE342A HP VCX Connect 100 Sec Server 9.0
- CVEs
- CVE-2015-7975
- CVE-2015-8158
Note: Please contact HPE Technical Support if any assistance is needed acquiring the software updates.
HISTORY Version:1 (rev.1) - 25 May 2017 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running Hewlett Packard Enterprise (HPE) software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HPE Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hpe.com.
Report: To report a potential security vulnerability for any HPE supported product: Web form: https://www.hpe.com/info/report-security-vulnerability Email: security-alert@hpe.com
Subscribe: To initiate a subscription to receive future HPE Security Bulletin alerts via Email: http://www.hpe.com/support/Subscriber_Choice
Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://www.hpe.com/support/Security_Bulletin_Archive
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HPE General Software HF = HPE Hardware and Firmware MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PV = ProCurve ST = Storage Software UX = HP-UX
Copyright 2016 Hewlett Packard Enterprise
Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett Packard Enterprise and the names of Hewlett Packard Enterprise products referenced herein are trademarks of Hewlett Packard Enterprise in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.
Gentoo Linux Security Advisory GLSA 201607-15
https://security.gentoo.org/
Severity: Normal Title: NTP: Multiple vulnerabilities Date: July 20, 2016 Bugs: #563774, #572452, #581528, #584954 ID: 201607-15
Synopsis
Multiple vulnerabilities have been found in NTP, the worst of which could lead to Denial of Service. Please review the CVE identifiers referenced below for details.
Resolution
All NTP users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/ntp-4.2.8_p8"
References
[ 1 ] CVE-2015-7691 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7691 [ 2 ] CVE-2015-7692 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7692 [ 3 ] CVE-2015-7701 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7701 [ 4 ] CVE-2015-7702 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7702 [ 5 ] CVE-2015-7703 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7703 [ 6 ] CVE-2015-7704 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7704 [ 7 ] CVE-2015-7705 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7705 [ 8 ] CVE-2015-7848 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7848 [ 9 ] CVE-2015-7849 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7849 [ 10 ] CVE-2015-7850 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7850 [ 11 ] CVE-2015-7851 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7851 [ 12 ] CVE-2015-7852 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7852 [ 13 ] CVE-2015-7853 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7853 [ 14 ] CVE-2015-7854 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7854 [ 15 ] CVE-2015-7855 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7855 [ 16 ] CVE-2015-7871 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7871 [ 17 ] CVE-2015-7973 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7973 [ 18 ] CVE-2015-7974 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7974 [ 19 ] CVE-2015-7975 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7975 [ 20 ] CVE-2015-7976 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7976 [ 21 ] CVE-2015-7977 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7977 [ 22 ] CVE-2015-7978 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7978 [ 23 ] CVE-2015-7979 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7979 [ 24 ] CVE-2015-8138 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8138 [ 25 ] CVE-2015-8139 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8139 [ 26 ] CVE-2015-8140 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8140 [ 27 ] CVE-2015-8158 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8158 [ 28 ] CVE-2016-1547 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1547 [ 29 ] CVE-2016-1548 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1548 [ 30 ] CVE-2016-1549 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1549 [ 31 ] CVE-2016-1550 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1550 [ 32 ] CVE-2016-1551 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1551 [ 33 ] CVE-2016-2516 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2516 [ 34 ] CVE-2016-2517 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2517 [ 35 ] CVE-2016-2518 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2518 [ 36 ] CVE-2016-2519 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2519 [ 37 ] CVE-2016-4953 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4953 [ 38 ] CVE-2016-4954 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4954 [ 39 ] CVE-2016-4955 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4955 [ 40 ] CVE-2016-4956 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4956 [ 41 ] CVE-2016-4957 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4957
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201607-15
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: ntp security update Advisory ID: RHSA-2016:0063-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-0063.html Issue date: 2016-01-25 CVE Names: CVE-2015-8138 =====================================================================
- Summary:
Updated ntp packages that fix one security issue are now available for Red Hat Enterprise Linux 6 and 7.
Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, noarch, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch, x86_64
- Description:
The Network Time Protocol (NTP) is used to synchronize a computer's time with a referenced time source.
It was discovered that ntpd as a client did not correctly check the originate timestamp in received packets. A remote attacker could use this flaw to send a crafted packet to an ntpd client that would effectively disable synchronization with the server, or push arbitrary offset/delay measurements to modify the time on the client. (CVE-2015-8138)
All ntp users are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue. After installing the update, the ntpd daemon will restart automatically.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1299442 - CVE-2015-8138 ntp: missing check for zero originate timestamp
- Package List:
Red Hat Enterprise Linux Desktop (v. 6):
Source: ntp-4.2.6p5-5.el6_7.4.src.rpm
i386: ntp-4.2.6p5-5.el6_7.4.i686.rpm ntp-debuginfo-4.2.6p5-5.el6_7.4.i686.rpm ntpdate-4.2.6p5-5.el6_7.4.i686.rpm
x86_64: ntp-4.2.6p5-5.el6_7.4.x86_64.rpm ntp-debuginfo-4.2.6p5-5.el6_7.4.x86_64.rpm ntpdate-4.2.6p5-5.el6_7.4.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
i386: ntp-debuginfo-4.2.6p5-5.el6_7.4.i686.rpm ntp-perl-4.2.6p5-5.el6_7.4.i686.rpm
noarch: ntp-doc-4.2.6p5-5.el6_7.4.noarch.rpm
x86_64: ntp-debuginfo-4.2.6p5-5.el6_7.4.x86_64.rpm ntp-perl-4.2.6p5-5.el6_7.4.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source: ntp-4.2.6p5-5.el6_7.4.src.rpm
x86_64: ntp-4.2.6p5-5.el6_7.4.x86_64.rpm ntp-debuginfo-4.2.6p5-5.el6_7.4.x86_64.rpm ntpdate-4.2.6p5-5.el6_7.4.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
noarch: ntp-doc-4.2.6p5-5.el6_7.4.noarch.rpm
x86_64: ntp-debuginfo-4.2.6p5-5.el6_7.4.x86_64.rpm ntp-perl-4.2.6p5-5.el6_7.4.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source: ntp-4.2.6p5-5.el6_7.4.src.rpm
i386: ntp-4.2.6p5-5.el6_7.4.i686.rpm ntp-debuginfo-4.2.6p5-5.el6_7.4.i686.rpm ntpdate-4.2.6p5-5.el6_7.4.i686.rpm
ppc64: ntp-4.2.6p5-5.el6_7.4.ppc64.rpm ntp-debuginfo-4.2.6p5-5.el6_7.4.ppc64.rpm ntpdate-4.2.6p5-5.el6_7.4.ppc64.rpm
s390x: ntp-4.2.6p5-5.el6_7.4.s390x.rpm ntp-debuginfo-4.2.6p5-5.el6_7.4.s390x.rpm ntpdate-4.2.6p5-5.el6_7.4.s390x.rpm
x86_64: ntp-4.2.6p5-5.el6_7.4.x86_64.rpm ntp-debuginfo-4.2.6p5-5.el6_7.4.x86_64.rpm ntpdate-4.2.6p5-5.el6_7.4.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
i386: ntp-debuginfo-4.2.6p5-5.el6_7.4.i686.rpm ntp-perl-4.2.6p5-5.el6_7.4.i686.rpm
noarch: ntp-doc-4.2.6p5-5.el6_7.4.noarch.rpm
ppc64: ntp-debuginfo-4.2.6p5-5.el6_7.4.ppc64.rpm ntp-perl-4.2.6p5-5.el6_7.4.ppc64.rpm
s390x: ntp-debuginfo-4.2.6p5-5.el6_7.4.s390x.rpm ntp-perl-4.2.6p5-5.el6_7.4.s390x.rpm
x86_64: ntp-debuginfo-4.2.6p5-5.el6_7.4.x86_64.rpm ntp-perl-4.2.6p5-5.el6_7.4.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source: ntp-4.2.6p5-5.el6_7.4.src.rpm
i386: ntp-4.2.6p5-5.el6_7.4.i686.rpm ntp-debuginfo-4.2.6p5-5.el6_7.4.i686.rpm ntpdate-4.2.6p5-5.el6_7.4.i686.rpm
x86_64: ntp-4.2.6p5-5.el6_7.4.x86_64.rpm ntp-debuginfo-4.2.6p5-5.el6_7.4.x86_64.rpm ntpdate-4.2.6p5-5.el6_7.4.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
i386: ntp-debuginfo-4.2.6p5-5.el6_7.4.i686.rpm ntp-perl-4.2.6p5-5.el6_7.4.i686.rpm
noarch: ntp-doc-4.2.6p5-5.el6_7.4.noarch.rpm
x86_64: ntp-debuginfo-4.2.6p5-5.el6_7.4.x86_64.rpm ntp-perl-4.2.6p5-5.el6_7.4.x86_64.rpm
Red Hat Enterprise Linux Client (v. 7):
Source: ntp-4.2.6p5-22.el7_2.1.src.rpm
x86_64: ntp-4.2.6p5-22.el7_2.1.x86_64.rpm ntp-debuginfo-4.2.6p5-22.el7_2.1.x86_64.rpm ntpdate-4.2.6p5-22.el7_2.1.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
noarch: ntp-doc-4.2.6p5-22.el7_2.1.noarch.rpm ntp-perl-4.2.6p5-22.el7_2.1.noarch.rpm
x86_64: ntp-debuginfo-4.2.6p5-22.el7_2.1.x86_64.rpm sntp-4.2.6p5-22.el7_2.1.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: ntp-4.2.6p5-22.el7_2.1.src.rpm
x86_64: ntp-4.2.6p5-22.el7_2.1.x86_64.rpm ntp-debuginfo-4.2.6p5-22.el7_2.1.x86_64.rpm ntpdate-4.2.6p5-22.el7_2.1.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
noarch: ntp-doc-4.2.6p5-22.el7_2.1.noarch.rpm ntp-perl-4.2.6p5-22.el7_2.1.noarch.rpm
x86_64: ntp-debuginfo-4.2.6p5-22.el7_2.1.x86_64.rpm sntp-4.2.6p5-22.el7_2.1.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: ntp-4.2.6p5-22.el7_2.1.src.rpm
ppc64: ntp-4.2.6p5-22.el7_2.1.ppc64.rpm ntp-debuginfo-4.2.6p5-22.el7_2.1.ppc64.rpm ntpdate-4.2.6p5-22.el7_2.1.ppc64.rpm
ppc64le: ntp-4.2.6p5-22.el7_2.1.ppc64le.rpm ntp-debuginfo-4.2.6p5-22.el7_2.1.ppc64le.rpm ntpdate-4.2.6p5-22.el7_2.1.ppc64le.rpm
s390x: ntp-4.2.6p5-22.el7_2.1.s390x.rpm ntp-debuginfo-4.2.6p5-22.el7_2.1.s390x.rpm ntpdate-4.2.6p5-22.el7_2.1.s390x.rpm
x86_64: ntp-4.2.6p5-22.el7_2.1.x86_64.rpm ntp-debuginfo-4.2.6p5-22.el7_2.1.x86_64.rpm ntpdate-4.2.6p5-22.el7_2.1.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
noarch: ntp-doc-4.2.6p5-22.el7_2.1.noarch.rpm ntp-perl-4.2.6p5-22.el7_2.1.noarch.rpm
ppc64: ntp-debuginfo-4.2.6p5-22.el7_2.1.ppc64.rpm sntp-4.2.6p5-22.el7_2.1.ppc64.rpm
ppc64le: ntp-debuginfo-4.2.6p5-22.el7_2.1.ppc64le.rpm sntp-4.2.6p5-22.el7_2.1.ppc64le.rpm
s390x: ntp-debuginfo-4.2.6p5-22.el7_2.1.s390x.rpm sntp-4.2.6p5-22.el7_2.1.s390x.rpm
x86_64: ntp-debuginfo-4.2.6p5-22.el7_2.1.x86_64.rpm sntp-4.2.6p5-22.el7_2.1.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: ntp-4.2.6p5-22.el7_2.1.src.rpm
x86_64: ntp-4.2.6p5-22.el7_2.1.x86_64.rpm ntp-debuginfo-4.2.6p5-22.el7_2.1.x86_64.rpm ntpdate-4.2.6p5-22.el7_2.1.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
noarch: ntp-doc-4.2.6p5-22.el7_2.1.noarch.rpm ntp-perl-4.2.6p5-22.el7_2.1.noarch.rpm
x86_64: ntp-debuginfo-4.2.6p5-22.el7_2.1.x86_64.rpm sntp-4.2.6p5-22.el7_2.1.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2015-8138 https://access.redhat.com/security/updates/classification/#important
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFWpijmXlSAg2UNWIIRAlKDAJ9cuPIz/2ne6I5rsDoKlg2rFxFKlQCbBhEi h+3u/C5uuGO6PsIJukpD32I= =Osu4 -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce .
Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patches/packages/ntp-4.2.8p7-i486-1_slack14.1.txz: Upgraded. This release patches several low and medium severity security issues: CVE-2016-1551: Refclock impersonation vulnerability, AKA: refclock-peering CVE-2016-1549: Sybil vulnerability: ephemeral association attack, AKA: ntp-sybil - MITIGATION ONLY CVE-2016-2516: Duplicate IPs on unconfig directives will cause an assertion botch CVE-2016-2517: Remote configuration trustedkey/requestkey values are not properly validated CVE-2016-2518: Crafted addpeer with hmode > 7 causes array wraparound with MATCH_ASSOC CVE-2016-2519: ctl_getitem() return value not always checked CVE-2016-1547: Validate crypto-NAKs, AKA: nak-dos CVE-2016-1548: Interleave-pivot - MITIGATION ONLY CVE-2015-7704: KoD fix: peer associations were broken by the fix for NtpBug2901, AKA: Symmetric active/passive mode is broken CVE-2015-8138: Zero Origin Timestamp Bypass, AKA: Additional KoD Checks CVE-2016-1550: Improve NTP security against buffer comparison timing attacks, authdecrypt-timing, AKA: authdecrypt-timing For more information, see: http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7704 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8138 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1547 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1548 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1549 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1550 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1551 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2516 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2517 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2518 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2519 ( Security fix ) +--------------------------+
Where to find the new packages: +-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.
Updated package for Slackware 13.0: ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/ntp-4.2.8p7-i486-1_slack13.0.txz
Updated package for Slackware x86_64 13.0: ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/ntp-4.2.8p7-x86_64-1_slack13.0.txz
Updated package for Slackware 13.1: ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/ntp-4.2.8p7-i486-1_slack13.1.txz
Updated package for Slackware x86_64 13.1: ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/ntp-4.2.8p7-x86_64-1_slack13.1.txz
Updated package for Slackware 13.37: ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/ntp-4.2.8p7-i486-1_slack13.37.txz
Updated package for Slackware x86_64 13.37: ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/ntp-4.2.8p7-x86_64-1_slack13.37.txz
Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/ntp-4.2.8p7-i486-1_slack14.0.txz
Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/ntp-4.2.8p7-x86_64-1_slack14.0.txz
Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/ntp-4.2.8p7-i486-1_slack14.1.txz
Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/ntp-4.2.8p7-x86_64-1_slack14.1.txz
Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/ntp-4.2.8p7-i586-1.txz
Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/ntp-4.2.8p7-x86_64-1.txz
MD5 signatures: +-------------+
Slackware 13.0 package: 785dc2ef5f80edb28dc781e261c3fe3f ntp-4.2.8p7-i486-1_slack13.0.txz
Slackware x86_64 13.0 package: 899421096b7b63e6cb269f8b01dfd875 ntp-4.2.8p7-x86_64-1_slack13.0.txz
Slackware 13.1 package: dfd34cbd31be3572a2bcae7f59cdfd91 ntp-4.2.8p7-i486-1_slack13.1.txz
Slackware x86_64 13.1 package: 63c4b31736040e7950361cd0d7081c8b ntp-4.2.8p7-x86_64-1_slack13.1.txz
Slackware 13.37 package: e760ae0c6cc3fa933e4d65d6995b0c84 ntp-4.2.8p7-i486-1_slack13.37.txz
Slackware x86_64 13.37 package: aa448523b27bb4fcccc2f46cf4d72bc5 ntp-4.2.8p7-x86_64-1_slack13.37.txz
Slackware 14.0 package: 3bc7e54a4164a4f91be996b5cf2e643e ntp-4.2.8p7-i486-1_slack14.0.txz
Slackware x86_64 14.0 package: 0f6ea4dae476709f26f5d0e33378576c ntp-4.2.8p7-x86_64-1_slack14.0.txz
Slackware 14.1 package: dbe827ee7ece6ce5ca083cdd5960162c ntp-4.2.8p7-i486-1_slack14.1.txz
Slackware x86_64 14.1 package: 89f3edf183a6a9847d69b8349f98c901 ntp-4.2.8p7-x86_64-1_slack14.1.txz
Slackware -current package: 4018b86edd15e40e8c5e9f50d907dcff n/ntp-4.2.8p7-i586-1.txz
Slackware x86_64 -current package: 7dd6b64ba8c9fdaebb7becc1f5c3963d n/ntp-4.2.8p7-x86_64-1.txz
Installation instructions: +------------------------+
Upgrade the package as root:
upgradepkg ntp-4.2.8p7-i486-1_slack14.1.txz
Then, restart the NTP daemon:
sh /etc/rc.d/rc.ntpd restart
+-----+
Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com
+------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address.
References:
- CVE-2015-7973 - ntp
- CVE-2015-7974 - ntp
- CVE-2015-7975 - ntp
- CVE-2015-7979 - ntp
- CVE-2015-8138 - ntp
- CVE-2015-8158 - ntp
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
CVE-2015-8138
Matthew van Gundy and Jonathan Gardner discovered that missing
validation of origin timestamps in ntpd clients may result in denial
of service.
CVE-2015-8158
Jonathan Gardner discovered that missing input sanitising in ntpq
may result in denial of service.
CVE-2016-1547
Stephen Gray and Matthew van Gundy discovered that incorrect handling
of crypto NAK packets my result in denial of service.
CVE-2016-1548
Jonathan Gardner and Miroslav Lichvar discovered that ntpd clients
could be forced to change from basic client/server mode to interleaved
symmetric mode, preventing time synchronisation.
CVE-2016-1550
Matthew van Gundy, Stephen Gray and Loganaden Velvindron discovered
that timing leaks in the the packet authentication code could result
in recovery of a message digest.
CVE-2016-2516
Yihan Lian discovered that duplicate IPs on "unconfig" directives will
trigger an assert.
CVE-2016-2518
Yihan Lian discovered that an OOB memory access could potentially
crash ntpd.
For the stable distribution (jessie), these problems have been fixed in version 1:4.2.6.p5+dfsg-7+deb8u2.
For the testing distribution (stretch), these problems have been fixed in version 1:4.2.8p7+dfsg-1.
For the unstable distribution (sid), these problems have been fixed in version 1:4.2.8p7+dfsg-1.
We recommend that you upgrade your ntp packages. Corrected: 2016-01-22 15:55:21 UTC (stable/10, 10.2-STABLE) 2016-01-27 07:41:31 UTC (releng/10.2, 10.2-RELEASE-p11) 2016-01-27 07:41:31 UTC (releng/10.1, 10.1-RELEASE-p28) 2016-01-22 15:56:35 UTC (stable/9, 9.3-STABLE) 2016-01-27 07:42:11 UTC (releng/9.3, 9.3-RELEASE-p35) CVE Name: CVE-2015-7973, CVE-2015-7974, CVE-2015-7975, CVE-2015-7976, CVE-2015-7977, CVE-2015-7978, CVE-2015-7979, CVE-2015-8138, CVE-2015-8139, CVE-2015-8140, CVE-2015-8158
For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit .
II. Problem Description
Multiple vulnerabilities have been discovered in ntp 4.2.8p5:
Potential Infinite Loop in ntpq. [CVE-2015-8138]
Off-path Denial of Service (DoS) attack on authenticated broadcast mode. [CVE-2015-7979]
Stack exhaustion in recursive traversal of restriction list. [CVE-2015-7978]
reslist NULL pointer dereference. [CVE-2015-7977]
ntpq saveconfig command allows dangerous characters in filenames. [CVE-2015-7976]
nextvar() missing length check. [CVE-2015-7975]
Skeleton Key: Missing key check allows impersonation between authenticated peers. [CVE-2015-7974]
Deja Vu: Replay attack on authenticated broadcast mode. [CVE-2015-7973]
ntpq vulnerable to replay attacks. [CVE-2015-8140]
Origin Leak: ntpq and ntpdc, disclose origin. [CVE-2015-8139]
III. Impact
A malicious NTP server, or an attacker who can conduct MITM attack by intercepting NTP query traffic, may be able to cause a ntpq client to infinitely loop. [CVE-2015-8158]
A malicious NTP server, or an attacker who can conduct MITM attack by intercepting NTP query traffic, may be able to prevent a ntpd(8) daemon to distinguish between legitimate peer responses from forgeries. This can partially be mitigated by configuring multiple time sources. [CVE-2015-8138]
An off-path attacker who can send broadcast packets with bad authentication (wrong key, mismatched key, incorrect MAC, etc) to broadcast clients can cause these clients to tear down associations. [CVE-2015-7979]
An attacker who can send unauthenticated 'reslist' command to a NTP server may cause it to crash, resulting in a denial of service condition due to stack exhaustion [CVE-2015-7978] or a NULL pointer dereference [CVE-2015-7977].
An attacker who can send 'modify' requests to a NTP server may be able to create file that contain dangerous characters in their name, which could cause dangerous behavior in a later shell invocation. [CVE-2015-7976]
A remote attacker may be able to crash a ntpq client. [CVE-2015-7975]
A malicious server which holds a trusted key may be able to impersonate other trusted servers in an authenticated configuration. [CVE-2015-7974]
A man-in-the-middle attacker or a malicious participant that has the same trusted keys as the victim can replay time packets if the NTP network is configured for broadcast operations. [CVE-2015-7973]
The ntpq protocol is vulnerable to replay attacks which may be used to e.g. re-establish an association to malicious server. [CVE-2015-8140]
An attacker who can intercept NTP traffic can easily forge live server responses. [CVE-2015-8139]
IV. Workaround
No workaround is available, but systems not running ntpd(8) are not affected. Network administrators are advised to implement BCP-38, which helps to reduce risk associated with the attacks.
V. Solution
Perform one of the following:
1) Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date. A reboot is recommended but not required.
2) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility:
freebsd-update fetch
freebsd-update install
The ntpd service has to be restarted after the update. A reboot is recommended but not required.
3) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to the applicable FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.
fetch https://security.FreeBSD.org/patches/SA-16:09/ntp.patch
fetch https://security.FreeBSD.org/patches/SA-16:09/ntp.patch.asc
gpg --verify ntp.patch.asc
b) Apply the patch. Execute the following commands as root:
cd /usr/src
patch < /path/to/patch
c) Recompile the operating system using buildworld and installworld as described in .
Restart the applicable daemons, or reboot the system.
VI. Correction details
The following list contains the correction revision numbers for each affected branch.
Branch/path Revision
stable/9/ r294570 releng/9.3/ r294905 stable/10/ r294569 releng/10.1/ r294904 releng/10.2/ r294904
To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed:
svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
VII
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201701-1135",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ntp",
"scope": "eq",
"trust": 1.9,
"vendor": "ntp",
"version": "4.3.25"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.6,
"vendor": "ntp",
"version": "4.3.22"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.6,
"vendor": "ntp",
"version": "4.3.29"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.6,
"vendor": "ntp",
"version": "4.3.20"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.6,
"vendor": "ntp",
"version": "4.3.23"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.6,
"vendor": "ntp",
"version": "4.3.21"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.6,
"vendor": "ntp",
"version": "4.3.24"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.6,
"vendor": "ntp",
"version": "4.3.26"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.6,
"vendor": "ntp",
"version": "4.3.27"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.6,
"vendor": "ntp",
"version": "4.3.28"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.3,
"vendor": "ntp",
"version": "4.3.77"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.3,
"vendor": "ntp",
"version": "4.3.70"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.36"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.71"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.56"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.65"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.51"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.13"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.48"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.81"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.63"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.16"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.12"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.74"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.80"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.50"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.8"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.87"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.62"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.54"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.78"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.73"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.5"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.6"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.49"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.4"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.89"
},
{
"model": "ntp",
"scope": "lte",
"trust": 1.0,
"vendor": "ntp",
"version": "4.2.8"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.46"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.14"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.82"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.1"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.3"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.75"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.34"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.67"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.11"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.32"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.41"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.31"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.52"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.18"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.88"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.33"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.2"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.83"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.84"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.44"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.45"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.59"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.39"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.64"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.57"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.85"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.43"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.0"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.86"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.53"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.7"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.55"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.35"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.10"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.38"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.40"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.42"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.69"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.60"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.79"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.66"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.72"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.61"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.47"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.30"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.68"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.15"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.37"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.19"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.76"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.58"
},
{
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.17"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ntp",
"version": null
},
{
"model": "ntp",
"scope": "eq",
"trust": 0.8,
"vendor": "ntp",
"version": "4.2.8p6"
},
{
"model": "ntp",
"scope": "lt",
"trust": 0.8,
"vendor": "ntp",
"version": "4.3.x"
},
{
"model": "ntp",
"scope": "eq",
"trust": 0.8,
"vendor": "ntp",
"version": null
},
{
"model": "ntp",
"scope": "eq",
"trust": 0.8,
"vendor": "ntp",
"version": "4.3.90"
},
{
"model": "junos 15.1f6-s4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.3.0.0"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "10.2-release-p8",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.211"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "7"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"model": "junos 14.2r7-s6",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.5"
},
{
"model": "junos 14.1r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.1"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"model": "4.2.8p6",
"scope": "ne",
"trust": 0.3,
"vendor": "ntp",
"version": null
},
{
"model": "junos 14.1r8-s3",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "smartcloud entry appliance fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.24"
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4.0.0"
},
{
"model": "10.1-release-p26",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "edge digital media player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3400"
},
{
"model": "junos 15.1f3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "small business series wireless access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3210"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.3"
},
{
"model": "p7-rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "ntp",
"version": "4.2.4"
},
{
"model": "jabber guest",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0(2)"
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.219"
},
{
"model": "10.1-release-p5",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "junos 14.2r7",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "smartcloud entry appliance fi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.4"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.2"
},
{
"model": "real-time compression appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.2"
},
{
"model": "prime license manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 14.1r8",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 16.2r1-s3",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 14.2r8",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "visual quality experience server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "9.3-release-p22",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.22"
},
{
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.4.0"
},
{
"model": "junos 14.1r3-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 14.1r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "prime collaboration assurance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ntp",
"scope": "eq",
"trust": 0.3,
"vendor": "ntp",
"version": "4.2.7"
},
{
"model": "9.3-release-p10",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.3-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "prime infrastructure standalone plug and play gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 14.1r4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.4"
},
{
"model": "4.2.8p3",
"scope": null,
"trust": 0.3,
"vendor": "ntp",
"version": null
},
{
"model": "junos 12.3x48-d15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "prime access registrar appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "scos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 14.1r4-s7",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "10.1-release-p17",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "junos 14.2r4-s1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.3x48-d55",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 15.1r5-s2",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "integrated management module ii for flex systems 1aoo74f-5.80",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "junos 15.1r6",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 15.1f2-s16",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "smartcloud entry appliance fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.44"
},
{
"model": "ntp",
"scope": "eq",
"trust": 0.3,
"vendor": "ntp",
"version": "4.2.6"
},
{
"model": "10.2-release-p11",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "clean access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "common services platform collector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "10.2-release-p9",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "10.1-release-p27",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "junos 16.1r3-s3",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "media experience engines",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "wap371 wireless access point",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.2"
},
{
"model": "p1",
"scope": "eq",
"trust": 0.3,
"vendor": "ntp",
"version": "4.2.2"
},
{
"model": "10.2-release-p6",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 17.1r1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 15.1x53-d70",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 14.2r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 16.2r2",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.42"
},
{
"model": "junos 14.1r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 16.1r4-s1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "show and share",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "sentinel",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ucs director",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence isdn link",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "physical access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.08"
},
{
"model": "junos 12.3x48-d30",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "communications session border controller",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "7.2.0"
},
{
"model": "smartcloud entry appliance fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.0.4"
},
{
"model": "nac guest server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "enterprise content delivery system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1"
},
{
"model": "junos 14.2r6.5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.08"
},
{
"model": "10.2-release-p10",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "smartcloud entry appliance fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.0.3"
},
{
"model": "video delivery system recorder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.213"
},
{
"model": "ntpd",
"scope": "eq",
"trust": 0.3,
"vendor": "ntp",
"version": "4.3"
},
{
"model": "communications session border controller",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "7.3.0"
},
{
"model": "websphere datapower xc10 appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.5"
},
{
"model": "integrated management module ii for flex systems 1aoo",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "4.2.5p186",
"scope": null,
"trust": 0.3,
"vendor": "ntp",
"version": null
},
{
"model": "9.3-release-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "smartcloud entry appliance fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.22"
},
{
"model": "9.3-stable",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "10.1-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "10.1-release-p9",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.1"
},
{
"model": "4.2.5p3",
"scope": null,
"trust": 0.3,
"vendor": "ntp",
"version": null
},
{
"model": "smartcloud entry appliance fixpac",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.1"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.2"
},
{
"model": "flex system fc3171 8gb san switch and san pass-thru",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.0.00"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.1"
},
{
"model": "smartcloud entry appliance fix pack",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.46"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.5"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.3"
},
{
"model": "unity express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smartcloud entry appliance fix pack",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.26"
},
{
"model": "junos 15.1r4-s7",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "4.2.8p5",
"scope": null,
"trust": 0.3,
"vendor": "ntp",
"version": null
},
{
"model": "telepresence exchange system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "7"
},
{
"model": "4.2.7p111",
"scope": null,
"trust": 0.3,
"vendor": "ntp",
"version": null
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"model": "9.3-release-p3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.32"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.3"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.2"
},
{
"model": "hosted collaboration mediation fulfillment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.0"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "smartcloud entry appliance fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.34"
},
{
"model": "junos 15.1f2-s5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "intrusion prevention system solutions",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime access registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "onepk all-in-one vm",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "integrated management module ii for system 1aoo",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x"
},
{
"model": "junos 15.1f5-s7",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.0"
},
{
"model": "junos 12.3x48-d35",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "9.3-release-p25",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "ntp",
"scope": "ne",
"trust": 0.3,
"vendor": "ntp",
"version": "4.3.90"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.1"
},
{
"model": "series ip phones vpn feature",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8800-0"
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.21"
},
{
"model": "small business series wireless access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1210"
},
{
"model": "industrial router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9100"
},
{
"model": "junos 14.2r5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 17.2r",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "smartcloud entry fixpack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.0.33"
},
{
"model": "10.1-release-p28",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2"
},
{
"model": "video distribution suite for internet streaming",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.31"
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.218"
},
{
"model": "websphere datapower xc10 appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "4.2.7p366",
"scope": null,
"trust": 0.3,
"vendor": "ntp",
"version": null
},
{
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.20"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"model": "p4",
"scope": "eq",
"trust": 0.3,
"vendor": "ntp",
"version": "4.2.4"
},
{
"model": "junos 14.2r6-s4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "linux x86 64 -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"model": "junos 14.2r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.3"
},
{
"model": "junos 14.2r6",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "dcm series 9900-digital content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.3"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.0"
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.214"
},
{
"model": "9.3-release-p21",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "junos 12.3x48-d40",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "smartcloud entry fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.19"
},
{
"model": "junos 12.3x48-d50",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "9.3-release-p24",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.3-release-p35",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "junos 15.1f7",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "smartcloud entry appliance fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.4"
},
{
"model": "10.1-release-p19",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "smartcloud entry appliance fixpac",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"model": "integrated management module ii for bladecenter 1aoo74f-5.80",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "flex system fc3171 8gb san switch and san pass-thru",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.8.01.00"
},
{
"model": "p153",
"scope": "eq",
"trust": 0.3,
"vendor": "ntp",
"version": "4.2.5"
},
{
"model": "9.3-release-p13",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.113"
},
{
"model": "network device security assessment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smartcloud entry appliance fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.0.4"
},
{
"model": "junos 14.1r6-s1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "integrated management module ii for bladecenter 1aoo",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "smartcloud entry appliance fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.11"
},
{
"model": "asa cx and cisco prime security manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 12.3x48-d45",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 15.1f4-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.110"
},
{
"model": "standalone rack server cimc",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.0.0"
},
{
"model": "9.3-release-p33",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.37"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "10.2"
},
{
"model": "junos 15.1f5-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "smartcloud entry appliance fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.21"
},
{
"model": "junos 15.1x53-d64",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "smartcloud entry appliance fix pack",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.36"
},
{
"model": "telepresence video communication server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 16.1r5",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "telepresence sx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "10.1-release-p25",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "junos 14.2r3-s4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 15.1f6",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "14.04"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "meetingplace",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "qlogic virtual fabric extension module for ibm bladecenter",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.3.16.00"
},
{
"model": "smartcloud entry appliance fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.0.3"
},
{
"model": "unified computing system e-series blade server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.0"
},
{
"model": "junos 14.2r2.8",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 15.1f1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "p74",
"scope": "eq",
"trust": 0.3,
"vendor": "ntp",
"version": "4.2.5"
},
{
"model": "expressway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smartcloud entry appliance fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.4"
},
{
"model": "ntp",
"scope": "eq",
"trust": 0.3,
"vendor": "ntp",
"version": "4.2.8"
},
{
"model": "integrated management module ii for system 1aoo74f-5.80",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "x"
},
{
"model": "4.2.8p2",
"scope": null,
"trust": 0.3,
"vendor": "ntp",
"version": null
},
{
"model": "10.1-release-p6",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "junos 15.1f5-s5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "edge digital media player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3000"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"model": "smartcloud entry appliance fi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.0.4"
},
{
"model": "management heartbeat server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.09"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"model": "smartcloud entry appliance fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.4"
},
{
"model": "real-time compression appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.17"
},
{
"model": "p6",
"scope": "eq",
"trust": 0.3,
"vendor": "ntp",
"version": "4.2.4"
},
{
"model": "connected grid routers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 12.3x48-d10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "telepresence integrator c series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.2"
},
{
"model": "p7",
"scope": "eq",
"trust": 0.3,
"vendor": "ntp",
"version": "4.2.4"
},
{
"model": "4.2.0.a",
"scope": null,
"trust": 0.3,
"vendor": "ntp",
"version": null
},
{
"model": "nac server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smartcloud entry appliance fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.3"
},
{
"model": "smartcloud entry appliance fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.12"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.1"
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.01"
},
{
"model": "junos 14.1r6",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "ntp",
"scope": "eq",
"trust": 0.3,
"vendor": "ntp",
"version": "4.1.2"
},
{
"model": "nac appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "p5",
"scope": "eq",
"trust": 0.3,
"vendor": "ntp",
"version": "4.2.4"
},
{
"model": "9.3-release-p31",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "smartcloud entry appliance fixpac",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.3"
},
{
"model": "junos 12.3x48-d30.7",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.09"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.02"
},
{
"model": "application policy infrastructure controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "network analysis module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 14.1r3-s9",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "4.2.8p4",
"scope": null,
"trust": 0.3,
"vendor": "ntp",
"version": null
},
{
"model": "prime infrastructure",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1.0.0"
},
{
"model": "identity services engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 17.2r1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "telepresence ex series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "qlogic virtual fabric extension module for ibm bladecenter",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "4.2.7p11",
"scope": null,
"trust": 0.3,
"vendor": "ntp",
"version": null
},
{
"model": "smartcloud entry jre update",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.0.34"
},
{
"model": "junos 15.1f2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.37"
},
{
"model": "p150",
"scope": "eq",
"trust": 0.3,
"vendor": "ntp",
"version": "4.2.5"
},
{
"model": "junos 15.1f2-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 15.1x49-d80",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "10.2-stable",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "junos 14.1r5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 15.1f5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "9.3-release-p5",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "smartcloud entry fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.010"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.1"
},
{
"model": "telepresence conductor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smartcloud entry appliance fixpac",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"model": "security access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"model": "content security appliance updater servers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "6"
},
{
"model": "p8",
"scope": "eq",
"trust": 0.3,
"vendor": "ntp",
"version": "4.2.4"
},
{
"model": "10.1-release-p23",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "junos 12.3x48-d25",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "10.1-release-p16",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "unified communications manager session management edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 14.1r9",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "9.3-release-p6",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "support central",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "9.3-release-p9",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "junos 15.1f4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 14.1r7",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "small business series wireless access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"model": "virtual security gateway for microsoft hyper-v",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 15.1f6-s5",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "p4",
"scope": "eq",
"trust": 0.3,
"vendor": "ntp",
"version": "4.2.2"
},
{
"model": "junos 15.1x53-d231",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "prime service catalog virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 12.3x48-d20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "access registrar appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 14.2r4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "videoscape control suite",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "9.3-release-p34",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"model": "junos 15.1f2-s14",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "telepresence mx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 14.2r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "ucs central",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence profile series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "visual quality experience tools server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "4.2.8p1",
"scope": null,
"trust": 0.3,
"vendor": "ntp",
"version": null
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.4"
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "qlogic 8gb intelligent pass-thru module and san switch module",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.10.1.38.00"
},
{
"model": "im and presence service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "9.3-release-p29",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "smartcloud entry appliance fi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.0.4"
},
{
"model": "cloud object store",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "qlogic 8gb intelligent pass-thru module and san switch module",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.10"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#718152"
},
{
"db": "BID",
"id": "81811"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007359"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-668"
},
{
"db": "NVD",
"id": "CVE-2015-8138"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.19:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.26:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.27:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.33:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.34:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.35:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.41:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.23:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.38:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.39:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.45:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.46:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.52:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.53:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.60:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.61:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.68:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.69:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.75:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.76:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.77:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.83:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.84:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.21:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.28:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.29:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.36:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.37:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.43:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.44:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.50:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.51:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.59:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.66:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.67:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.73:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.74:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.81:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.82:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.89:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:*:p5:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.2.8",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.42:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.49:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.57:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.58:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.64:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.65:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.71:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.72:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.80:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.87:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.88:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.24:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.25:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.32:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.40:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.47:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.48:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.54:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.55:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.56:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.62:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.63:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.70:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.78:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.79:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.85:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.3.86:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-8138"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens reported these vulnerabilities to CISA.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-668"
}
],
"trust": 0.6
},
"cve": "CVE-2015-8138",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": true,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2015-8138",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.3,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2015-8138",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2015-8138",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201601-668",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2015-8138",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-8138"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007359"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-668"
},
{
"db": "NVD",
"id": "CVE-2015-8138"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to bypass the origin timestamp validation via a packet with an origin timestamp set to zero. The NTP.org reference implementation of ntpd contains multiple vulnerabilities. NTP is prone to a denial-of-service vulnerability. \nSuccessful exploits may allow the attacker to cause a denial-of-service condition. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03750en_us\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: hpesbhf03750en_us\nVersion: 1\n\nHPESBHF03750 rev.1 - HPE Network Products including Comware 5, Comware 7 and\nVCX running NTP, Remote Denial of Service (DoS), Unauthorized Modification,\nLocal Denial of Service (DoS)\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2017-05-25\nLast Updated: 2017-05-25\n\nPotential Security Impact: Local: Denial of Service (DoS); Remote: Denial of\nService (DoS), Unauthorized Modification\n\nSource: Hewlett Packard Enterprise, Product Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities with NTP have been addressed for HPE\nnetwork products including Comware 5, Comware 7 and VCX. \n\n - Comware v5 (CW5) Products All versions - Please refer to the RESOLUTION\nbelow for a list of updated products. \n - Comware v7 (CW7) Products All versions - Please refer to the RESOLUTION\nbelow for a list of updated products. \n - VCX Products All versions - Please refer to the RESOLUTION below for a\nlist of updated products. \n\nBACKGROUND\n\n CVSS Base Metrics\n =================\n Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector\n\n CVE-2015-7973\n 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L\n 5.8 (AV:N/AC:M/Au:N/C:N/I:P/A:P)\n\n CVE-2015-7974\n 3.1 CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N\n 2.1 (AV:N/AC:H/Au:S/C:N/I:P/A:N)\n\n CVE-2015-7975\n 4.0 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\n 2.1 (AV:L/AC:L/Au:N/C:N/I:N/A:P)\n\n CVE-2015-7979\n 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\n 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n CVE-2015-8138\n 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\n 5.0 (AV:N/AC:L/Au:N/C:N/I:P/A:N)\n\n CVE-2015-8158\n 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\n 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)\n\n Information on CVSS is documented in\n HPE Customer Notice HPSN-2008-002 here:\n\nhttps://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499\n\nRESOLUTION\n\nHPE has made the following software updates available to resolve the\nvulnerabilities in the Comware and VCX products running NTP. \n\n**COMWARE 5 Products**\n\n + A6600 (Comware 5) - Version: R3303P31\n * HP Network Products\n - JC165A HP 6600 RPE-X1 Router Module\n - JC177A HP 6608 Router\n - JC177B HP 6608 Router Chassis\n - JC178A HP 6604 Router Chassis\n - JC178B HP 6604 Router Chassis\n - JC496A HP 6616 Router Chassis\n - JC566A HP 6600 RSE-X1 Router Main Processing Unit\n - JG780A HP 6600 RSE-X1 TAA-compliant Main Processing Unit\n - JG781A HP 6600 RPE-X1 TAA-compliant Main Processing Unit\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n + HSR6602 (Comware 5) - Version: R3303P31\n * HP Network Products\n - JC176A HP 6602 Router Chassis\n - JG353A HP HSR6602-G Router\n - JG354A HP HSR6602-XG Router\n - JG355A HP 6600 MCP-X1 Router Main Processing Unit\n - JG356A HP 6600 MCP-X2 Router Main Processing Unit\n - JG776A HP HSR6602-G TAA-compliant Router\n - JG777A HP HSR6602-XG TAA-compliant Router\n - JG778A HP 6600 MCP-X2 Router TAA-compliant Main Processing Unit\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n + HSR6800 (Comware 5) - Version: R3303P31\n * HP Network Products\n - JG361A HP HSR6802 Router Chassis\n - JG361B HP HSR6802 Router Chassis\n - JG362A HP HSR6804 Router Chassis\n - JG362B HP HSR6804 Router Chassis\n - JG363A HP HSR6808 Router Chassis\n - JG363B HP HSR6808 Router Chassis\n - JG364A HP HSR6800 RSE-X2 Router Main Processing Unit\n - JG779A HP HSR6800 RSE-X2 Router TAA-compliant Main Processing Unit\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n + MSR20 (Comware 5) - Version: R2516P06\n * HP Network Products\n - JD432A HP A-MSR20-21 Router\n - JD662A HP MSR20-20 Router\n - JD663A HP A-MSR20-21 Router\n - JD663B HP MSR20-21 Router\n - JD664A HP MSR20-40 Router\n - JF228A HP MSR20-40 Router\n - JF283A HP MSR20-20 Router\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n + MSR20-1X (Comware 5) - Version: R2516P06\n * HP Network Products\n - JD431A HP MSR20-10 Router\n - JD667A HP MSR20-15 IW Multi-Service Router\n - JD668A HP MSR20-13 Multi-Service Router\n - JD669A HP MSR20-13 W Multi-Service Router\n - JD670A HP MSR20-15 A Multi-Service Router\n - JD671A HP MSR20-15 AW Multi-Service Router\n - JD672A HP MSR20-15 I Multi-Service Router\n - JD673A HP MSR20-11 Multi-Service Router\n - JD674A HP MSR20-12 Multi-Service Router\n - JD675A HP MSR20-12 W Multi-Service Router\n - JD676A HP MSR20-12 T1 Multi-Service Router\n - JF236A HP MSR20-15-I Router\n - JF237A HP MSR20-15-A Router\n - JF238A HP MSR20-15-I-W Router\n - JF239A HP MSR20-11 Router\n - JF240A HP MSR20-13 Router\n - JF241A HP MSR20-12 Router\n - JF806A HP MSR20-12-T Router\n - JF807A HP MSR20-12-W Router\n - JF808A HP MSR20-13-W Router\n - JF809A HP MSR20-15-A-W Router\n - JF817A HP MSR20-15 Router\n - JG209A HP MSR20-12-T-W Router (NA)\n - JG210A HP MSR20-13-W Router (NA)\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n + MSR 30 (Comware 5) - Version: R2516\n * HP Network Products\n - JD654A HP MSR30-60 POE Multi-Service Router\n - JD657A HP MSR30-40 Multi-Service Router\n - JD658A HP MSR30-60 Multi-Service Router\n - JD660A HP MSR30-20 POE Multi-Service Router\n - JD661A HP MSR30-40 POE Multi-Service Router\n - JD666A HP MSR30-20 Multi-Service Router\n - JF229A HP MSR30-40 Router\n - JF230A HP MSR30-60 Router\n - JF232A HP RTMSR3040-AC-OVSAS-H3\n - JF235A HP MSR30-20 DC Router\n - JF284A HP MSR30-20 Router\n - JF287A HP MSR30-40 DC Router\n - JF801A HP MSR30-60 DC Router\n - JF802A HP MSR30-20 PoE Router\n - JF803A HP MSR30-40 PoE Router\n - JF804A HP MSR30-60 PoE Router\n - JG728A HP MSR30-20 TAA-compliant DC Router\n - JG729A HP MSR30-20 TAA-compliant Router\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n + MSR 30-16 (Comware 5) - Version: R2516P06\n * HP Network Products\n - JD659A HP MSR30-16 POE Multi-Service Router\n - JD665A HP MSR30-16 Multi-Service Router\n - JF233A HP MSR30-16 Router\n - JF234A HP MSR30-16 PoE Router,\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n + MSR 30-1X (Comware 5) - Version: R2516P06\n * HP Network Products\n - JF800A HP MSR30-11 Router\n - JF816A HP MSR30-10 2 FE /2 SIC /1 MIM MS Rtr\n - JG182A HP MSR30-11E Router\n - JG183A HP MSR30-11F Router\n - JG184A HP MSR30-10 DC Router\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n + MSR 50 (Comware 5) - Version: R2516P06\n * HP Network Products\n - JD433A HP MSR50-40 Router\n - JD653A HP MSR50 Processor Module\n - JD655A HP MSR50-40 Multi-Service Router\n - JD656A HP MSR50-60 Multi-Service Router\n - JF231A HP MSR50-60 Router\n - JF285A HP MSR50-40 DC Router\n - JF640A HP MSR50-60 Rtr Chassis w DC PwrSupply\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n + MSR 50-G2 (Comware 5) - Version: R2516P06\n * HP Network Products\n - JD429A HP MSR50 G2 Processor Module\n - JD429B HP MSR50 G2 Processor Module\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n + MSR 9XX (Comware 5) - Version: R2516P06\n * HP Network Products\n - JF812A HP MSR900 Router\n - JF813A HP MSR920 Router\n - JF814A HP MSR900-W Router\n - JF815A HP MSR920 2FEWAN/8FELAN/.11 b/g Rtr\n - JG207A HP MSR900-W Router (NA)\n - JG208A HP MSR920-W Router (NA)\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n + MSR 93X (Comware 5) - Version: R2516P06\n * HP Network Products\n - JG511A HP MSR930 Router\n - JG511B HP MSR930 Router\n - JG512A HP MSR930 Wireless Router\n - JG513A HP MSR930 3G Router\n - JG513B HP MSR930 3G Router\n - JG514A HP MSR931 Router\n - JG514B HP MSR931 Router\n - JG515A HP MSR931 3G Router\n - JG516A HP MSR933 Router\n - JG517A HP MSR933 3G Router\n - JG518A HP MSR935 Router\n - JG518B HP MSR935 Router\n - JG519A HP MSR935 Wireless Router\n - JG520A HP MSR935 3G Router\n - JG531A HP MSR931 Dual 3G Router\n - JG531B HP MSR931 Dual 3G Router\n - JG596A HP MSR930 4G LTE/3G CDMA Router\n - JG597A HP MSR936 Wireless Router\n - JG665A HP MSR930 4G LTE/3G WCDMA Global Router\n - JG704A HP MSR930 4G LTE/3G WCDMA ATT Router\n - JH009A HP MSR931 Serial (TI) Router\n - JH010A HP MSR933 G.SHDSL (TI) Router\n - JH011A HP MSR935 ADSL2+ (TI) Router\n - JH012A HP MSR930 Wireless 802.11n (NA) Router\n - JH012B HP MSR930 Wireless 802.11n (NA) Router\n - JH013A HP MSR935 Wireless 802.11n (NA) Router\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n + MSR1000 (Comware 5) - Version: R2516P06\n * HP Network Products\n - JG732A HP MSR1003-8 AC Router\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n + 12500 (Comware 5) - Version: R1829P03\n * HP Network Products\n - JC072B HP 12500 Main Processing Unit\n - JC085A HP A12518 Switch Chassis\n - JC086A HP A12508 Switch Chassis\n - JC652A HP 12508 DC Switch Chassis\n - JC653A HP 12518 DC Switch Chassis\n - JC654A HP 12504 AC Switch Chassis\n - JC655A HP 12504 DC Switch Chassis\n - JC808A HP 12500 TAA Main Processing Unit\n - JF430A HP A12518 Switch Chassis\n - JF430B HP 12518 Switch Chassis\n - JF430C HP 12518 AC Switch Chassis\n - JF431A HP A12508 Switch Chassis\n - JF431B HP 12508 Switch Chassis\n - JF431C HP 12508 AC Switch Chassis\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n + 9500E (Comware 5) - Version: R1829P03\n * HP Network Products\n - JC124A HP A9508 Switch Chassis\n - JC124B HP 9505 Switch Chassis\n - JC125A HP A9512 Switch Chassis\n - JC125B HP 9512 Switch Chassis\n - JC474A HP A9508-V Switch Chassis\n - JC474B HP 9508-V Switch Chassis\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n + 10500 (Comware 5) - Version: R1210P03\n * HP Network Products\n - JC611A HP 10508-V Switch Chassis\n - JC612A HP 10508 Switch Chassis\n - JC613A HP 10504 Switch Chassis\n - JC614A HP 10500 Main Processing Unit\n - JC748A HP 10512 Switch Chassis\n - JG375A HP 10500 TAA-compliant Main Processing Unit\n - JG820A HP 10504 TAA-compliant Switch Chassis\n - JG821A HP 10508 TAA-compliant Switch Chassis\n - JG822A HP 10508-V TAA-compliant Switch Chassis\n - JG823A HP 10512 TAA-compliant Switch Chassis\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n + 7500 (Comware 5) - Version: R6710P03\n * HP Network Products\n - JC666A HP 7503-S 144Gbps Fabric/MPU with PoE Upgradable 20-port\nGig-T/4-port GbE Combo\n - JC697A HP 7502 TAA-compliant Main Processing Unit\n - JC698A HP 7503-S 144Gbps TAA Fabric / MPU with 16 GbE SFP Ports and 8\nGbE Combo Ports\n - JC699A HP 7500 384Gbps TAA-compliant Fabric / MPU with 2 10GbE XFP\nPorts\n - JC700A HP 7500 384Gbps TAA-compliant Fabric / Main Processing Unit\n - JC701A HP 7500 768Gbps TAA-compliant Fabric / Main Processing Unit\n - JD193A HP 7500 384Gbps Fabric Module with 2 XFP Ports\n - JD193B HP 7500 384Gbps Fabric Module with 2 XFP Ports\n - JD194A HP 7500 384Gbps Fabric Module\n - JD194B HP 7500 384Gbps Fabric Module\n - JD195A HP 7500 384Gbps Advanced Fabric Module\n - JD196A HP 7502 Fabric Module\n - JD220A HP 7500 768Gbps Fabric Module\n - JD224A HP 7500 384Gbps Fabric Module with 12 SFP Ports\n - JD238A HP 7510 Switch Chassis\n - JD238B HP 7510 Switch Chassis\n - JD239A HP 7506 Switch Chassis\n - JD239B HP 7506 Switch Chassis\n - JD240A HP 7503 Switch Chassis\n - JD240B HP 7503 Switch Chassis\n - JD241A HP 7506-V Switch Chassis\n - JD241B HP 7506-V Switch Chassis\n - JD242A HP 7502 Switch Chassis\n - JD242B HP 7502 Switch Chassis\n - JD243A HP 7503-S Switch Chassis with 1 Fabric Slot\n - JD243B HP 7503-S Switch Chassis with 1 Fabric Slot\n - JE164A HP E7902 Switch Chassis\n - JE165A HP E7903 Switch Chassis\n - JE166A HP E7903 1 Fabric Slot Switch Chassis\n - JE167A HP E7906 Switch Chassis\n - JE168A HP E7906 Vertical Switch Chassis\n - JE169A HP E7910 Switch Chassis\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n + 6125G/XG Blade Switch - Version: R2112P06\n * HP Network Products\n - 737220-B21 HP 6125G Blade Switch with TAA\n - 737226-B21 HP 6125G/XG Blade Switch with TAA\n - 658250-B21 HP 6125G/XG Blade Switch Opt Kit\n - 658247-B21 HP 6125G Blade Switch Opt Kit\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n + 5800 (Comware 5) - Version: R1810P07\n * HP Network Products\n - JC099A HP 5800-24G-PoE Switch\n - JC099B HP 5800-24G-PoE+ Switch\n - JC100A HP 5800-24G Switch\n - JC100B HP 5800-24G Switch\n - JC101A HP 5800-48G Switch with 2 Slots\n - JC101B HP 5800-48G-PoE+ Switch with 2 Interface Slots\n - JC103A HP 5800-24G-SFP Switch\n - JC103B HP 5800-24G-SFP Switch with 1 Interface Slot\n - JC104A HP 5800-48G-PoE Switch\n - JC104B HP 5800-48G-PoE+ Switch with 1 Interface Slot\n - JC105A HP 5800-48G Switch\n - JC105B HP 5800-48G Switch with 1 Interface Slot\n - JG254A HP 5800-24G-PoE+ TAA-compliant Switch\n - JG254B HP 5800-24G-PoE+ TAA-compliant Switch\n - JG255A HP 5800-24G TAA-compliant Switch\n - JG255B HP 5800-24G TAA-compliant Switch\n - JG256A HP 5800-24G-SFP TAA-compliant Switch with 1 Interface Slot\n - JG256B HP 5800-24G-SFP TAA-compliant Switch with 1 Interface Slot\n - JG257A HP 5800-48G-PoE+ TAA-compliant Switch with 1 Interface Slot\n - JG257B HP 5800-48G-PoE+ TAA-compliant Switch with 1 Interface Slot\n - JG258A HP 5800-48G TAA-compliant Switch with 1 Interface Slot\n - JG258B HP 5800-48G TAA-compliant Switch with 1 Interface Slot\n - JG225A HP 5800AF-48G Switch\n - JG225B HP 5800AF-48G Switch\n - JG242A HP 5800-48G-PoE+ TAA-compliant Switch with 2 Interface Slots\n - JG242B HP 5800-48G-PoE+ TAA-compliant Switch with 2 Interface\n - JG243A HP 5820-24XG-SFP+ TAA-compliant Switch\n - JG243B HP 5820-24XG-SFP+ TAA-compliant Switch\n - JG259A HP 5820X-14XG-SFP+ TAA-compliant Switch with 2 Interface Slots\n\u0026 1 OAA Slot\n - JG259B HP 5820-14XG-SFP+ TAA-compliant Switch with 2 Interface Slots\nand 1 OAA Slot\n - JC106A HP 5820-14XG-SFP+ Switch with 2 Slots\n - JC106B HP 5820-14XG-SFP+ Switch with 2 Interface Slots \u0026 1 OAA Slot\n - JG219A HP 5820AF-24XG Switch\n - JG219B HP 5820AF-24XG Switch\n - JC102A HP 5820-24XG-SFP+ Switch\n - JC102B HP 5820-24XG-SFP+ Switch\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n + 5500 HI (Comware 5) - Version: R5501P28\n * HP Network Products\n - JG311A HP 5500-24G-4SFP HI Switch with 2 Interface Slots\n - JG312A HP 5500-48G-4SFP HI Switch with 2 Interface Slots\n - JG541A HP 5500-24G-PoE+-4SFP HI Switch with 2 Interface Slots\n - JG542A HP 5500-48G-PoE+-4SFP HI Switch with 2 Interface Slots\n - JG543A HP 5500-24G-SFP HI Switch with 2 Interface Slots\n - JG679A HP 5500-24G-PoE+-4SFP HI TAA-compliant Switch with 2 Interface\nSlots\n - JG680A HP 5500-48G-PoE+-4SFP HI TAA-compliant Switch with 2 Interface\nSlots\n - JG681A HP 5500-24G-SFP HI TAA-compliant Switch with 2 Interface Slots\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n + 5500 EI (Comware 5) - Version: R2221P30\n * HP Network Products\n - JD373A HP 5500-24G DC EI Switch\n - JD374A HP 5500-24G-SFP EI Switch\n - JD375A HP 5500-48G EI Switch\n - JD376A HP 5500-48G-PoE EI Switch\n - JD377A HP 5500-24G EI Switch\n - JD378A HP 5500-24G-PoE EI Switch\n - JD379A HP 5500-24G-SFP DC EI Switch\n - JG240A HP 5500-48G-PoE+ EI Switch with 2 Interface Slots\n - JG241A HP 5500-24G-PoE+ EI Switch with 2 Interface Slots\n - JG249A HP 5500-24G-SFP EI TAA-compliant Switch with 2 Interface\n - JG250A HP 5500-24G EI TAA-compliant Switch with 2 Interface Slots\n - JG251A HP 5500-48G EI TAA-compliant Switch with 2 Interface Slots\n - JG252A HP 5500-24G-PoE+ EI TAA-compliant Switch with 2 Interface\nSlots\n - JG253A HP 5500-48G-PoE+ EI TAA-compliant Switch with 2 Interface\nSlots\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n + 4800G (Comware 5) - Version: R2221P30\n * HP Network Products\n - JD007A HP 4800-24G Switch\n - JD008A HP 4800-24G-PoE Switch\n - JD009A HP 4800-24G-SFP Switch\n - JD010A HP 4800-48G Switch\n - JD011A HP 4800-48G-PoE Switch\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n + 5500SI (Comware 5) - Version: R2221P30\n * HP Network Products\n - JD369A HP 5500-24G SI Switch\n - JD370A HP 5500-48G SI Switch\n - JD371A HP 5500-24G-PoE SI Switch\n - JD372A HP 5500-48G-PoE SI Switch\n - JG238A HP 5500-24G-PoE+ SI Switch with 2 Interface Slots\n - JG239A HP 5500-48G-PoE+ SI Switch with 2 Interface Slots\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n + 4500G (Comware 5) - Version: R2221P30\n * HP Network Products\n - JF428A HP 4510-48G Switch\n - JF847A HP 4510-24G Switch\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n + 5120 EI (Comware 5) - Version: R2221P30\n * HP Network Products\n - JE066A HP 5120-24G EI Switch\n - JE067A HP 5120-48G EI Switch\n - JE068A HP 5120-24G EI Switch with 2 Interface Slots\n - JE069A HP 5120-48G EI Switch with 2 Interface Slots\n - JE070A HP 5120-24G-PoE EI 2-slot Switch\n - JE071A HP 5120-48G-PoE EI 2-slot Switch\n - JG236A HP 5120-24G-PoE+ EI Switch with 2 Interface Slots\n - JG237A HP 5120-48G-PoE+ EI Switch with 2 Interface Slots\n - JG245A HP 5120-24G EI TAA-compliant Switch with 2 Interface Slots\n - JG246A HP 5120-48G EI TAA-compliant Switch with 2 Interface Slots\n - JG247A HP 5120-24G-PoE+ EI TAA-compliant Switch with 2 Slots\n - JG248A HP 5120-48G-PoE+ EI TAA-compliant Switch with 2 Slots\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n + 4210G (Comware 5) - Version: R2221P30\n * HP Network Products\n - JF844A HP 4210-24G Switch\n - JF845A HP 4210-48G Switch\n - JF846A HP 4210-24G-PoE Switch\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n + 5120 SI (Comware 5) - Version: R1518P03\n * HP Network Products\n - JE072A HP 5120-48G SI Switch\n - JE072B HPE 5120 48G SI Switch\n - JE073A HP 5120-16G SI Switch\n - JE073B HPE 5120 16G SI Switch\n - JE074A HP 5120-24G SI Switch\n - JE074B HPE 5120 24G SI Switch\n - JG091A HP 5120-24G-PoE+ (370W) SI Switch\n - JG091B HPE 5120 24G PoE+ (370W) SI Switch\n - JG092A HP 5120-24G-PoE+ (170W) SI Switch\n - JG309B HPE 5120 8G PoE+ (180W) SI Switch\n - JG310B HPE 5120 8G PoE+ (65W) SI Switch\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n + 3610 (Comware 5) - Version: R5319P16\n * HP Network Products\n - JD335A HP 3610-48 Switch\n - JD336A HP 3610-24-4G-SFP Switch\n - JD337A HP 3610-24-2G-2G-SFP Switch\n - JD338A HP 3610-24-SFP Switch\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n + 3600V2 (Comware 5) - Version: R2111P04\n * HP Network Products\n - JG299A HP 3600-24 v2 EI Switch\n - JG299B HP 3600-24 v2 EI Switch\n - JG300A HP 3600-48 v2 EI Switch\n - JG300B HP 3600-48 v2 EI Switch\n - JG301A HP 3600-24-PoE+ v2 EI Switch\n - JG301B HP 3600-24-PoE+ v2 EI Switch\n - JG301C HP 3600-24-PoE+ v2 EI Switch\n - JG302A HP 3600-48-PoE+ v2 EI Switch\n - JG302B HP 3600-48-PoE+ v2 EI Switch\n - JG302C HP 3600-48-PoE+ v2 EI Switch\n - JG303A HP 3600-24-SFP v2 EI Switch\n - JG303B HP 3600-24-SFP v2 EI Switch\n - JG304A HP 3600-24 v2 SI Switch\n - JG304B HP 3600-24 v2 SI Switch\n - JG305A HP 3600-48 v2 SI Switch\n - JG305B HP 3600-48 v2 SI Switch\n - JG306A HP 3600-24-PoE+ v2 SI Switch\n - JG306B HP 3600-24-PoE+ v2 SI Switch\n - JG306C HP 3600-24-PoE+ v2 SI Switch\n - JG307A HP 3600-48-PoE+ v2 SI Switch\n - JG307B HP 3600-48-PoE+ v2 SI Switch\n - JG307C HP 3600-48-PoE+ v2 SI Switch\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n + 3100V2 (Comware 5) - Version: R5213P03\n * HP Network Products\n - JD313B HPE 3100 24 PoE v2 EI Switch\n - JD318B HPE 3100 8 v2 EI Switch\n - JD319B HPE 3100 16 v2 EI Switch\n - JD320B HPE 3100 24 v2 EI Switch\n - JG221A HPE 3100 8 v2 SI Switch\n - JG222A HPE 3100 16 v2 SI Switch\n - JG223A HPE 3100 24 v2 SI Switch\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n + HP870 (Comware 5) - Version: R2607P55\n * HP Network Products\n - JG723A HP 870 Unified Wired-WLAN Appliance\n - JG725A HP 870 Unified Wired-WLAN TAA-compliant Appliance\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n + HP850 (Comware 5) - Version: R2607P55\n * HP Network Products\n - JG722A HP 850 Unified Wired-WLAN Appliance\n - JG724A HP 850 Unified Wired-WLAN TAA-compliant Appliance\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n + HP830 (Comware 5) - Version: R3507P55\n * HP Network Products\n - JG640A HP 830 24-Port PoE+ Unified Wired-WLAN Switch\n - JG641A HP 830 8-port PoE+ Unified Wired-WLAN Switch\n - JG646A HP 830 24-Port PoE+ Unified Wired-WLAN TAA-compliant Switch\n - JG647A HP 830 8-Port PoE+ Unified Wired-WLAN TAA-compliant\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n + HP6000 (Comware 5) - Version: R2507P55\n * HP Network Products\n - JG639A HP 10500/7500 20G Unified Wired-WLAN Module\n - JG645A HP 10500/7500 20G Unified Wired-WLAN TAA-compliant Module\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n + WX5004-EI (Comware 5) - Version: R2507P55\n * HP Network Products\n - JD447B HP WX5002 Access Controller\n - JD448A HP WX5004 Access Controller\n - JD448B HP WX5004 Access Controller\n - JD469A HP WX5004 Access Controller\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n + SecBlade FW (Comware 5) - Version: R3181P09\n * HP Network Products\n - JC635A HP 12500 VPN Firewall Module\n - JD245A HP 9500 VPN Firewall Module\n - JD249A HP 10500/7500 Advanced VPN Firewall Module\n - JD250A HP 6600 Firewall Processing Router Module\n - JD251A HP 8800 Firewall Processing Module\n - JD255A HP 5820 VPN Firewall Module\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n + F1000-E (Comware 5) - Version: TBD still fixing\n * HP Network Products\n - JD272A HP F1000-E VPN Firewall Appliance\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n + F1000-A-EI (Comware 5) - Version: TBD still fixing\n * HP Network Products\n - JG214A HP F1000-A-EI VPN Firewall Appliance\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n + F1000-S-EI (Comware 5) - Version: TBD still fixing\n * HP Network Products\n - JG213A HP F1000-S-EI VPN Firewall Appliance\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n + F1000-A-EI/F1000-S-EI - Version: R3734P10\n * HP Network Products\n - JD272A HP F1000-E VPN Firewall Appliance\n - JG214A HP F1000-A-EI VPN Firewall Appliance\n - JG213A HP F1000-S-EI VPN Firewall Appliance\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n + F5000-A (Comware 5) - Version: F3210P27\n * HP Network Products\n - JD259A HP A5000-A5 VPN Firewall Chassis\n - JG215A HP F5000 Firewall Main Processing Unit\n - JG216A HP F5000 Firewall Standalone Chassis\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n + U200S and CS (Comware 5) - Version: F5123P34\n * HP Network Products\n - JD273A HP U200-S UTM Appliance\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n + U200A and M (Comware 5) - Version: F5123P34\n * HP Network Products\n - JD275A HP U200-A UTM Appliance\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n + F5000-C/S (Comware 5) - Version: TBD still fixing\n * HP Network Products\n - JG650A HP F5000-C VPN Firewall Appliance\n - JG370A HP F5000-S VPN Firewall Appliance\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n + SecBlade III (Comware 5) - Version: TBD still fixing\n * HP Network Products\n - JG371A HP 12500 20Gbps VPN Firewall Module\n - JG372A HP 10500/11900/7500 20Gbps VPN Firewall Module\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n + 6600 RSE RU (Comware 5 Low Encryption SW) - Version: R3303P31\n * HP Network Products\n - JC177A HP 6608 Router\n - JC177B HP 6608 Router Chassis\n - JC178A HP 6604 Router Chassis\n - JC178B HP 6604 Router Chassis\n - JC496A HP 6616 Router Chassis\n - JC566A HP 6600 RSE-X1 Router Main Processing Unit\n - JG780A HP 6600 RSE-X1 TAA-compliant Main Processing Unit\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n + 6600 RPE RU (Comware 5 Low Encryption SW) - Version: R3303P31\n * HP Network Products\n - JC165A HP 6600 RPE-X1 Router Module\n - JC177A HP 6608 Router\n - JC177B HPE FlexNetwork 6608 Router Chassis\n - JC178A HPE FlexNetwork 6604 Router Chassis\n - JC178B HPE FlexNetwork 6604 Router Chassis\n - JC496A HPE FlexNetwork 6616 Router Chassis\n - JG781A HP 6600 RPE-X1 TAA-compliant Main Processing Unit\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n + 6602 RU (Comware 5 Low Encryption SW) - Version: R3303P31\n * HP Network Products\n - JC176A HP 6602 Router Chassis\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n + HSR6602 RU (Comware 5 Low Encryption SW) - Version: R3303P31\n * HP Network Products\n - JC177A HP 6608 Router\n - JC177B HP 6608 Router Chassis\n - JC178A HP 6604 Router Chassis\n - JC178B HP 6604 Router Chassis\n - JC496A HP 6616 Router Chassis\n - JG353A HP HSR6602-G Router\n - JG354A HP HSR6602-XG Router\n - JG355A HP 6600 MCP-X1 Router Main Processing Unit\n - JG356A HP 6600 MCP-X2 Router Main Processing Unit\n - JG776A HP HSR6602-G TAA-compliant Router\n - JG777A HP HSR6602-XG TAA-compliant Router\n - JG778A HP 6600 MCP-X2 Router TAA-compliant Main Processing Unit\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n + HSR6800 RU (Comware 5 Low Encryption SW) - Version: R3303P31\n * HP Network Products\n - JG361A HP HSR6802 Router Chassis\n - JG361B HP HSR6802 Router Chassis\n - JG362A HP HSR6804 Router Chassis\n - JG362B HP HSR6804 Router Chassis\n - JG363A HP HSR6808 Router Chassis\n - JG363B HP HSR6808 Router Chassis\n - JG364A HP HSR6800 RSE-X2 Router Main Processing Unit\n - JG779A HP HSR6800 RSE-X2 Router TAA-compliant Main Processing Unit\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n + SMB1910 (Comware 5) - Version: R1115\n * HP Network Products\n - JG540A HP 1910-48 Switch\n - JG539A HP 1910-24-PoE+ Switch\n - JG538A HP 1910-24 Switch\n - JG537A HP 1910-8 -PoE+ Switch\n - JG536A HP 1910-8 Switch\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n + SMB1920 (Comware 5) - Version: R1114\n * HP Network Products\n - JG928A HP 1920-48G-PoE+ (370W) Switch\n - JG927A HP 1920-48G Switch\n - JG926A HP 1920-24G-PoE+ (370W) Switch\n - JG925A HP 1920-24G-PoE+ (180W) Switch\n - JG924A HP 1920-24G Switch\n - JG923A HP 1920-16G Switch\n - JG922A HP 1920-8G-PoE+ (180W) Switch\n - JG921A HP 1920-8G-PoE+ (65W) Switch\n - JG920A HP 1920-8G Switch\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n + V1910 (Comware 5) - Version: R1518P03\n * HP Network Products\n - JE005A HP 1910-16G Switch\n - JE006A HP 1910-24G Switch\n - JE007A HP 1910-24G-PoE (365W) Switch\n - JE008A HP 1910-24G-PoE(170W) Switch\n - JE009A HP 1910-48G Switch\n - JG348A HP 1910-8G Switch\n - JG349A HP 1910-8G-PoE+ (65W) Switch\n - JG350A HP 1910-8G-PoE+ (180W) Switch\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n + SMB 1620 (Comware 5) - Version: R1112\n * HP Network Products\n - JG914A HP 1620-48G Switch\n - JG913A HP 1620-24G Switch\n - JG912A HP 1620-8G Switch\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n + NJ5000 - Version: R1108\n * HP Network Products\n - JH237A HPE FlexNetwork NJ5000 5G PoE+ Walljack\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n\n\n**COMWARE 7 Products**\n\n + 12500 (Comware 7) - Version: R7377P02\n * HP Network Products\n - JC072B HP 12500 Main Processing Unit\n - JC085A HP A12518 Switch Chassis\n - JC086A HP A12508 Switch Chassis\n - JC652A HP 12508 DC Switch Chassis\n - JC653A HP 12518 DC Switch Chassis\n - JC654A HP 12504 AC Switch Chassis\n - JC655A HP 12504 DC Switch Chassis\n - JF430A HP A12518 Switch Chassis\n - JF430B HP 12518 Switch Chassis\n - JF430C HP 12518 AC Switch Chassis\n - JF431A HP A12508 Switch Chassis\n - JF431B HP 12508 Switch Chassis\n - JF431C HP 12508 AC Switch Chassis\n - JG497A HP 12500 MPU w/Comware V7 OS\n - JG782A HP FF 12508E AC Switch Chassis\n - JG783A HP FF 12508E DC Switch Chassis\n - JG784A HP FF 12518E AC Switch Chassis\n - JG785A HP FF 12518E DC Switch Chassis\n - JG802A HP FF 12500E MPU\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n - CVE-2015-7979\n - CVE-2015-8138\n + 10500 (Comware 7) - Version: R7184\n * HP Network Products\n - JC611A HP 10508-V Switch Chassis\n - JC612A HP 10508 Switch Chassis\n - JC613A HP 10504 Switch Chassis\n - JC748A HP 10512 Switch Chassis\n - JG608A HP FlexFabric 11908-V Switch Chassis\n - JG609A HP FlexFabric 11900 Main Processing Unit\n - JG820A HP 10504 TAA Switch Chassis\n - JG821A HP 10508 TAA Switch Chassis\n - JG822A HP 10508-V TAA Switch Chassis\n - JG823A HP 10512 TAA Switch Chassis\n - JG496A HP 10500 Type A MPU w/Comware v7 OS\n - JH198A HP 10500 Type D Main Processing Unit with Comware v7 Operating\nSystem\n - JH206A HP 10500 Type D TAA-compliant with Comware v7 Operating System\nMain Processing Unit\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n - CVE-2015-7979\n - CVE-2015-8138\n + 5900 (Comware 7) - Version: R2422P02\n * HP Network Products\n - JC772A HP 5900AF-48XG-4QSFP+ Switch\n - JG296A HP 5920AF-24XG Switch\n - JG336A HP 5900AF-48XGT-4QSFP+ Switch\n - JG510A HP 5900AF-48G-4XG-2QSFP+ Switch\n - JG554A HP 5900AF-48XG-4QSFP+ TAA Switch\n - JG555A HP 5920AF-24XG TAA Switch\n - JG838A HP FF 5900CP-48XG-4QSFP+ Switch\n - JH036A HP FlexFabric 5900CP 48XG 4QSFP+ TAA-Compliant\n - JH037A HP 5900AF 48XGT 4QSFP+ TAA-Compliant Switch\n - JH038A HP 5900AF 48G 4XG 2QSFP+ TAA-Compliant\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n - CVE-2015-7979\n - CVE-2015-8138\n + MSR1000 (Comware 7) - Version: R0306P52\n * HP Network Products\n - JG875A HP MSR1002-4 AC Router\n - JH060A HP MSR1003-8S AC Router\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n - CVE-2015-7979\n - CVE-2015-8138\n + MSR2000 (Comware 7) - Version: R0306P52\n * HP Network Products\n - JG411A HP MSR2003 AC Router\n - JG734A HP MSR2004-24 AC Router\n - JG735A HP MSR2004-48 Router\n - JG866A HP MSR2003 TAA-compliant AC Router\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n - CVE-2015-7979\n - CVE-2015-8138\n + MSR3000 (Comware 7) - Version: R0306P52\n * HP Network Products\n - JG404A HP MSR3064 Router\n - JG405A HP MSR3044 Router\n - JG406A HP MSR3024 AC Router\n - JG407A HP MSR3024 DC Router\n - JG408A HP MSR3024 PoE Router\n - JG409A HP MSR3012 AC Router\n - JG410A HP MSR3012 DC Router\n - JG861A HP MSR3024 TAA-compliant AC Router\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n - CVE-2015-7979\n - CVE-2015-8138\n + MSR4000 (Comware 7) - Version: R0306P52\n * HP Network Products\n - JG402A HP MSR4080 Router Chassis\n - JG403A HP MSR4060 Router Chassis\n - JG412A HP MSR4000 MPU-100 Main Processing Unit\n - JG869A HP MSR4000 TAA-compliant MPU-100 Main Processing Unit\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n - CVE-2015-7979\n - CVE-2015-8138\n + VSR (Comware 7) - Version: E0324\n * HP Network Products\n - JG810AAE HP VSR1001 Virtual Services Router 60 Day Evaluation\nSoftware\n - JG811AAE HP VSR1001 Comware 7 Virtual Services Router\n - JG812AAE HP VSR1004 Comware 7 Virtual Services Router\n - JG813AAE HP VSR1008 Comware 7 Virtual Services Router\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n - CVE-2015-7979\n - CVE-2015-8138\n + 7900 (Comware 7) - Version: R2152\n * HP Network Products\n - JG682A HP FlexFabric 7904 Switch Chassis\n - JG841A HP FlexFabric 7910 Switch Chassis\n - JG842A HP FlexFabric 7910 7.2Tbps Fabric / Main Processing Unit\n - JH001A HP FlexFabric 7910 2.4Tbps Fabric / Main Processing Unit\n - JH122A HP FlexFabric 7904 TAA-compliant Switch Chassis\n - JH123A HP FlexFabric 7910 TAA-compliant Switch Chassis\n - JH124A HP FlexFabric 7910 7.2Tbps TAA-compliant Fabric/Main\nProcessing Unit\n - JH125A HP FlexFabric 7910 2.4Tbps TAA-compliant Fabric/Main\nProcessing Unit\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n - CVE-2015-7979\n - CVE-2015-8138\n + 5130 (Comware 7) - Version: R3115P01\n * HP Network Products\n - JG932A HP 5130-24G-4SFP+ EI Switch\n - JG933A HP 5130-24G-SFP-4SFP+ EI Switch\n - JG934A HP 5130-48G-4SFP+ EI Switch\n - JG936A HP 5130-24G-PoE+-4SFP+ (370W) EI Switch\n - JG937A HP 5130-48G-PoE+-4SFP+ (370W) EI Switch\n - JG938A HP 5130-24G-2SFP+-2XGT EI Switch\n - JG939A HP 5130-48G-2SFP+-2XGT EI Switch\n - JG940A HP 5130-24G-PoE+-2SFP+-2XGT (370W) EI Switch\n - JG941A HP 5130-48G-PoE+-2SFP+-2XGT (370W) EI Switch\n - JG975A HP 5130-24G-4SFP+ EI Brazil Switch\n - JG976A HP 5130-48G-4SFP+ EI Brazil Switch\n - JG977A HP 5130-24G-PoE+-4SFP+ (370W) EI Brazil Switch\n - JG978A HP 5130-48G-PoE+-4SFP+ (370W) EI Brazil Switch\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n - CVE-2015-7979\n - CVE-2015-8138\n + 6125XLG - Version: R2422P02\n * HP Network Products\n - 711307-B21 HP 6125XLG Blade Switch\n - 737230-B21 HP 6125XLG Blade Switch with TAA\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n - CVE-2015-7979\n - CVE-2015-8138\n + 6127XLG - Version: R2422P02\n * HP Network Products\n - 787635-B21 HP 6127XLG Blade Switch Opt Kit\n - 787635-B22 HP 6127XLG Blade Switch with TAA\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n - CVE-2015-7979\n - CVE-2015-8138\n + Moonshot - Version: R2422P02\n * HP Network Products\n - 786617-B21 - HP Moonshot-45Gc Switch Module\n - 704654-B21 - HP Moonshot-45XGc Switch Module\n - 786619-B21 - HP Moonshot-180XGc Switch Module\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n - CVE-2015-7979\n - CVE-2015-8138\n + 5700 (Comware 7) - Version: R2422P02\n * HP Network Products\n - JG894A HP FlexFabric 5700-48G-4XG-2QSFP+ Switch\n - JG895A HP FlexFabric 5700-48G-4XG-2QSFP+ TAA-compliant Switch\n - JG896A HP FlexFabric 5700-40XG-2QSFP+ Switch\n - JG897A HP FlexFabric 5700-40XG-2QSFP+ TAA-compliant Switch\n - JG898A HP FlexFabric 5700-32XGT-8XG-2QSFP+ Switch\n - JG899A HP FlexFabric 5700-32XGT-8XG-2QSFP+ TAA-compliant Switch\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n - CVE-2015-7979\n - CVE-2015-8138\n + 5930 (Comware 7) - Version: R2422P02\n * HP Network Products\n - JG726A HP FlexFabric 5930 32QSFP+ Switch\n - JG727A HP FlexFabric 5930 32QSFP+ TAA-compliant Switch\n - JH178A HP FlexFabric 5930 2QSFP+ 2-slot Switch\n - JH179A HP FlexFabric 5930 4-slot Switch\n - JH187A HP FlexFabric 5930 2QSFP+ 2-slot TAA-compliant Switch\n - JH188A HP FlexFabric 5930 4-slot TAA-compliant Switch\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n - CVE-2015-7979\n - CVE-2015-8138\n + HSR6600 (Comware 7) - Version: R7103P09\n * HP Network Products\n - JG353A HP HSR6602-G Router\n - JG354A HP HSR6602-XG Router\n - JG776A HP HSR6602-G TAA-compliant Router\n - JG777A HP HSR6602-XG TAA-compliant Router\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n - CVE-2015-7979\n - CVE-2015-8138\n + HSR6800 (Comware 7) - Version: R7103P10\n * HP Network Products\n - JG361A HP HSR6802 Router Chassis\n - JG361B HP HSR6802 Router Chassis\n - JG362A HP HSR6804 Router Chassis\n - JG362B HP HSR6804 Router Chassis\n - JG363A HP HSR6808 Router Chassis\n - JG363B HP HSR6808 Router Chassis\n - JG364A HP HSR6800 RSE-X2 Router Main Processing Unit\n - JG779A HP HSR6800 RSE-X2 Router TAA-compliant Main Processing\n - JH075A HP HSR6800 RSE-X3 Router Main Processing Unit\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n - CVE-2015-7979\n - CVE-2015-8138\n + 1950 (Comware 7) - Version: R3115P01\n * HP Network Products\n - JG960A HP 1950-24G-4XG Switch\n - JG961A HP 1950-48G-2SFP+-2XGT Switch\n - JG962A HP 1950-24G-2SFP+-2XGT-PoE+(370W) Switch\n - JG963A HP 1950-48G-2SFP+-2XGT-PoE+(370W) Switch\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n - CVE-2015-7979\n - CVE-2015-8138\n + 7500 (Comware 7) - Version: R7184\n * HP Network Products\n - JD238C HP 7510 Switch Chassis\n - JD239C HP 7506 Switch Chassis\n - JD240C HP 7503 Switch Chassis\n - JD242C HP 7502 Switch Chassis\n - JH207A HP 7500 1.2Tbps Fabric with 2-port 40GbE QSFP+ for IRF-Only\nMain Processing Unit\n - JH208A HP 7502 Main Processing Unit\n - JH209A HP 7500 2.4Tbps Fabric with 8-port 1/10GbE SFP+ and 2-port\n40GbE QSFP+ Main Processing Unit\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n - CVE-2015-7979\n - CVE-2015-8138\n + 5510HI (Comware 7) - Version: R1120P10\n * HP Network Products\n - JH145A HPE 5510 24G 4SFP+ HI 1-slot Switch\n - JH146A HPE 5510 48G 4SFP+ HI 1-slot Switch\n - JH147A HPE 5510 24G PoE+ 4SFP+ HI 1-slot Switch\n - JH148A HPE 5510 48G PoE+ 4SFP+ HI 1-slot Switch\n - JH149A HPE 5510 24G SFP 4SFP+ HI 1-slot Switch\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n - CVE-2015-7979\n - CVE-2015-8138\n + 5130HI (Comware 7) - Version: R1120P10\n * HP Network Products\n - JH323A HPE 5130 24G 4SFP+ 1-slot HI Switch\n - JH324A HPE 5130 48G 4SFP+ 1-slot HI Switch\n - JH325A HPE 5130 24G PoE+ 4SFP+ 1-slot HI Switch\n - JH326A HPE 5130 48G PoE+ 4SFP+ 1-slot HI Switch\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n - CVE-2015-7979\n - CVE-2015-8138\n + 5940 - Version: R2508\n * HP Network Products\n - JH390A HPE FlexFabric 5940 48SFP+ 6QSFP28 Switch\n - JH391A HPE FlexFabric 5940 48XGT 6QSFP28 Switch\n - JH394A HPE FlexFabric 5940 48XGT 6QSFP+ Switch\n - JH395A HPE FlexFabric 5940 48SFP+ 6QSFP+ Switch\n - JH396A HPE FlexFabric 5940 32QSFP+ Switch\n - JH397A HPE FlexFabric 5940 2-slot Switch\n - JH398A HPE FlexFabric 5940 4-slot Switch\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n - CVE-2015-7979\n - CVE-2015-8138\n + 12900E (Comware 7) - Version: R2609\n * HP Network Products\n - JG619A HP FlexFabric 12910 Switch AC Chassis\n - JG621A HP FlexFabric 12910 Main Processing Unit\n - JG632A HP FlexFabric 12916 Switch AC Chassis\n - JG634A HP FlexFabric 12916 Main Processing Unit\n - JH104A HP FlexFabric 12900E Main Processing Unit\n - JH114A HP FlexFabric 12910 TAA-compliant Main Processing Unit\n - JH263A HP FlexFabric 12904E Main Processing Unit\n - JH255A HP FlexFabric 12908E Switch Chassis\n - JH262A HP FlexFabric 12904E Switch Chassis\n - JH113A HP FlexFabric 12910 TAA-compliant Switch AC Chassis\n - JH103A HP FlexFabric 12916E Switch Chassis\n * CVEs\n - CVE-2015-7973\n - CVE-2015-7974\n - CVE-2015-7979\n - CVE-2015-8138\n\n\n**VCX Products**\n\n + VCX - Version: 9.8.19\n * HP Network Products\n - J9672A HP VCX V7205 Platform w/ DL360 G7 Srvr\n - J9668A HP VCX IPC V7005 Pltfrm w/ DL120 G6 Srvr\n - JC517A HP VCX V7205 Platform w/DL 360 G6 Server\n - JE355A HP VCX V6000 Branch Platform 9.0\n - JC516A HP VCX V7005 Platform w/DL 120 G6 Server\n - JC518A HP VCX Connect 200 Primry 120 G6 Server\n - J9669A HP VCX IPC V7310 Pltfrm w/ DL360 G7 Srvr\n - JE341A HP VCX Connect 100 Secondary\n - JE252A HP VCX Connect Primary MIM Module\n - JE253A HP VCX Connect Secondary MIM Module\n - JE254A HP VCX Branch MIM Module\n - JE355A HP VCX V6000 Branch Platform 9.0\n - JD028A HP MS30-40 RTR w/VCX + T1/FXO/FXS/Mod\n - JD023A HP MSR30-40 Router with VCX MIM Module\n - JD024A HP MSR30-16 RTR w/VCX Ent Br Com MIM\n - JD025A HP MSR30-16 RTR w/VCX + 4FXO/2FXS Mod\n - JD026A HP MSR30-16 RTR w/VCX + 8FXO/4FXS Mod\n - JD027A HP MSR30-16 RTR w/VCX + 8BRI/4FXS Mod\n - JD029A HP MSR30-16 RTR w/VCX + E1/4BRI/4FXS\n - JE340A HP VCX Connect 100 Pri Server 9.0\n - JE342A HP VCX Connect 100 Sec Server 9.0\n * CVEs\n - CVE-2015-7975\n - CVE-2015-8158\n\n**Note:** Please contact HPE Technical Support if any assistance is needed\nacquiring the software updates. \n\nHISTORY\nVersion:1 (rev.1) - 25 May 2017 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running Hewlett Packard Enterprise (HPE) software\nproducts should be applied in accordance with the customer\u0027s patch management\npolicy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HPE Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hpe.com. \n\nReport: To report a potential security vulnerability for any HPE supported\nproduct:\n Web form: https://www.hpe.com/info/report-security-vulnerability\n Email: security-alert@hpe.com\n\nSubscribe: To initiate a subscription to receive future HPE Security Bulletin\nalerts via Email: http://www.hpe.com/support/Subscriber_Choice\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here: http://www.hpe.com/support/Security_Bulletin_Archive\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HPE General Software\nHF = HPE Hardware and Firmware\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPV = ProCurve\nST = Storage Software\nUX = HP-UX\n\nCopyright 2016 Hewlett Packard Enterprise\n\nHewlett Packard Enterprise shall not be liable for technical or editorial\nerrors or omissions contained herein. The information provided is provided\n\"as is\" without warranty of any kind. To the extent permitted by law, neither\nHP or its affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. Hewlett\nPackard Enterprise and the names of Hewlett Packard Enterprise products\nreferenced herein are trademarks of Hewlett Packard Enterprise in the United\nStates and other countries. Other product and company names mentioned herein\nmay be trademarks of their respective owners. \n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201607-15\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: NTP: Multiple vulnerabilities\n Date: July 20, 2016\n Bugs: #563774, #572452, #581528, #584954\n ID: 201607-15\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in NTP, the worst of which\ncould lead to Denial of Service. Please review the\nCVE identifiers referenced below for details. \n\nResolution\n==========\n\nAll NTP users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-misc/ntp-4.2.8_p8\"\n\nReferences\n==========\n\n[ 1 ] CVE-2015-7691\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7691\n[ 2 ] CVE-2015-7692\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7692\n[ 3 ] CVE-2015-7701\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7701\n[ 4 ] CVE-2015-7702\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7702\n[ 5 ] CVE-2015-7703\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7703\n[ 6 ] CVE-2015-7704\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7704\n[ 7 ] CVE-2015-7705\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7705\n[ 8 ] CVE-2015-7848\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7848\n[ 9 ] CVE-2015-7849\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7849\n[ 10 ] CVE-2015-7850\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7850\n[ 11 ] CVE-2015-7851\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7851\n[ 12 ] CVE-2015-7852\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7852\n[ 13 ] CVE-2015-7853\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7853\n[ 14 ] CVE-2015-7854\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7854\n[ 15 ] CVE-2015-7855\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7855\n[ 16 ] CVE-2015-7871\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7871\n[ 17 ] CVE-2015-7973\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7973\n[ 18 ] CVE-2015-7974\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7974\n[ 19 ] CVE-2015-7975\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7975\n[ 20 ] CVE-2015-7976\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7976\n[ 21 ] CVE-2015-7977\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7977\n[ 22 ] CVE-2015-7978\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7978\n[ 23 ] CVE-2015-7979\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7979\n[ 24 ] CVE-2015-8138\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8138\n[ 25 ] CVE-2015-8139\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8139\n[ 26 ] CVE-2015-8140\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8140\n[ 27 ] CVE-2015-8158\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8158\n[ 28 ] CVE-2016-1547\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1547\n[ 29 ] CVE-2016-1548\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1548\n[ 30 ] CVE-2016-1549\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1549\n[ 31 ] CVE-2016-1550\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1550\n[ 32 ] CVE-2016-1551\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1551\n[ 33 ] CVE-2016-2516\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2516\n[ 34 ] CVE-2016-2517\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2517\n[ 35 ] CVE-2016-2518\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2518\n[ 36 ] CVE-2016-2519\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2519\n[ 37 ] CVE-2016-4953\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4953\n[ 38 ] CVE-2016-4954\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4954\n[ 39 ] CVE-2016-4955\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4955\n[ 40 ] CVE-2016-4956\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4956\n[ 41 ] CVE-2016-4957\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4957\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201607-15\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2016 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: ntp security update\nAdvisory ID: RHSA-2016:0063-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2016-0063.html\nIssue date: 2016-01-25\nCVE Names: CVE-2015-8138 \n=====================================================================\n\n1. Summary:\n\nUpdated ntp packages that fix one security issue are now available for Red\nHat Enterprise Linux 6 and 7. \n\nRed Hat Product Security has rated this update as having Important security\nimpact. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available from the CVE link in the\nReferences section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux Desktop (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Desktop Optional (v. 6) - i386, noarch, x86_64\nRed Hat Enterprise Linux HPC Node (v. 6) - x86_64\nRed Hat Enterprise Linux HPC Node Optional (v. 6) - noarch, x86_64\nRed Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 6) - i386, noarch, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 6) - i386, noarch, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - noarch, x86_64\n\n3. Description:\n\nThe Network Time Protocol (NTP) is used to synchronize a computer\u0027s time\nwith a referenced time source. \n\nIt was discovered that ntpd as a client did not correctly check the\noriginate timestamp in received packets. A remote attacker could use this\nflaw to send a crafted packet to an ntpd client that would effectively\ndisable synchronization with the server, or push arbitrary offset/delay\nmeasurements to modify the time on the client. (CVE-2015-8138)\n\nAll ntp users are advised to upgrade to these updated packages, which\ncontain a backported patch to resolve this issue. After installing the\nupdate, the ntpd daemon will restart automatically. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1299442 - CVE-2015-8138 ntp: missing check for zero originate timestamp\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 6):\n\nSource:\nntp-4.2.6p5-5.el6_7.4.src.rpm\n\ni386:\nntp-4.2.6p5-5.el6_7.4.i686.rpm\nntp-debuginfo-4.2.6p5-5.el6_7.4.i686.rpm\nntpdate-4.2.6p5-5.el6_7.4.i686.rpm\n\nx86_64:\nntp-4.2.6p5-5.el6_7.4.x86_64.rpm\nntp-debuginfo-4.2.6p5-5.el6_7.4.x86_64.rpm\nntpdate-4.2.6p5-5.el6_7.4.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Optional (v. 6):\n\ni386:\nntp-debuginfo-4.2.6p5-5.el6_7.4.i686.rpm\nntp-perl-4.2.6p5-5.el6_7.4.i686.rpm\n\nnoarch:\nntp-doc-4.2.6p5-5.el6_7.4.noarch.rpm\n\nx86_64:\nntp-debuginfo-4.2.6p5-5.el6_7.4.x86_64.rpm\nntp-perl-4.2.6p5-5.el6_7.4.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node (v. 6):\n\nSource:\nntp-4.2.6p5-5.el6_7.4.src.rpm\n\nx86_64:\nntp-4.2.6p5-5.el6_7.4.x86_64.rpm\nntp-debuginfo-4.2.6p5-5.el6_7.4.x86_64.rpm\nntpdate-4.2.6p5-5.el6_7.4.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Optional (v. 6):\n\nnoarch:\nntp-doc-4.2.6p5-5.el6_7.4.noarch.rpm\n\nx86_64:\nntp-debuginfo-4.2.6p5-5.el6_7.4.x86_64.rpm\nntp-perl-4.2.6p5-5.el6_7.4.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 6):\n\nSource:\nntp-4.2.6p5-5.el6_7.4.src.rpm\n\ni386:\nntp-4.2.6p5-5.el6_7.4.i686.rpm\nntp-debuginfo-4.2.6p5-5.el6_7.4.i686.rpm\nntpdate-4.2.6p5-5.el6_7.4.i686.rpm\n\nppc64:\nntp-4.2.6p5-5.el6_7.4.ppc64.rpm\nntp-debuginfo-4.2.6p5-5.el6_7.4.ppc64.rpm\nntpdate-4.2.6p5-5.el6_7.4.ppc64.rpm\n\ns390x:\nntp-4.2.6p5-5.el6_7.4.s390x.rpm\nntp-debuginfo-4.2.6p5-5.el6_7.4.s390x.rpm\nntpdate-4.2.6p5-5.el6_7.4.s390x.rpm\n\nx86_64:\nntp-4.2.6p5-5.el6_7.4.x86_64.rpm\nntp-debuginfo-4.2.6p5-5.el6_7.4.x86_64.rpm\nntpdate-4.2.6p5-5.el6_7.4.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 6):\n\ni386:\nntp-debuginfo-4.2.6p5-5.el6_7.4.i686.rpm\nntp-perl-4.2.6p5-5.el6_7.4.i686.rpm\n\nnoarch:\nntp-doc-4.2.6p5-5.el6_7.4.noarch.rpm\n\nppc64:\nntp-debuginfo-4.2.6p5-5.el6_7.4.ppc64.rpm\nntp-perl-4.2.6p5-5.el6_7.4.ppc64.rpm\n\ns390x:\nntp-debuginfo-4.2.6p5-5.el6_7.4.s390x.rpm\nntp-perl-4.2.6p5-5.el6_7.4.s390x.rpm\n\nx86_64:\nntp-debuginfo-4.2.6p5-5.el6_7.4.x86_64.rpm\nntp-perl-4.2.6p5-5.el6_7.4.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 6):\n\nSource:\nntp-4.2.6p5-5.el6_7.4.src.rpm\n\ni386:\nntp-4.2.6p5-5.el6_7.4.i686.rpm\nntp-debuginfo-4.2.6p5-5.el6_7.4.i686.rpm\nntpdate-4.2.6p5-5.el6_7.4.i686.rpm\n\nx86_64:\nntp-4.2.6p5-5.el6_7.4.x86_64.rpm\nntp-debuginfo-4.2.6p5-5.el6_7.4.x86_64.rpm\nntpdate-4.2.6p5-5.el6_7.4.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 6):\n\ni386:\nntp-debuginfo-4.2.6p5-5.el6_7.4.i686.rpm\nntp-perl-4.2.6p5-5.el6_7.4.i686.rpm\n\nnoarch:\nntp-doc-4.2.6p5-5.el6_7.4.noarch.rpm\n\nx86_64:\nntp-debuginfo-4.2.6p5-5.el6_7.4.x86_64.rpm\nntp-perl-4.2.6p5-5.el6_7.4.x86_64.rpm\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nntp-4.2.6p5-22.el7_2.1.src.rpm\n\nx86_64:\nntp-4.2.6p5-22.el7_2.1.x86_64.rpm\nntp-debuginfo-4.2.6p5-22.el7_2.1.x86_64.rpm\nntpdate-4.2.6p5-22.el7_2.1.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nnoarch:\nntp-doc-4.2.6p5-22.el7_2.1.noarch.rpm\nntp-perl-4.2.6p5-22.el7_2.1.noarch.rpm\n\nx86_64:\nntp-debuginfo-4.2.6p5-22.el7_2.1.x86_64.rpm\nsntp-4.2.6p5-22.el7_2.1.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nntp-4.2.6p5-22.el7_2.1.src.rpm\n\nx86_64:\nntp-4.2.6p5-22.el7_2.1.x86_64.rpm\nntp-debuginfo-4.2.6p5-22.el7_2.1.x86_64.rpm\nntpdate-4.2.6p5-22.el7_2.1.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nnoarch:\nntp-doc-4.2.6p5-22.el7_2.1.noarch.rpm\nntp-perl-4.2.6p5-22.el7_2.1.noarch.rpm\n\nx86_64:\nntp-debuginfo-4.2.6p5-22.el7_2.1.x86_64.rpm\nsntp-4.2.6p5-22.el7_2.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nntp-4.2.6p5-22.el7_2.1.src.rpm\n\nppc64:\nntp-4.2.6p5-22.el7_2.1.ppc64.rpm\nntp-debuginfo-4.2.6p5-22.el7_2.1.ppc64.rpm\nntpdate-4.2.6p5-22.el7_2.1.ppc64.rpm\n\nppc64le:\nntp-4.2.6p5-22.el7_2.1.ppc64le.rpm\nntp-debuginfo-4.2.6p5-22.el7_2.1.ppc64le.rpm\nntpdate-4.2.6p5-22.el7_2.1.ppc64le.rpm\n\ns390x:\nntp-4.2.6p5-22.el7_2.1.s390x.rpm\nntp-debuginfo-4.2.6p5-22.el7_2.1.s390x.rpm\nntpdate-4.2.6p5-22.el7_2.1.s390x.rpm\n\nx86_64:\nntp-4.2.6p5-22.el7_2.1.x86_64.rpm\nntp-debuginfo-4.2.6p5-22.el7_2.1.x86_64.rpm\nntpdate-4.2.6p5-22.el7_2.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nnoarch:\nntp-doc-4.2.6p5-22.el7_2.1.noarch.rpm\nntp-perl-4.2.6p5-22.el7_2.1.noarch.rpm\n\nppc64:\nntp-debuginfo-4.2.6p5-22.el7_2.1.ppc64.rpm\nsntp-4.2.6p5-22.el7_2.1.ppc64.rpm\n\nppc64le:\nntp-debuginfo-4.2.6p5-22.el7_2.1.ppc64le.rpm\nsntp-4.2.6p5-22.el7_2.1.ppc64le.rpm\n\ns390x:\nntp-debuginfo-4.2.6p5-22.el7_2.1.s390x.rpm\nsntp-4.2.6p5-22.el7_2.1.s390x.rpm\n\nx86_64:\nntp-debuginfo-4.2.6p5-22.el7_2.1.x86_64.rpm\nsntp-4.2.6p5-22.el7_2.1.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nntp-4.2.6p5-22.el7_2.1.src.rpm\n\nx86_64:\nntp-4.2.6p5-22.el7_2.1.x86_64.rpm\nntp-debuginfo-4.2.6p5-22.el7_2.1.x86_64.rpm\nntpdate-4.2.6p5-22.el7_2.1.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nnoarch:\nntp-doc-4.2.6p5-22.el7_2.1.noarch.rpm\nntp-perl-4.2.6p5-22.el7_2.1.noarch.rpm\n\nx86_64:\nntp-debuginfo-4.2.6p5-22.el7_2.1.x86_64.rpm\nsntp-4.2.6p5-22.el7_2.1.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2015-8138\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFWpijmXlSAg2UNWIIRAlKDAJ9cuPIz/2ne6I5rsDoKlg2rFxFKlQCbBhEi\nh+3u/C5uuGO6PsIJukpD32I=\n=Osu4\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n\n\nHere are the details from the Slackware 14.1 ChangeLog:\n+--------------------------+\npatches/packages/ntp-4.2.8p7-i486-1_slack14.1.txz: Upgraded. \n This release patches several low and medium severity security issues:\n CVE-2016-1551: Refclock impersonation vulnerability, AKA: refclock-peering\n CVE-2016-1549: Sybil vulnerability: ephemeral association attack,\n AKA: ntp-sybil - MITIGATION ONLY\n CVE-2016-2516: Duplicate IPs on unconfig directives will cause an assertion\n botch\n CVE-2016-2517: Remote configuration trustedkey/requestkey values are not\n properly validated\n CVE-2016-2518: Crafted addpeer with hmode \u003e 7 causes array wraparound with\n MATCH_ASSOC\n CVE-2016-2519: ctl_getitem() return value not always checked\n CVE-2016-1547: Validate crypto-NAKs, AKA: nak-dos\n CVE-2016-1548: Interleave-pivot - MITIGATION ONLY\n CVE-2015-7704: KoD fix: peer associations were broken by the fix for\n NtpBug2901, AKA: Symmetric active/passive mode is broken\n CVE-2015-8138: Zero Origin Timestamp Bypass, AKA: Additional KoD Checks\n CVE-2016-1550: Improve NTP security against buffer comparison timing attacks,\n authdecrypt-timing, AKA: authdecrypt-timing\n For more information, see:\n http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7704\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8138\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1547\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1548\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1549\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1550\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1551\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2516\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2517\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2518\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2519\n (* Security fix *)\n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated package for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/ntp-4.2.8p7-i486-1_slack13.0.txz\n\nUpdated package for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/ntp-4.2.8p7-x86_64-1_slack13.0.txz\n\nUpdated package for Slackware 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/ntp-4.2.8p7-i486-1_slack13.1.txz\n\nUpdated package for Slackware x86_64 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/ntp-4.2.8p7-x86_64-1_slack13.1.txz\n\nUpdated package for Slackware 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/ntp-4.2.8p7-i486-1_slack13.37.txz\n\nUpdated package for Slackware x86_64 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/ntp-4.2.8p7-x86_64-1_slack13.37.txz\n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/ntp-4.2.8p7-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/ntp-4.2.8p7-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/ntp-4.2.8p7-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/ntp-4.2.8p7-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/ntp-4.2.8p7-i586-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/ntp-4.2.8p7-x86_64-1.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 13.0 package:\n785dc2ef5f80edb28dc781e261c3fe3f ntp-4.2.8p7-i486-1_slack13.0.txz\n\nSlackware x86_64 13.0 package:\n899421096b7b63e6cb269f8b01dfd875 ntp-4.2.8p7-x86_64-1_slack13.0.txz\n\nSlackware 13.1 package:\ndfd34cbd31be3572a2bcae7f59cdfd91 ntp-4.2.8p7-i486-1_slack13.1.txz\n\nSlackware x86_64 13.1 package:\n63c4b31736040e7950361cd0d7081c8b ntp-4.2.8p7-x86_64-1_slack13.1.txz\n\nSlackware 13.37 package:\ne760ae0c6cc3fa933e4d65d6995b0c84 ntp-4.2.8p7-i486-1_slack13.37.txz\n\nSlackware x86_64 13.37 package:\naa448523b27bb4fcccc2f46cf4d72bc5 ntp-4.2.8p7-x86_64-1_slack13.37.txz\n\nSlackware 14.0 package:\n3bc7e54a4164a4f91be996b5cf2e643e ntp-4.2.8p7-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\n0f6ea4dae476709f26f5d0e33378576c ntp-4.2.8p7-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\ndbe827ee7ece6ce5ca083cdd5960162c ntp-4.2.8p7-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\n89f3edf183a6a9847d69b8349f98c901 ntp-4.2.8p7-x86_64-1_slack14.1.txz\n\nSlackware -current package:\n4018b86edd15e40e8c5e9f50d907dcff n/ntp-4.2.8p7-i586-1.txz\n\nSlackware x86_64 -current package:\n7dd6b64ba8c9fdaebb7becc1f5c3963d n/ntp-4.2.8p7-x86_64-1.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the package as root:\n# upgradepkg ntp-4.2.8p7-i486-1_slack14.1.txz\n\nThen, restart the NTP daemon:\n\n# sh /etc/rc.d/rc.ntpd restart\n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list: |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message: |\n| |\n| unsubscribe slackware-security |\n| |\n| You will get a confirmation message back containing instructions to |\n| complete the process. Please do not reply to this email address. \n\nReferences:\n\n - CVE-2015-7973 - ntp\n - CVE-2015-7974 - ntp\n - CVE-2015-7975 - ntp\n - CVE-2015-7979 - ntp\n - CVE-2015-8138 - ntp\n - CVE-2015-8158 - ntp\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \n\nCVE-2015-8138\n\n Matthew van Gundy and Jonathan Gardner discovered that missing\n validation of origin timestamps in ntpd clients may result in denial\n of service. \n\nCVE-2015-8158\n\n Jonathan Gardner discovered that missing input sanitising in ntpq\n may result in denial of service. \n\nCVE-2016-1547\n\n Stephen Gray and Matthew van Gundy discovered that incorrect handling\n of crypto NAK packets my result in denial of service. \n\nCVE-2016-1548\n\n Jonathan Gardner and Miroslav Lichvar discovered that ntpd clients\n could be forced to change from basic client/server mode to interleaved\n symmetric mode, preventing time synchronisation. \n\nCVE-2016-1550\n\n Matthew van Gundy, Stephen Gray and Loganaden Velvindron discovered\n that timing leaks in the the packet authentication code could result\n in recovery of a message digest. \n\nCVE-2016-2516\n\n Yihan Lian discovered that duplicate IPs on \"unconfig\" directives will\n trigger an assert. \n\nCVE-2016-2518\n\n Yihan Lian discovered that an OOB memory access could potentially\n crash ntpd. \n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 1:4.2.6.p5+dfsg-7+deb8u2. \n\nFor the testing distribution (stretch), these problems have been fixed\nin version 1:4.2.8p7+dfsg-1. \n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1:4.2.8p7+dfsg-1. \n\nWe recommend that you upgrade your ntp packages. \nCorrected: 2016-01-22 15:55:21 UTC (stable/10, 10.2-STABLE)\n 2016-01-27 07:41:31 UTC (releng/10.2, 10.2-RELEASE-p11)\n 2016-01-27 07:41:31 UTC (releng/10.1, 10.1-RELEASE-p28)\n 2016-01-22 15:56:35 UTC (stable/9, 9.3-STABLE)\n 2016-01-27 07:42:11 UTC (releng/9.3, 9.3-RELEASE-p35)\nCVE Name: CVE-2015-7973, CVE-2015-7974, CVE-2015-7975, CVE-2015-7976,\n CVE-2015-7977, CVE-2015-7978, CVE-2015-7979, CVE-2015-8138,\n CVE-2015-8139, CVE-2015-8140, CVE-2015-8158\n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit \u003cURL:https://security.FreeBSD.org/\u003e. \n\nII. Problem Description\n\nMultiple vulnerabilities have been discovered in ntp 4.2.8p5:\n\nPotential Infinite Loop in ntpq. [CVE-2015-8138]\n\nOff-path Denial of Service (DoS) attack on authenticated broadcast mode. \n[CVE-2015-7979]\n\nStack exhaustion in recursive traversal of restriction list. [CVE-2015-7978]\n\nreslist NULL pointer dereference. [CVE-2015-7977]\n\nntpq saveconfig command allows dangerous characters in filenames. \n[CVE-2015-7976]\n\nnextvar() missing length check. [CVE-2015-7975]\n\nSkeleton Key: Missing key check allows impersonation between authenticated\npeers. [CVE-2015-7974]\n\nDeja Vu: Replay attack on authenticated broadcast mode. [CVE-2015-7973]\n\nntpq vulnerable to replay attacks. [CVE-2015-8140]\n\nOrigin Leak: ntpq and ntpdc, disclose origin. [CVE-2015-8139]\n\nIII. Impact\n\nA malicious NTP server, or an attacker who can conduct MITM attack by\nintercepting NTP query traffic, may be able to cause a ntpq client to\ninfinitely loop. [CVE-2015-8158]\n\nA malicious NTP server, or an attacker who can conduct MITM attack by\nintercepting NTP query traffic, may be able to prevent a ntpd(8) daemon\nto distinguish between legitimate peer responses from forgeries. This\ncan partially be mitigated by configuring multiple time sources. \n[CVE-2015-8138]\n\nAn off-path attacker who can send broadcast packets with bad\nauthentication (wrong key, mismatched key, incorrect MAC, etc) to\nbroadcast clients can cause these clients to tear down associations. \n[CVE-2015-7979]\n\nAn attacker who can send unauthenticated \u0027reslist\u0027 command to a NTP\nserver may cause it to crash, resulting in a denial of service\ncondition due to stack exhaustion [CVE-2015-7978] or a NULL pointer\ndereference [CVE-2015-7977]. \n\nAn attacker who can send \u0027modify\u0027 requests to a NTP server may be\nable to create file that contain dangerous characters in their name,\nwhich could cause dangerous behavior in a later shell invocation. \n[CVE-2015-7976] \n\nA remote attacker may be able to crash a ntpq client. [CVE-2015-7975]\n\nA malicious server which holds a trusted key may be able to\nimpersonate other trusted servers in an authenticated configuration. \n[CVE-2015-7974]\n\nA man-in-the-middle attacker or a malicious participant that has the\nsame trusted keys as the victim can replay time packets if the NTP\nnetwork is configured for broadcast operations. [CVE-2015-7973]\n\nThe ntpq protocol is vulnerable to replay attacks which may be used\nto e.g. re-establish an association to malicious server. [CVE-2015-8140]\n\nAn attacker who can intercept NTP traffic can easily forge live server\nresponses. [CVE-2015-8139]\n\nIV. Workaround\n\nNo workaround is available, but systems not running ntpd(8) are not\naffected. Network administrators are advised to implement BCP-38,\nwhich helps to reduce risk associated with the attacks. \n\nV. Solution\n\nPerform one of the following:\n\n1) Upgrade your vulnerable system to a supported FreeBSD stable or\nrelease / security branch (releng) dated after the correction date. A reboot is\nrecommended but not required. \n\n2) To update your vulnerable system via a binary patch:\n\nSystems running a RELEASE version of FreeBSD on the i386 or amd64\nplatforms can be updated via the freebsd-update(8) utility:\n\n# freebsd-update fetch\n# freebsd-update install\n\nThe ntpd service has to be restarted after the update. A reboot is\nrecommended but not required. \n\n3) To update your vulnerable system via a source code patch:\n\nThe following patches have been verified to apply to the applicable\nFreeBSD release branches. \n\na) Download the relevant patch from the location below, and verify the\ndetached PGP signature using your PGP utility. \n\n# fetch https://security.FreeBSD.org/patches/SA-16:09/ntp.patch\n# fetch https://security.FreeBSD.org/patches/SA-16:09/ntp.patch.asc\n# gpg --verify ntp.patch.asc\n\nb) Apply the patch. Execute the following commands as root:\n\n# cd /usr/src\n# patch \u003c /path/to/patch\n\nc) Recompile the operating system using buildworld and installworld as\ndescribed in \u003cURL:https://www.FreeBSD.org/handbook/makeworld.html\u003e. \n\nRestart the applicable daemons, or reboot the system. \n\nVI. Correction details\n\nThe following list contains the correction revision numbers for each\naffected branch. \n\nBranch/path Revision\n- -------------------------------------------------------------------------\nstable/9/ r294570\nreleng/9.3/ r294905\nstable/10/ r294569\nreleng/10.1/ r294904\nreleng/10.2/ r294904\n- -------------------------------------------------------------------------\n\nTo see which files were modified by a particular revision, run the\nfollowing command, replacing NNNNNN with the revision number, on a\nmachine with Subversion installed:\n\n# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base\n\nOr visit the following URL, replacing NNNNNN with the revision number:\n\n\u003cURL:https://svnweb.freebsd.org/base?view=revision\u0026revision=NNNNNN\u003e\n\nVII",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-8138"
},
{
"db": "CERT/CC",
"id": "VU#718152"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007359"
},
{
"db": "BID",
"id": "81811"
},
{
"db": "VULMON",
"id": "CVE-2015-8138"
},
{
"db": "PACKETSTORM",
"id": "142689"
},
{
"db": "PACKETSTORM",
"id": "137992"
},
{
"db": "PACKETSTORM",
"id": "135358"
},
{
"db": "PACKETSTORM",
"id": "136864"
},
{
"db": "PACKETSTORM",
"id": "143414"
},
{
"db": "PACKETSTORM",
"id": "138052"
},
{
"db": "PACKETSTORM",
"id": "135401"
}
],
"trust": 3.33
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#718152",
"trust": 3.6
},
{
"db": "NVD",
"id": "CVE-2015-8138",
"trust": 3.5
},
{
"db": "BID",
"id": "81811",
"trust": 2.0
},
{
"db": "SIEMENS",
"id": "SSA-497656",
"trust": 1.7
},
{
"db": "SIEMENS",
"id": "SSA-211752",
"trust": 1.7
},
{
"db": "ICS CERT",
"id": "ICSA-21-103-11",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1034782",
"trust": 1.7
},
{
"db": "JVN",
"id": "JVNVU95781418",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU96269392",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU91176422",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007359",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-21-159-11",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021061008",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201601-668",
"trust": 0.6
},
{
"db": "JUNIPER",
"id": "JSA10776",
"trust": 0.3
},
{
"db": "TALOS",
"id": "TALOS-2016-0077",
"trust": 0.3
},
{
"db": "VULMON",
"id": "CVE-2015-8138",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "142689",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "137992",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "135358",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136864",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "143414",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "138052",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "135401",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#718152"
},
{
"db": "VULMON",
"id": "CVE-2015-8138"
},
{
"db": "BID",
"id": "81811"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007359"
},
{
"db": "PACKETSTORM",
"id": "142689"
},
{
"db": "PACKETSTORM",
"id": "137992"
},
{
"db": "PACKETSTORM",
"id": "135358"
},
{
"db": "PACKETSTORM",
"id": "136864"
},
{
"db": "PACKETSTORM",
"id": "143414"
},
{
"db": "PACKETSTORM",
"id": "138052"
},
{
"db": "PACKETSTORM",
"id": "135401"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-668"
},
{
"db": "NVD",
"id": "CVE-2015-8138"
}
]
},
"id": "VAR-201701-1135",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.33987721
},
"last_update_date": "2024-07-23T19:54:24.472000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "RHSA-2016",
"trust": 0.8,
"url": "http://support.ntp.org/bin/view/main/ntpbug2945"
},
{
"title": "NTP Enter the fix for the verification error vulnerability",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=147385"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2016/10/28/researchers_tag_new_brace_of_bugs_in_ntp_but_theyre_fixable/"
},
{
"title": "Red Hat: CVE-2015-8138",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2015-8138"
},
{
"title": "Brocade Security Advisories: BSA-2017-257",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=brocade_security_advisories\u0026qid=f9a3761f4e4c3763091ffa2496cb5def"
},
{
"title": "Amazon Linux AMI: ALAS-2016-649",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2016-649"
},
{
"title": "Ubuntu Security Notice: ntp vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3096-1"
},
{
"title": "Siemens Security Advisories: Siemens Security Advisory",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=e70fe4cd19746222a97e5da53d3d2b2a"
},
{
"title": "Siemens Security Advisories: Siemens Security Advisory",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=85311fa037162a48cd67fd63f52a6478"
},
{
"title": "Symantec Security Advisories: SA113 : January 2016 NTP Security Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=1a84824eac476a84dbbcf797d2d35a1f"
},
{
"title": "Cisco: Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products: January 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20160127-ntpd"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - July 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=3a04485ebb79f7fbc2472bf9af5ce489"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - April 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=976a4da35d55283870dbb31b88a6c655"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - January 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=eb439566c9130adc92d21bc093204cf8"
},
{
"title": "Oracle Linux Bulletins: Oracle Linux Bulletin - January 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=8ad80411af3e936eb2998df70506cc71"
},
{
"title": "satellite-host-cve",
"trust": 0.1,
"url": "https://github.com/redhatsatellite/satellite-host-cve "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-8138"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007359"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-668"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.0
},
{
"problemtype": "Incorrect input confirmation (CWE-20) [NVD Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-007359"
},
{
"db": "NVD",
"id": "CVE-2015-8138"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.9,
"url": "https://www.kb.cert.org/vuls/id/718152"
},
{
"trust": 2.5,
"url": "http://support.ntp.org/bin/view/main/securitynotice#april_2016_ntp_4_2_8p7_security"
},
{
"trust": 2.3,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11"
},
{
"trust": 2.0,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160428-ntpd"
},
{
"trust": 1.8,
"url": "https://security.gentoo.org/glsa/201607-15"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/81811"
},
{
"trust": 1.8,
"url": "http://rhn.redhat.com/errata/rhsa-2016-0063.html"
},
{
"trust": 1.7,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20161123-ntpd"
},
{
"trust": 1.7,
"url": "https://bto.bluecoat.com/security-advisory/sa113"
},
{
"trust": 1.7,
"url": "http://www.ubuntu.com/usn/usn-3096-1"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1034782"
},
{
"trust": 1.7,
"url": "http://www.debian.org/security/2016/dsa-3629"
},
{
"trust": 1.7,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160127-ntpd"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00038.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00060.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00059.html"
},
{
"trust": 1.7,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-january/176434.html"
},
{
"trust": 1.7,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-february/177507.html"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"trust": 1.7,
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03750en_us"
},
{
"trust": 1.7,
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03766en_us"
},
{
"trust": 1.7,
"url": "https://security.netapp.com/advisory/ntap-20171031-0001/"
},
{
"trust": 1.7,
"url": "https://security.netapp.com/advisory/ntap-20171004-0002/"
},
{
"trust": 1.7,
"url": "https://security.freebsd.org/advisories/freebsd-sa-16:09.ntp.asc"
},
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf"
},
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf"
},
{
"trust": 1.6,
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1332-security-advisory-19"
},
{
"trust": 1.1,
"url": "http://support.ntp.org/bin/view/main/securitynotice#january_2016_ntp_4_2_8p6_securit"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu91176422/"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu96269392/index.html"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu95781418/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-8138"
},
{
"trust": 0.6,
"url": "http://support.ntp.org/bin/view/main/ntpbug2945"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-8138"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021061008"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7974"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7979"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7973"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7975"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-8158"
},
{
"trust": 0.3,
"url": "http://www.talosintel.com/reports/talos-2016-0077/"
},
{
"trust": 0.3,
"url": "http://www.ntp.org"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"trust": 0.3,
"url": "https://www.freebsd.org/security/advisories/freebsd-sa-16:09.ntp.asc"
},
{
"trust": 0.3,
"url": "isg3t1023874"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1024073"
},
{
"trust": 0.3,
"url": "https://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10776\u0026cat=sirt_1\u0026actp=list"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5099470"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1023874"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5099425"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005821"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21979393"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21980676"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21983501"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21983506"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1021264"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1547"
},
{
"trust": 0.2,
"url": "http://www.hpe.com/support/security_bulletin_archive"
},
{
"trust": 0.2,
"url": "https://www.hpe.com/info/report-security-vulnerability"
},
{
"trust": 0.2,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c01345499"
},
{
"trust": 0.2,
"url": "http://www.hpe.com/support/subscriber_choice"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7978"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7704"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7977"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7976"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1548"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2516"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1550"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2518"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/20.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.theregister.co.uk/2016/10/28/researchers_tag_new_brace_of_bugs_in_ntp_but_theyre_fixable/"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/3096-1/"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-hpesbhf03750en_us"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7871"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7702"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7705"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1549"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7702"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7849"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7852"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7978"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-8140"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7855"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7852"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1551"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2516"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7975"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7848"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-8139"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8158"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4954"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4956"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7973"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7853"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7701"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7704"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8140"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7691"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8139"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4957"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7703"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7855"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4955"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7849"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7854"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7703"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7705"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2517"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1548"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7691"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1547"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7854"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7853"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2519"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2518"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7851"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7692"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7871"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7977"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7848"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1550"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7850"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7850"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7701"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7692"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8138"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7979"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7974"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7851"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4953"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7976"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-8138"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2516"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7704"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1551"
},
{
"trust": 0.1,
"url": "http://slackware.com"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2519"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2517"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2519"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1547"
},
{
"trust": 0.1,
"url": "http://slackware.com/gpg-key"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-8138"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2518"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1549"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1551"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1550"
},
{
"trust": 0.1,
"url": "http://support.ntp.org/bin/view/main/securitynotice#recent_vulnerabilities"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2517"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1548"
},
{
"trust": 0.1,
"url": "http://osuosl.org)"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1549"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-hpesbhf03766en_us"
},
{
"trust": 0.1,
"url": "http://h20565.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-a00006123en_"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/advisories/freebsd-sa-16:09.ntp.asc\u003e"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?cve-2015-7975\u003e"
},
{
"trust": 0.1,
"url": "https://svnweb.freebsd.org/base?view=revision\u0026revision=nnnnnn\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-16:09/ntp.patch.asc"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-16:09/ntp.patch"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?cve-2015-7977\u003e"
},
{
"trust": 0.1,
"url": "http://support.ntp.org/bin/view/main/securitynotice#january_2016_ntp_4_2_8p6_securit\u003e"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?cve-2015-8138\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/\u003e."
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?cve-2015-7976\u003e"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?cve-2015-7974\u003e"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?cve-2015-8158\u003e"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?cve-2015-7978\u003e"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?cve-2015-8140\u003e"
},
{
"trust": 0.1,
"url": "https://www.freebsd.org/handbook/makeworld.html\u003e."
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?cve-2015-7973\u003e"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?cve-2015-8139\u003e"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?cve-2015-7979\u003e"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#718152"
},
{
"db": "VULMON",
"id": "CVE-2015-8138"
},
{
"db": "BID",
"id": "81811"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007359"
},
{
"db": "PACKETSTORM",
"id": "142689"
},
{
"db": "PACKETSTORM",
"id": "137992"
},
{
"db": "PACKETSTORM",
"id": "135358"
},
{
"db": "PACKETSTORM",
"id": "136864"
},
{
"db": "PACKETSTORM",
"id": "143414"
},
{
"db": "PACKETSTORM",
"id": "138052"
},
{
"db": "PACKETSTORM",
"id": "135401"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-668"
},
{
"db": "NVD",
"id": "CVE-2015-8138"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#718152"
},
{
"db": "VULMON",
"id": "CVE-2015-8138"
},
{
"db": "BID",
"id": "81811"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007359"
},
{
"db": "PACKETSTORM",
"id": "142689"
},
{
"db": "PACKETSTORM",
"id": "137992"
},
{
"db": "PACKETSTORM",
"id": "135358"
},
{
"db": "PACKETSTORM",
"id": "136864"
},
{
"db": "PACKETSTORM",
"id": "143414"
},
{
"db": "PACKETSTORM",
"id": "138052"
},
{
"db": "PACKETSTORM",
"id": "135401"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-668"
},
{
"db": "NVD",
"id": "CVE-2015-8138"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-04-27T00:00:00",
"db": "CERT/CC",
"id": "VU#718152"
},
{
"date": "2017-01-30T00:00:00",
"db": "VULMON",
"id": "CVE-2015-8138"
},
{
"date": "2016-01-20T00:00:00",
"db": "BID",
"id": "81811"
},
{
"date": "2017-02-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-007359"
},
{
"date": "2017-05-26T13:25:15",
"db": "PACKETSTORM",
"id": "142689"
},
{
"date": "2016-07-21T15:56:23",
"db": "PACKETSTORM",
"id": "137992"
},
{
"date": "2016-01-25T16:56:39",
"db": "PACKETSTORM",
"id": "135358"
},
{
"date": "2016-05-02T21:38:58",
"db": "PACKETSTORM",
"id": "136864"
},
{
"date": "2017-07-20T22:22:00",
"db": "PACKETSTORM",
"id": "143414"
},
{
"date": "2016-07-26T19:19:00",
"db": "PACKETSTORM",
"id": "138052"
},
{
"date": "2016-01-27T17:24:36",
"db": "PACKETSTORM",
"id": "135401"
},
{
"date": "2016-01-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-668"
},
{
"date": "2017-01-30T21:59:00.723000",
"db": "NVD",
"id": "CVE-2015-8138"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-04-28T00:00:00",
"db": "CERT/CC",
"id": "VU#718152"
},
{
"date": "2021-06-08T00:00:00",
"db": "VULMON",
"id": "CVE-2015-8138"
},
{
"date": "2017-05-02T01:08:00",
"db": "BID",
"id": "81811"
},
{
"date": "2021-06-10T08:55:00",
"db": "JVNDB",
"id": "JVNDB-2015-007359"
},
{
"date": "2021-11-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-668"
},
{
"date": "2021-11-17T22:15:45.170000",
"db": "NVD",
"id": "CVE-2015-8138"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "135358"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-668"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NTP.org ntpd contains multiple vulnerabilities",
"sources": [
{
"db": "CERT/CC",
"id": "VU#718152"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-668"
}
],
"trust": 0.6
}
}
VAR-201611-0386
Vulnerability from variot - Updated: 2024-07-23 19:42Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW.". Linux kernel is prone to a local privilege-escalation vulnerability. Local attackers may exploit this issue to gain elevated privileges. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: kernel-rt security update Advisory ID: RHSA-2016:2110-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-2110.html Issue date: 2016-10-26 CVE Names: CVE-2016-5195 CVE-2016-7039 =====================================================================
- Summary:
An update for kernel-rt is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Realtime (v. 7) - noarch, x86_64 Red Hat Enterprise Linux for Real Time for NFV (v. 7) - noarch, x86_64
- Description:
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. An unprivileged, local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system. (CVE-2016-5195, Important)
- Linux kernel built with the 802.1Q/802.1ad VLAN(CONFIG_VLAN_8021Q) OR Virtual eXtensible Local Area Network(CONFIG_VXLAN) with Transparent Ethernet Bridging(TEB) GRO support, is vulnerable to a stack overflow issue. It could occur while receiving large packets via GRO path; As an unlimited recursion could unfold in both VLAN and TEB modules, leading to a stack corruption in the kernel. (CVE-2016-7039, Important)
Red Hat would like to thank Phil Oester for reporting CVE-2016-5195.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
- Bugs fixed (https://bugzilla.redhat.com/):
1375944 - CVE-2016-7039 kernel: remotely triggerable unbounded recursion in the vlan gro code leading to a kernel crash 1384344 - CVE-2016-5195 kernel: mm: privilege escalation via MAP_PRIVATE COW breakage
- Package List:
Red Hat Enterprise Linux for Real Time for NFV (v. 7):
Source: kernel-rt-3.10.0-327.36.3.rt56.238.el7.src.rpm
noarch: kernel-rt-doc-3.10.0-327.36.3.rt56.238.el7.noarch.rpm
x86_64: kernel-rt-3.10.0-327.36.3.rt56.238.el7.x86_64.rpm kernel-rt-debug-3.10.0-327.36.3.rt56.238.el7.x86_64.rpm kernel-rt-debug-debuginfo-3.10.0-327.36.3.rt56.238.el7.x86_64.rpm kernel-rt-debug-devel-3.10.0-327.36.3.rt56.238.el7.x86_64.rpm kernel-rt-debug-kvm-3.10.0-327.36.3.rt56.238.el7.x86_64.rpm kernel-rt-debug-kvm-debuginfo-3.10.0-327.36.3.rt56.238.el7.x86_64.rpm kernel-rt-debuginfo-3.10.0-327.36.3.rt56.238.el7.x86_64.rpm kernel-rt-debuginfo-common-x86_64-3.10.0-327.36.3.rt56.238.el7.x86_64.rpm kernel-rt-devel-3.10.0-327.36.3.rt56.238.el7.x86_64.rpm kernel-rt-kvm-3.10.0-327.36.3.rt56.238.el7.x86_64.rpm kernel-rt-kvm-debuginfo-3.10.0-327.36.3.rt56.238.el7.x86_64.rpm kernel-rt-trace-3.10.0-327.36.3.rt56.238.el7.x86_64.rpm kernel-rt-trace-debuginfo-3.10.0-327.36.3.rt56.238.el7.x86_64.rpm kernel-rt-trace-devel-3.10.0-327.36.3.rt56.238.el7.x86_64.rpm kernel-rt-trace-kvm-3.10.0-327.36.3.rt56.238.el7.x86_64.rpm kernel-rt-trace-kvm-debuginfo-3.10.0-327.36.3.rt56.238.el7.x86_64.rpm
Red Hat Enterprise Linux Realtime (v. 7):
Source: kernel-rt-3.10.0-327.36.3.rt56.238.el7.src.rpm
noarch: kernel-rt-doc-3.10.0-327.36.3.rt56.238.el7.noarch.rpm
x86_64: kernel-rt-3.10.0-327.36.3.rt56.238.el7.x86_64.rpm kernel-rt-debug-3.10.0-327.36.3.rt56.238.el7.x86_64.rpm kernel-rt-debug-debuginfo-3.10.0-327.36.3.rt56.238.el7.x86_64.rpm kernel-rt-debug-devel-3.10.0-327.36.3.rt56.238.el7.x86_64.rpm kernel-rt-debuginfo-3.10.0-327.36.3.rt56.238.el7.x86_64.rpm kernel-rt-debuginfo-common-x86_64-3.10.0-327.36.3.rt56.238.el7.x86_64.rpm kernel-rt-devel-3.10.0-327.36.3.rt56.238.el7.x86_64.rpm kernel-rt-trace-3.10.0-327.36.3.rt56.238.el7.x86_64.rpm kernel-rt-trace-debuginfo-3.10.0-327.36.3.rt56.238.el7.x86_64.rpm kernel-rt-trace-devel-3.10.0-327.36.3.rt56.238.el7.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2016-5195 https://access.redhat.com/security/cve/CVE-2016-7039 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/2706661
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFYEKKsXlSAg2UNWIIRAmI+AJkB5tkOU2r9pjWJ4cYCSD9mtyJFBwCgt+er yvfTfHwrbVXZfa/y1n2XeMs= =LaOt -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn03722en_us
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: hpesbgn03722en_us Version: 1
HPESBGN03722 rev.1 - HPE Operations Agent, Local Escalation of Privilege
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2017-03-30 Last Updated: 2017-03-30
Potential Security Impact: Local: Escalation of Privilege
Source: Hewlett Packard Enterprise, Product Security Response Team
VULNERABILITY SUMMARY A security vulnerability in Linux kernel, also known as "Dirty COW", has been addressed in HPE Operations Agent. This vulnerability could be exploited locally to allow escalation of privilege.
References:
- CVE-2016-5195 - Linux kernel vulnerability, Dirty "COW"
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
- HPE Operations agent software - v11.11, v11.12, v11.13, v11.14
BACKGROUND
CVSS Base Metrics ================= Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector
CVE-2016-5195
7.8 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.2 (AV:L/AC:L/Au:N/C:C/I:C/A:C)
Information on CVSS is documented in
HPE Customer Notice HPSN-2008-002 here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499
RESOLUTION
HPE has made the following mitigation steps available to resolve the
vulnerability in the impacted versions of HPE Operations Agent. Login to the Operations Agent system with root privileges
2. Update the system using 'yum update kernel' command
3. Reboot the server using '/sbin/shutdown -r now' command
Please contact HPE Technical Support if any assistance is needed regarding the mitigation steps.
HISTORY Version:1 (rev.1) - 30 March 2017 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running Hewlett Packard Enterprise (HPE) software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HPE Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hpe.com.
Report: To report a potential security vulnerability for any HPE supported product: Web form: https://www.hpe.com/info/report-security-vulnerability Email: security-alert@hpe.com
Subscribe: To initiate a subscription to receive future HPE Security Bulletin alerts via Email: http://www.hpe.com/support/Subscriber_Choice
Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://www.hpe.com/support/Security_Bulletin_Archive
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HPE General Software HF = HPE Hardware and Firmware MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PV = ProCurve ST = Storage Software UX = HP-UX
Copyright 2016 Hewlett Packard Enterprise
Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett Packard Enterprise and the names of Hewlett Packard Enterprise products referenced herein are trademarks of Hewlett Packard Enterprise in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. ========================================================================== Ubuntu Security Notice USN-3104-1 October 20, 2016
linux vulnerability
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 LTS
Summary:
The system could be made to run programs as an administrator.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 12.04 LTS: linux-image-3.2.0-113-generic 3.2.0-113.155 linux-image-3.2.0-113-generic-pae 3.2.0-113.155 linux-image-3.2.0-113-highbank 3.2.0-113.155 linux-image-3.2.0-113-omap 3.2.0-113.155 linux-image-3.2.0-113-powerpc-smp 3.2.0-113.155 linux-image-3.2.0-113-powerpc64-smp 3.2.0-113.155 linux-image-3.2.0-113-virtual 3.2.0-113.155
After a standard system update you need to reboot your computer to make all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201611-0386",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "enterprise linux",
"scope": "eq",
"trust": 1.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "3.5"
},
{
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "3.13"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "4.2"
},
{
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "3.11"
},
{
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "4.8"
},
{
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "4.1.35"
},
{
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "4.7.9"
},
{
"model": "enterprise linux aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.2"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "14.04"
},
{
"model": "enterprise linux aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.5"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "16.10"
},
{
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "4.5"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "8.0"
},
{
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "3.4.113"
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.7"
},
{
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "3.3"
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.6"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "12.04"
},
{
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "3.2.83"
},
{
"model": "enterprise linux aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.4"
},
{
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "2.6.22"
},
{
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "3.18.44"
},
{
"model": "enterprise linux long life",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5.6"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "7.0"
},
{
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "4.4.26"
},
{
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "3.17"
},
{
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "3.16.38"
},
{
"model": "enterprise linux long life",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5.9"
},
{
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "3.12.66"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "16.04"
},
{
"model": "enterprise linux tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.5"
},
{
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "3.19"
},
{
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "4.8.3"
},
{
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "3.10.104"
},
{
"model": "paging server",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "0"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.62"
},
{
"model": "msr95x",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0.9.110.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.24.6"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.114"
},
{
"model": "security guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "6.1.11"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "6.1.15"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.117"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.31.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "32.0.1700.95"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.22"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "7.0.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.112"
},
{
"model": "cloudengine v200r001sph002",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": "8800"
},
{
"model": "(comware r2122",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "79007)"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.46"
},
{
"model": "identity manager",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.52"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.28.4"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.89"
},
{
"model": "video surveillance media server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.12"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.36"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.34.13"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.10"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.16"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.80"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.155"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32.15"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.39"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.38.3"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.14"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.11.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.7.4"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5.1.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.26.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32.16"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5.1.131"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.36"
},
{
"model": "nexus",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6"
},
{
"model": "(comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "59507)0"
},
{
"model": "powerkvm",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.25"
},
{
"model": "ip interoperability and collaboration system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cloudengine v100r005c00",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "7800"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.80"
},
{
"model": "5130ei (comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7)0"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "6.1.13"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.12"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "7.0.10"
},
{
"model": "edge digital media player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3400"
},
{
"model": "enterprise linux client optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "cloudengine v100r003c10",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "12800"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.4"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.18.2"
},
{
"model": "cloudengine v100r002c00",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "12800"
},
{
"model": "linux cloudlinuxos",
"scope": "eq",
"trust": 0.3,
"vendor": "cloud",
"version": "7"
},
{
"model": "12900e",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "kernel 3.19-rc7",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.7"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.11"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.6.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.34.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.13"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.31.6"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.27"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.170"
},
{
"model": "pan-os",
"scope": "ne",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "7.0.14"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.38.2"
},
{
"model": "6127xlg",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "jabber guest",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.65"
},
{
"model": "vds recorder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vrealize operations",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.25.4"
},
{
"model": "cloudengine v200r001c00",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "12800"
},
{
"model": "visual quality experience server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "junos space 15.1f2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.11"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.24.4"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.32"
},
{
"model": "pan-os",
"scope": "ne",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "7.1.8"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.2"
},
{
"model": "kernel 4.4-rc1",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"model": "vrealize automation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0"
},
{
"model": "containers for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "virtuozzo",
"version": "4.7"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.24.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "16.10"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.45"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.42"
},
{
"model": "ar3200 v200r006c15",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.31"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "coreos",
"version": "1164.1"
},
{
"model": "helion cloudsystem",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.5"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.121"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.88"
},
{
"model": "kernel 4.1-rc6",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.48"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.3"
},
{
"model": "cloudengine v100r006c00",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "8800"
},
{
"model": "vrealize operations",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.3.0"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.8"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.31"
},
{
"model": "(comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "59307)0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.120"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.63-2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.7.9"
},
{
"model": "linux enterprise server sp2 ltss",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.22"
},
{
"model": "msr3000 (comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7)0"
},
{
"model": "msr2000 (comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7)0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.10"
},
{
"model": "enterprise linux hpc node eus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.7.3"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.38"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.35.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.34"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.1.15"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.49"
},
{
"model": "enterprise linux client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.13.11"
},
{
"model": "junos space 15.1r2.11",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.342"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.4"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.53"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.38.6"
},
{
"model": "scos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.18.3"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.48"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.57"
},
{
"model": "kernel 4.1-rc1",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.48"
},
{
"model": "linux",
"scope": "ne",
"trust": 0.3,
"vendor": "coreos",
"version": "1192.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.37"
},
{
"model": "kernel 3.14-rc4",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "coreos",
"version": "1164.0"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.8.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.4"
},
{
"model": "security guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.16"
},
{
"model": "enterprise linux hpc node eus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.2.3"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.49"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.11"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "6.0.6"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.13"
},
{
"model": "email gateway 7.6.2h968406",
"scope": null,
"trust": 0.3,
"vendor": "mcafee",
"version": null
},
{
"model": "vrealize automation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.2"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "7.1.4"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.66"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.6.8"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.49"
},
{
"model": "common services platform collector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vds-tv streamer",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.31"
},
{
"model": "5510hi",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "6125xlg",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.13.7"
},
{
"model": "pixel xl",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.124"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.17"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.9.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.0.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.169"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.34"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.47"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.14"
},
{
"model": "linux cloudlinuxos",
"scope": "eq",
"trust": 0.3,
"vendor": "cloud",
"version": "6.0"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.405"
},
{
"model": "nexus",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "9"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.26"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.18.22"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.25.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.54"
},
{
"model": "cloudengine v100r005c10",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "6800"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.2"
},
{
"model": "ar3200 v200r008c20spc700",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "linux enterprise server 11-extra",
"scope": null,
"trust": 0.3,
"vendor": "suse",
"version": null
},
{
"model": "security guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.6.11"
},
{
"model": "kernel 3.19-rc",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"model": "linux enterprise module for public cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "12"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.18"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.27.54"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.18.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.21"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.22"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.87"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.16.6"
},
{
"model": "security guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10"
},
{
"model": "vrealize automation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "7.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.46"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32.17"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32.12"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.81"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.90"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.99"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.168"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.11.9"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.2"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "7.0.9"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.53"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.33"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.9"
},
{
"model": "(comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "75007)0"
},
{
"model": "junos space",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.3"
},
{
"model": "propel",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.20"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.41"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.0.997"
},
{
"model": "prime network change and configuration management",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.71"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.16"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0.9.128.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.67"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "6.1.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.40"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.9"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.11"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.30"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.26"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.65"
},
{
"model": "ucs director",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "6.0.5"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.70"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.9"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.17"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.1.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.37"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.14.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.6"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "7.0.12"
},
{
"model": "junos space 15.2r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "(comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "105007)0"
},
{
"model": "kernel 4.4-rc4",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.15"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.7.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.22"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.13.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.14-4"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.81"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.27.26"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.23"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.110"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32.28"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.3.5"
},
{
"model": "kernel 3.9-rc3",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.108"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.17.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.95"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.8"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"model": "powerkvm",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.19"
},
{
"model": "(comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "129007)0"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "7.0.1"
},
{
"model": "kernel 3.13-rc1",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.45"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.9"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.29"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.62"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.5"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.116"
},
{
"model": "msr1000 (comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7)0"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.6.7"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.17"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "coreos",
"version": "1192.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.67"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.17"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.62"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.115"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.6.2"
},
{
"model": "videoscape distribution suite service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.2.8"
},
{
"model": "helion cloudsystem",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.1.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.14"
},
{
"model": "dx series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.5.4"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.56"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.33"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.76"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.12"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.39"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.1"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "kernel 3.9-rc8",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.25.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.2"
},
{
"model": "(comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "79007)0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.78"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.28"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "35.0.1916.155"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.38"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "6.1.2"
},
{
"model": "vrealize operations 6.2.0a",
"scope": null,
"trust": 0.3,
"vendor": "vmware",
"version": null
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.24"
},
{
"model": "cloudengine v100r006c00",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "6800"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.57"
},
{
"model": "kernel",
"scope": "ne",
"trust": 0.3,
"vendor": "linux",
"version": "4.7.9"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.88"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.7.7"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.44"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.27"
},
{
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "12"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.82"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.15"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "6.0.70"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.404"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.1.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.51"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.9"
},
{
"model": "cloudengine v100r005c10",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "12800"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.344"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32.13"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.55"
},
{
"model": "spa122 analog telephone adapter with router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "kernel 3.8-rc1",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"model": "virtuozzo",
"scope": "eq",
"trust": 0.3,
"vendor": "virtuozzo",
"version": "6.0"
},
{
"model": "connected grid routers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.5.2"
},
{
"model": "cloudengine v100r003c10",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "7800"
},
{
"model": "linux enterprise point of sale 11-sp3",
"scope": null,
"trust": 0.3,
"vendor": "suse",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.72"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.18.8"
},
{
"model": "linux enterprise server 12-ltss",
"scope": null,
"trust": 0.3,
"vendor": "suse",
"version": null
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.17"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.21"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.401"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.81"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.14"
},
{
"model": "linux enterprise software development kit sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "12"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "37.0.2062.119"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.54"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.123"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.50"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.37"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.3.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.3.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.25.2"
},
{
"model": "android one",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "7.0.4"
},
{
"model": "email gateway 7.6.405h1165239",
"scope": null,
"trust": 0.3,
"vendor": "mcafee",
"version": null
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.15.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32.10"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.16.36"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.59"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.5.3"
},
{
"model": "cloudengine v200r001c00",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "7800"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.12"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.50"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.8.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.11"
},
{
"model": "kernel 3.19-rc2",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"model": "series digital media players",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44000"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "7"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.113"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32.60"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.35"
},
{
"model": "ata series analog terminal adaptors",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1900"
},
{
"model": "linux enterprise server sp3 ltss",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.40"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux enterprise server for sap",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "12"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.34.14"
},
{
"model": "cloudengine v200r001c00",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "8800"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.48"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.18"
},
{
"model": "(comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "59007)0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.41"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.72"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "6.0.12"
},
{
"model": "unified communications manager session management edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "enterprise linux mrg",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.32"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.6"
},
{
"model": "security guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.75"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.24"
},
{
"model": "linux cloudlinuxos",
"scope": "eq",
"trust": 0.3,
"vendor": "cloud",
"version": "5.0"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.66"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5(.1.131)"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.8"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.23"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.32"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.38"
},
{
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "junos space",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "13.3"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "coreos",
"version": "1153.4"
},
{
"model": "prime access registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.3.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.13.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32.62"
},
{
"model": "linux",
"scope": "ne",
"trust": 0.3,
"vendor": "coreos",
"version": "1122.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.64"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.63"
},
{
"model": "moonshot",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "48.0.2564.116"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.1.11"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.37"
},
{
"model": "junos space 15.2r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.53"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.7"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "7.1.1"
},
{
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "16.04"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.93"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.7"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "7.1"
},
{
"model": "onepk all-in-one virtual machine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux enterprise debuginfo sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.61"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.5.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.41"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "28.0.1500.71"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.1"
},
{
"model": "linux enterprise workstation extension sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "12"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32.6"
},
{
"model": "nexus",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5x"
},
{
"model": "kernel 3.9-rc7",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.27.51"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.11.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.57"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.27.49"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.15.5"
},
{
"model": "fusioncube v100r002c60spc100",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "28.0.1500.95"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.21"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.1.30"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.14.7"
},
{
"model": "vds-tv vault",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cloudengine v100r006c00",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "12800"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.31"
},
{
"model": "kernel 3.11-rc7",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.40"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.35.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.7.8"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "coreos",
"version": "1153.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.9"
},
{
"model": "hsr6600 (comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7)0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1183.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.13"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.0.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.23.14"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.39"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.18"
},
{
"model": "spa232d multi-line dect analog telephone adapter",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.11"
},
{
"model": "chrome os",
"scope": "ne",
"trust": 0.3,
"vendor": "google",
"version": "54.0.2840.79"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.37"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.5"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.171"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.73"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.57"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.79"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.19"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.18"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.1.13"
},
{
"model": "helion cloudsystem",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.0.1"
},
{
"model": "security guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.34.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.73"
},
{
"model": "dcm series d990x digital content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.14-1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.156"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.1"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.1.10"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.56"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.3"
},
{
"model": "leap",
"scope": "eq",
"trust": 0.3,
"vendor": "opensuse",
"version": "42.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.30.3"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.64"
},
{
"model": "(comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "57007)0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.58"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "coreos",
"version": "1192.2"
},
{
"model": "enterprise linux server eus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.33"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.54"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.7.10"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.23"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.56"
},
{
"model": "junos space 14.1r1.9",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "7.0.13"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.14"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.154"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.17"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.25"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.6"
},
{
"model": "linux enterprise server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "12"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32.5"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.172"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.30"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.13"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.9"
},
{
"model": "cloudengine v100r003c00",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "6800"
},
{
"model": "cloudengine v200r001sph002",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": "6800"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "6.0.14"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.15"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.43"
},
{
"model": "vrealize operations",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.1.0"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.35.13"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "33.0.1750.152"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.1.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.18"
},
{
"model": "kernel 3.11-rc1",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"model": "identity manager",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.7"
},
{
"model": "helion cloudsystem",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.1.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32.61"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.43"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.1"
},
{
"model": "enterprise linux server eus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.2"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "7.0.8"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.403"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.26"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.13.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.44"
},
{
"model": "kernel 4.4-rc5",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.10"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.0"
},
{
"model": "vsr (comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7)0"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.18.17"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.35"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.152"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.73"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.55"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.27"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.65"
},
{
"model": "ar3200 v200r006c13",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "kernel 3.0-rc1",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.1"
},
{
"model": "(comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "59207)0"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "7.1.7"
},
{
"model": "smart net total care onprem",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.54"
},
{
"model": "update hotfix",
"scope": "ne",
"trust": 0.3,
"vendor": "virtuozzo",
"version": "6.011"
},
{
"model": "cloudengine v100r005c00",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "6800"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.5.7"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "6.1.9"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32.18"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.22"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32.11"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5"
},
{
"model": "powerkvm update",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.1.3-6513"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "spa112 2-port phone adapter",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos space 16.1r1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.161"
},
{
"model": "vrealize operations",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.9.8"
},
{
"model": "fusioncube v100r002c60rc1",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.42"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "7.1.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.30"
},
{
"model": "ar3200 v200r006c12",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.38.4"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.32"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.23"
},
{
"model": "telepresence video communication server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.43"
},
{
"model": "hsr6800 (comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7)0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "23.0.1271.94"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"model": "powerkvm update",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.23"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.3.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.3"
},
{
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "7"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "coreos",
"version": "1185.0"
},
{
"model": "manager proxy",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "2.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.18.9"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.1.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.41"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.91"
},
{
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "14.04"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.26"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.46"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "6.0.13"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.6.4"
},
{
"model": "kernel 3.7-rc1",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"model": "cloudengine v100r005c10",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "7800"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.31"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.18"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.4"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.19"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.1.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.39"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.17.4"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "6.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0.10.140.0"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.14.5"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.58"
},
{
"model": "propel",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.01"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.28"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.8"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0.9.134.14"
},
{
"model": "ata analog telephone adaptor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1870"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.29"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.10"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "7.1.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.76"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "13.1"
},
{
"model": "expressway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.21"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "6.1.12"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.1"
},
{
"model": "junos space",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.3.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.15"
},
{
"model": "security guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.79"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.15"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.12"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.74"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6.5"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0.9.131.0"
},
{
"model": "edge digital media player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3000"
},
{
"model": "vrealize automation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.2.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32.7"
},
{
"model": "vrealize automation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.2.4.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.63"
},
{
"model": "ar3200 v200r007c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.7"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.16.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.6"
},
{
"model": "cloudengine v100r003c00",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "12800"
},
{
"model": "cloudengine v200r001sph002",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": "12800"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.4.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.27"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.13"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "vds-tv caching nodes",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.5"
},
{
"model": "helion openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.19"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.20"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.55"
},
{
"model": "openstack cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.72"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.12"
},
{
"model": "helion openstack",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4.0.1"
},
{
"model": "ar3200 v200r006c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "series digital media players",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "43000"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.14"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.7.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.16"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.82"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.18.7"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.16.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.6.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.38"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.55"
},
{
"model": "linux enterprise server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.37.2"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "7.1.5"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.90"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.25"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.52"
},
{
"model": "kernel",
"scope": "ne",
"trust": 0.3,
"vendor": "linux",
"version": "4.8.3"
},
{
"model": "linux",
"scope": "ne",
"trust": 0.3,
"vendor": "coreos",
"version": "1185.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.16"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.1.8"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5(.1.6)"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.0"
},
{
"model": "kernel 3.14-rc7",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.18.11"
},
{
"model": "kernel 4.3-rc1",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.14"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.23.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0.9.126.0"
},
{
"model": "kernel 4.1-rc3",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "7.1.3"
},
{
"model": "cloudengine v100r005c00",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "12800"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.6.10"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.25"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.7"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.13.5"
},
{
"model": "propel",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.01"
},
{
"model": "vrealize automation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.1"
},
{
"model": "server bare metal",
"scope": "eq",
"trust": 0.3,
"vendor": "virtuozzo",
"version": "5.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.159"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.0"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.14.4"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.68"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.20"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.34"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.24"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.30"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "7.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.93"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.6.9"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.38"
},
{
"model": "prime collaboration provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.50"
},
{
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "5"
},
{
"model": "nexus series fabric switches aci mode",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9000-0"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.8"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.84"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.0"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.51"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.86"
},
{
"model": "cloudengine v100r006c00",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "7800"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.173"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.29"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.34"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.4"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.7"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "coreos",
"version": "1185.1"
},
{
"model": "manager",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "2.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.21"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.34"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.13.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.45"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.44"
},
{
"model": "helion openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.16.7"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "6.1.16"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.14.37"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "3.1.10"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.14.54"
},
{
"model": "5130hi",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "linux enterprise debuginfo sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "propel",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.10"
},
{
"model": "helion cloudsystem",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "10.0.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.7.2"
},
{
"model": "nexus player",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.20"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.126"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.60"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.16"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.27"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.15"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.6.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.78"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.49"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.8.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.13.9"
},
{
"model": "pixel c",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.26"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.21"
},
{
"model": "cloud object storage",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.19.3"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.1.4"
},
{
"model": "junos space 14.1r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.8"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.20"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.5.6"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32.2"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.7"
},
{
"model": "kernel 4.1-rc7",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.18"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.118"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.75"
},
{
"model": "linux enterprise live patching",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "12"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.58"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.15"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.44"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "6.0.15"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.70"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.52"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.7.5"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.31"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.50"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.2.72"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.1.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.8.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.87"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.35"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.81"
},
{
"model": "pan-os",
"scope": "ne",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "6.1.17"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.92"
},
{
"model": "application policy infrastructure controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.37"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.10"
},
{
"model": "(comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "19507)0"
},
{
"model": "(comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "125007)0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.36"
},
{
"model": "helion cloudsystem",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.0.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.86"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.47"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.60"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.85"
},
{
"model": "ar3200 v200r006c16",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "6"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.0"
},
{
"model": "kernel 3.11-rc4",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "40.0.2214.114"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.24"
},
{
"model": "helion openstack",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.3"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "53.0.2785.103"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.42"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.51"
},
{
"model": "vrealize automation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "7.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.56"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.23.10"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32.3"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.343"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "6.1.14"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.17"
},
{
"model": "kernel",
"scope": "ne",
"trust": 0.3,
"vendor": "linux",
"version": "4.4.26"
},
{
"model": "webex meetings server 2.5mr2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cloudengine v100r003c10",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "6800"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.42"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.7"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "7.0.7"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "52.0.2743.85"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.125"
},
{
"model": "cloudengine v100r002c00",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "6800"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.11"
},
{
"model": "vrealize operations",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.2.1"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.400"
},
{
"model": "junos space",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "1.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.20"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.14.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.19"
},
{
"model": "kernel 3.17-rc3",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"model": "(comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "59407)0"
},
{
"model": "prime service catalog virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "propel",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.11"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32.22"
},
{
"model": "pixel",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "48.0.2564.92"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32.14"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.52"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "7.0.11"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.14"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.35.4"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.18"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "coreos",
"version": "1180.0"
},
{
"model": "prime data center network manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cloudengine v200r001c00",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "6800"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364160"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.51"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.28"
},
{
"model": "mxe series media experience engines",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "35000"
},
{
"model": "nexus 6p",
"scope": null,
"trust": 0.3,
"vendor": "google",
"version": null
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "6.1.3"
},
{
"model": "videoscape distribution suite video recording",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.4.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32.9"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.31.4"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "53.0.2785.144"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.69"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.14.45"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.1.12"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.7"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.36"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.8.9"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.8.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.32.8"
},
{
"model": "email gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.406-3402.103"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.23"
},
{
"model": "webex meetings server mr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "msr4000 (comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7)0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.99.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.29"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.122"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.35"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.1.9"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.36"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.47"
},
{
"model": "helion cloudsystem",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.6"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.77"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.0.98"
},
{
"model": "visual quality experience tools server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "6.1.00"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.119"
},
{
"model": "junos space",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "11.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.17"
},
{
"model": "email gateway 7.6.405h1157986",
"scope": null,
"trust": 0.3,
"vendor": "mcafee",
"version": null
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.30.5"
},
{
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "linux enterprise software development kit sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.17.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.13.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.30.4"
},
{
"model": "linux enterprise debuginfo sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "ar3200 v200r008c20",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.5.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.10"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.6.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.34.3"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.98"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.9"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.3"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.1"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.402"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.13"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.36"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "6.0.9"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "6.1.10"
},
{
"model": "cloudengine v100r003c00",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "7800"
},
{
"model": "(comware r3108p03",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "51307)"
},
{
"model": "cloudengine v200r001sph002",
"scope": "ne",
"trust": 0.3,
"vendor": "huawei",
"version": "7800"
}
],
"sources": [
{
"db": "BID",
"id": "93793"
},
{
"db": "NVD",
"id": "CVE-2016-5195"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.4.113",
"versionStartIncluding": "3.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.2.83",
"versionStartIncluding": "2.6.22",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.10.104",
"versionStartIncluding": "3.5",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.12.66",
"versionStartIncluding": "3.11",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.16.38",
"versionStartIncluding": "3.13",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.18.44",
"versionStartIncluding": "3.17",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.1.35",
"versionStartIncluding": "3.19",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.4.26",
"versionStartIncluding": "4.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.7.9",
"versionStartIncluding": "4.5",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.8.3",
"versionStartIncluding": "4.8",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_tus:6.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:6.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_long_life:5.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_aus:6.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_long_life:5.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_aus:6.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:6.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_aus:6.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-5195"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Phil Oester.",
"sources": [
{
"db": "BID",
"id": "93793"
}
],
"trust": 0.3
},
"cve": "CVE-2016-5195",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CVE-2016-5195",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-5195",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2016-5195",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-5195"
},
{
"db": "NVD",
"id": "CVE-2016-5195"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka \"Dirty COW.\". Linux kernel is prone to a local privilege-escalation vulnerability. \nLocal attackers may exploit this issue to gain elevated privileges. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: kernel-rt security update\nAdvisory ID: RHSA-2016:2110-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2016-2110.html\nIssue date: 2016-10-26\nCVE Names: CVE-2016-5195 CVE-2016-7039 \n=====================================================================\n\n1. Summary:\n\nAn update for kernel-rt is now available for Red Hat Enterprise Linux 7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Realtime (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux for Real Time for NFV (v. 7) - noarch, x86_64\n\n3. Description:\n\nThe kernel-rt packages provide the Real Time Linux Kernel, which enables\nfine-tuning for systems with extremely high determinism requirements. An unprivileged, local user could use this flaw to gain write\naccess to otherwise read-only memory mappings and thus increase their\nprivileges on the system. (CVE-2016-5195, Important)\n\n* Linux kernel built with the 802.1Q/802.1ad VLAN(CONFIG_VLAN_8021Q) OR\nVirtual eXtensible Local Area Network(CONFIG_VXLAN) with Transparent\nEthernet Bridging(TEB) GRO support, is vulnerable to a stack overflow\nissue. It could occur while receiving large packets via GRO path; As an\nunlimited recursion could unfold in both VLAN and TEB modules, leading to a\nstack corruption in the kernel. (CVE-2016-7039, Important)\n\nRed Hat would like to thank Phil Oester for reporting CVE-2016-5195. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1375944 - CVE-2016-7039 kernel: remotely triggerable unbounded recursion in the vlan gro code leading to a kernel crash\n1384344 - CVE-2016-5195 kernel: mm: privilege escalation via MAP_PRIVATE COW breakage\n\n6. Package List:\n\nRed Hat Enterprise Linux for Real Time for NFV (v. 7):\n\nSource:\nkernel-rt-3.10.0-327.36.3.rt56.238.el7.src.rpm\n\nnoarch:\nkernel-rt-doc-3.10.0-327.36.3.rt56.238.el7.noarch.rpm\n\nx86_64:\nkernel-rt-3.10.0-327.36.3.rt56.238.el7.x86_64.rpm\nkernel-rt-debug-3.10.0-327.36.3.rt56.238.el7.x86_64.rpm\nkernel-rt-debug-debuginfo-3.10.0-327.36.3.rt56.238.el7.x86_64.rpm\nkernel-rt-debug-devel-3.10.0-327.36.3.rt56.238.el7.x86_64.rpm\nkernel-rt-debug-kvm-3.10.0-327.36.3.rt56.238.el7.x86_64.rpm\nkernel-rt-debug-kvm-debuginfo-3.10.0-327.36.3.rt56.238.el7.x86_64.rpm\nkernel-rt-debuginfo-3.10.0-327.36.3.rt56.238.el7.x86_64.rpm\nkernel-rt-debuginfo-common-x86_64-3.10.0-327.36.3.rt56.238.el7.x86_64.rpm\nkernel-rt-devel-3.10.0-327.36.3.rt56.238.el7.x86_64.rpm\nkernel-rt-kvm-3.10.0-327.36.3.rt56.238.el7.x86_64.rpm\nkernel-rt-kvm-debuginfo-3.10.0-327.36.3.rt56.238.el7.x86_64.rpm\nkernel-rt-trace-3.10.0-327.36.3.rt56.238.el7.x86_64.rpm\nkernel-rt-trace-debuginfo-3.10.0-327.36.3.rt56.238.el7.x86_64.rpm\nkernel-rt-trace-devel-3.10.0-327.36.3.rt56.238.el7.x86_64.rpm\nkernel-rt-trace-kvm-3.10.0-327.36.3.rt56.238.el7.x86_64.rpm\nkernel-rt-trace-kvm-debuginfo-3.10.0-327.36.3.rt56.238.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Realtime (v. 7):\n\nSource:\nkernel-rt-3.10.0-327.36.3.rt56.238.el7.src.rpm\n\nnoarch:\nkernel-rt-doc-3.10.0-327.36.3.rt56.238.el7.noarch.rpm\n\nx86_64:\nkernel-rt-3.10.0-327.36.3.rt56.238.el7.x86_64.rpm\nkernel-rt-debug-3.10.0-327.36.3.rt56.238.el7.x86_64.rpm\nkernel-rt-debug-debuginfo-3.10.0-327.36.3.rt56.238.el7.x86_64.rpm\nkernel-rt-debug-devel-3.10.0-327.36.3.rt56.238.el7.x86_64.rpm\nkernel-rt-debuginfo-3.10.0-327.36.3.rt56.238.el7.x86_64.rpm\nkernel-rt-debuginfo-common-x86_64-3.10.0-327.36.3.rt56.238.el7.x86_64.rpm\nkernel-rt-devel-3.10.0-327.36.3.rt56.238.el7.x86_64.rpm\nkernel-rt-trace-3.10.0-327.36.3.rt56.238.el7.x86_64.rpm\nkernel-rt-trace-debuginfo-3.10.0-327.36.3.rt56.238.el7.x86_64.rpm\nkernel-rt-trace-devel-3.10.0-327.36.3.rt56.238.el7.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2016-5195\nhttps://access.redhat.com/security/cve/CVE-2016-7039\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/security/vulnerabilities/2706661\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFYEKKsXlSAg2UNWIIRAmI+AJkB5tkOU2r9pjWJ4cYCSD9mtyJFBwCgt+er\nyvfTfHwrbVXZfa/y1n2XeMs=\n=LaOt\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn03722en_us\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: hpesbgn03722en_us\nVersion: 1\n\nHPESBGN03722 rev.1 - HPE Operations Agent, Local Escalation of Privilege\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2017-03-30\nLast Updated: 2017-03-30\n\nPotential Security Impact: Local: Escalation of Privilege\n\nSource: Hewlett Packard Enterprise, Product Security Response Team\n\nVULNERABILITY SUMMARY\nA security vulnerability in Linux kernel, also known as \"Dirty COW\", has been\naddressed in HPE Operations Agent. This vulnerability could be exploited\nlocally to allow escalation of privilege. \n\nReferences:\n\n - CVE-2016-5195 - Linux kernel vulnerability, Dirty \"COW\" \n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \n\n - HPE Operations agent software - v11.11, v11.12, v11.13, v11.14\n\nBACKGROUND\n\n CVSS Base Metrics\n =================\n Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector\n\n CVE-2016-5195\n 7.8 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\n 7.2 (AV:L/AC:L/Au:N/C:C/I:C/A:C)\n\n Information on CVSS is documented in\n HPE Customer Notice HPSN-2008-002 here:\n\nhttps://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499\n\nRESOLUTION\n\nHPE has made the following mitigation steps available to resolve the\nvulnerability in the impacted versions of HPE Operations Agent. Login to the Operations Agent system with root privileges \n2. Update the system using \u0027yum update kernel\u0027 command\n3. Reboot the server using \u0027/sbin/shutdown -r now\u0027 command\n\nPlease contact HPE Technical Support if any assistance is needed regarding\nthe mitigation steps. \n\nHISTORY\nVersion:1 (rev.1) - 30 March 2017 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running Hewlett Packard Enterprise (HPE) software\nproducts should be applied in accordance with the customer\u0027s patch management\npolicy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HPE Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hpe.com. \n\nReport: To report a potential security vulnerability for any HPE supported\nproduct:\n Web form: https://www.hpe.com/info/report-security-vulnerability\n Email: security-alert@hpe.com\n\nSubscribe: To initiate a subscription to receive future HPE Security Bulletin\nalerts via Email: http://www.hpe.com/support/Subscriber_Choice\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here: http://www.hpe.com/support/Security_Bulletin_Archive\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HPE General Software\nHF = HPE Hardware and Firmware\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPV = ProCurve\nST = Storage Software\nUX = HP-UX\n\nCopyright 2016 Hewlett Packard Enterprise\n\nHewlett Packard Enterprise shall not be liable for technical or editorial\nerrors or omissions contained herein. The information provided is provided\n\"as is\" without warranty of any kind. To the extent permitted by law, neither\nHP or its affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. Hewlett\nPackard Enterprise and the names of Hewlett Packard Enterprise products\nreferenced herein are trademarks of Hewlett Packard Enterprise in the United\nStates and other countries. Other product and company names mentioned herein\nmay be trademarks of their respective owners. \n==========================================================================\nUbuntu Security Notice USN-3104-1\nOctober 20, 2016\n\nlinux vulnerability\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 12.04 LTS\n\nSummary:\n\nThe system could be made to run programs as an administrator. \n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 12.04 LTS:\n linux-image-3.2.0-113-generic 3.2.0-113.155\n linux-image-3.2.0-113-generic-pae 3.2.0-113.155\n linux-image-3.2.0-113-highbank 3.2.0-113.155\n linux-image-3.2.0-113-omap 3.2.0-113.155\n linux-image-3.2.0-113-powerpc-smp 3.2.0-113.155\n linux-image-3.2.0-113-powerpc64-smp 3.2.0-113.155\n linux-image-3.2.0-113-virtual 3.2.0-113.155\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. \n\nATTENTION: Due to an unavoidable ABI change the kernel updates have\nbeen given a new version number, which requires you to recompile and\nreinstall all third party kernel modules you might have installed. \nUnless you manually uninstalled the standard kernel metapackages\n(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,\nlinux-powerpc), a standard system upgrade will automatically perform\nthis as well",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-5195"
},
{
"db": "BID",
"id": "93793"
},
{
"db": "VULMON",
"id": "CVE-2016-5195"
},
{
"db": "PACKETSTORM",
"id": "139337"
},
{
"db": "PACKETSTORM",
"id": "139255"
},
{
"db": "PACKETSTORM",
"id": "141870"
},
{
"db": "PACKETSTORM",
"id": "139250"
}
],
"trust": 1.62
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=40611",
"trust": 0.5,
"type": "exploit"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-5195"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-5195",
"trust": 1.8
},
{
"db": "CERT/CC",
"id": "VU#243144",
"trust": 1.3
},
{
"db": "JUNIPER",
"id": "JSA10770",
"trust": 1.3
},
{
"db": "BID",
"id": "93793",
"trust": 1.3
},
{
"db": "MCAFEE",
"id": "SB10177",
"trust": 1.0
},
{
"db": "MCAFEE",
"id": "SB10222",
"trust": 1.0
},
{
"db": "MCAFEE",
"id": "SB10176",
"trust": 1.0
},
{
"db": "PACKETSTORM",
"id": "139287",
"trust": 1.0
},
{
"db": "PACKETSTORM",
"id": "139277",
"trust": 1.0
},
{
"db": "PACKETSTORM",
"id": "139923",
"trust": 1.0
},
{
"db": "PACKETSTORM",
"id": "139286",
"trust": 1.0
},
{
"db": "PACKETSTORM",
"id": "142151",
"trust": 1.0
},
{
"db": "PACKETSTORM",
"id": "139922",
"trust": 1.0
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2022/08/08/1",
"trust": 1.0
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2022/08/08/2",
"trust": 1.0
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2016/10/30/1",
"trust": 1.0
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2016/10/27/13",
"trust": 1.0
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2022/08/08/7",
"trust": 1.0
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2016/10/21/1",
"trust": 1.0
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2022/08/08/8",
"trust": 1.0
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2016/10/26/7",
"trust": 1.0
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2016/11/03/7",
"trust": 1.0
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2022/08/15/1",
"trust": 1.0
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2022/08/09/4",
"trust": 1.0
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2022/03/07/1",
"trust": 1.0
},
{
"db": "EXPLOIT-DB",
"id": "40839",
"trust": 1.0
},
{
"db": "EXPLOIT-DB",
"id": "40616",
"trust": 1.0
},
{
"db": "EXPLOIT-DB",
"id": "40611",
"trust": 1.0
},
{
"db": "EXPLOIT-DB",
"id": "40847",
"trust": 1.0
},
{
"db": "JUNIPER",
"id": "JSA10774",
"trust": 1.0
},
{
"db": "JUNIPER",
"id": "JSA10807",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1037078",
"trust": 1.0
},
{
"db": "VULMON",
"id": "CVE-2016-5195",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "139337",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "139255",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "141870",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "139250",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-5195"
},
{
"db": "BID",
"id": "93793"
},
{
"db": "PACKETSTORM",
"id": "139337"
},
{
"db": "PACKETSTORM",
"id": "139255"
},
{
"db": "PACKETSTORM",
"id": "141870"
},
{
"db": "PACKETSTORM",
"id": "139250"
},
{
"db": "NVD",
"id": "CVE-2016-5195"
}
]
},
"id": "VAR-201611-0386",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.7783290715384616
},
"last_update_date": "2024-07-23T19:42:17.676000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Red Hat: Important: kernel-rt security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20162110 - security advisory"
},
{
"title": "Red Hat: Important: kernel security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20162124 - security advisory"
},
{
"title": "Red Hat: Important: kernel security and enhancement update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20162128 - security advisory"
},
{
"title": "Red Hat: Important: kernel security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20162126 - security advisory"
},
{
"title": "Red Hat: Important: kernel security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20162106 - security advisory"
},
{
"title": "Red Hat: Important: kernel security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20162127 - security advisory"
},
{
"title": "Red Hat: Important: kernel security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20162120 - security advisory"
},
{
"title": "Red Hat: Important: kernel security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20162132 - security advisory"
},
{
"title": "Red Hat: Important: kernel security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20162118 - security advisory"
},
{
"title": "Red Hat: Important: kernel security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20162098 - security advisory"
},
{
"title": "Red Hat: Important: kernel security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20162105 - security advisory"
},
{
"title": "Red Hat: Important: kernel security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20162133 - security advisory"
},
{
"title": "Red Hat: Important: kernel-rt security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20162107 - security advisory"
},
{
"title": "Ubuntu Security Notice: linux-snapdragon vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3106-4"
},
{
"title": "Ubuntu Security Notice: linux-raspi2 vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3107-2"
},
{
"title": "Ubuntu Security Notice: linux vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3107-1"
},
{
"title": "Ubuntu Security Notice: linux vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3104-1"
},
{
"title": "Ubuntu Security Notice: linux-raspi2 vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3106-3"
},
{
"title": "Ubuntu Security Notice: linux vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3105-1"
},
{
"title": "Ubuntu Security Notice: linux-lts-trusty vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3105-2"
},
{
"title": "Ubuntu Security Notice: linux-ti-omap4 vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3104-2"
},
{
"title": "Ubuntu Security Notice: linux vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3106-1"
},
{
"title": "Ubuntu Security Notice: linux-lts-xenial vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3106-2"
},
{
"title": "Cisco: Cisco TelePresence Video Communication Server Test Validation Script Issue",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20181107-vcsd"
},
{
"title": "dirty-cow-toolkit",
"trust": 0.1,
"url": "https://github.com/roliboy/rootcow "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/yatt-ze/dirtycowandroid "
},
{
"title": "polaris-dict-a63-arch",
"trust": 0.1,
"url": "https://github.com/zaoqi/polaris-dict-a63-arch "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-5195"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-362",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-5195"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.3,
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619"
},
{
"trust": 1.3,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1384344"
},
{
"trust": 1.3,
"url": "https://source.android.com/security/bulletin/2016-12-01.html"
},
{
"trust": 1.3,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161207-01-dirtycow-en"
},
{
"trust": 1.3,
"url": "https://github.com/dirtycow/dirtycow.github.io/wiki/pocs"
},
{
"trust": 1.3,
"url": "http://rhn.redhat.com/errata/rhsa-2016-2118.html"
},
{
"trust": 1.3,
"url": "http://rhn.redhat.com/errata/rhsa-2016-2120.html"
},
{
"trust": 1.3,
"url": "https://www.kb.cert.org/vuls/id/243144"
},
{
"trust": 1.3,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20161026-linux"
},
{
"trust": 1.3,
"url": "https://github.com/dirtycow/dirtycow.github.io/wiki/vulnerabilitydetails"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/security/vulnerabilities/2706661"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2016-2110.html"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/security/cve/cve-2016-5195"
},
{
"trust": 1.1,
"url": "http://www.ubuntu.com/usn/usn-3106-3"
},
{
"trust": 1.1,
"url": "http://www.ubuntu.com/usn/usn-3106-1"
},
{
"trust": 1.1,
"url": "http://www.ubuntu.com/usn/usn-3104-1"
},
{
"trust": 1.0,
"url": "http://fortiguard.com/advisory/fg-ir-16-063"
},
{
"trust": 1.0,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10770"
},
{
"trust": 1.0,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10774"
},
{
"trust": 1.0,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10807"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00034.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00035.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00036.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00038.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00039.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00040.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00045.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00048.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00049.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00050.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00051.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00052.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00053.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00054.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00055.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00056.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00057.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00058.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00063.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00064.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00065.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00066.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00067.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00072.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00033.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00100.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00041.html"
},
{
"trust": 1.0,
"url": "http://packetstormsecurity.com/files/139277/kernel-live-patch-security-notice-lsn-0012-1.html"
},
{
"trust": 1.0,
"url": "http://packetstormsecurity.com/files/139286/dirtycow-linux-kernel-race-condition.html"
},
{
"trust": 1.0,
"url": "http://packetstormsecurity.com/files/139287/dirtycow-local-root-proof-of-concept.html"
},
{
"trust": 1.0,
"url": "http://packetstormsecurity.com/files/139922/linux-kernel-dirty-cow-ptrace_pokedata-privilege-escalation.html"
},
{
"trust": 1.0,
"url": "http://packetstormsecurity.com/files/139923/linux-kernel-dirty-cow-ptrace_pokedata-privilege-escalation.html"
},
{
"trust": 1.0,
"url": "http://packetstormsecurity.com/files/142151/kernel-live-patch-security-notice-lsn-0021-1.html"
},
{
"trust": 1.0,
"url": "http://rhn.redhat.com/errata/rhsa-2016-2098.html"
},
{
"trust": 1.0,
"url": "http://rhn.redhat.com/errata/rhsa-2016-2105.html"
},
{
"trust": 1.0,
"url": "http://rhn.redhat.com/errata/rhsa-2016-2106.html"
},
{
"trust": 1.0,
"url": "http://rhn.redhat.com/errata/rhsa-2016-2107.html"
},
{
"trust": 1.0,
"url": "http://rhn.redhat.com/errata/rhsa-2016-2124.html"
},
{
"trust": 1.0,
"url": "http://rhn.redhat.com/errata/rhsa-2016-2126.html"
},
{
"trust": 1.0,
"url": "http://rhn.redhat.com/errata/rhsa-2016-2127.html"
},
{
"trust": 1.0,
"url": "http://rhn.redhat.com/errata/rhsa-2016-2128.html"
},
{
"trust": 1.0,
"url": "http://rhn.redhat.com/errata/rhsa-2016-2132.html"
},
{
"trust": 1.0,
"url": "http://rhn.redhat.com/errata/rhsa-2016-2133.html"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2016/dsa-3696"
},
{
"trust": 1.0,
"url": "http://www.kernel.org/pub/linux/kernel/v4.x/changelog-4.8.3"
},
{
"trust": 1.0,
"url": "http://www.openwall.com/lists/oss-security/2016/10/21/1"
},
{
"trust": 1.0,
"url": "http://www.openwall.com/lists/oss-security/2016/10/26/7"
},
{
"trust": 1.0,
"url": "http://www.openwall.com/lists/oss-security/2016/10/27/13"
},
{
"trust": 1.0,
"url": "http://www.openwall.com/lists/oss-security/2016/10/30/1"
},
{
"trust": 1.0,
"url": "http://www.openwall.com/lists/oss-security/2016/11/03/7"
},
{
"trust": 1.0,
"url": "http://www.openwall.com/lists/oss-security/2022/03/07/1"
},
{
"trust": 1.0,
"url": "http://www.openwall.com/lists/oss-security/2022/08/08/1"
},
{
"trust": 1.0,
"url": "http://www.openwall.com/lists/oss-security/2022/08/08/2"
},
{
"trust": 1.0,
"url": "http://www.openwall.com/lists/oss-security/2022/08/08/7"
},
{
"trust": 1.0,
"url": "http://www.openwall.com/lists/oss-security/2022/08/08/8"
},
{
"trust": 1.0,
"url": "http://www.openwall.com/lists/oss-security/2022/08/09/4"
},
{
"trust": 1.0,
"url": "http://www.openwall.com/lists/oss-security/2022/08/15/1"
},
{
"trust": 1.0,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/539611/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/540252/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/540344/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/540736/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/archive/1/539611/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/archive/1/540252/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/archive/1/540344/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/archive/1/540736/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/93793"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1037078"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-3104-2"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-3105-1"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-3105-2"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-3106-2"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-3106-4"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-3107-1"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-3107-2"
},
{
"trust": 1.0,
"url": "https://access.redhat.com/errata/rhsa-2017:0372"
},
{
"trust": 1.0,
"url": "https://bto.bluecoat.com/security-advisory/sa134"
},
{
"trust": 1.0,
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1004418"
},
{
"trust": 1.0,
"url": "https://dirtycow.ninja"
},
{
"trust": 1.0,
"url": "https://github.com/torvalds/linux/commit/19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619"
},
{
"trust": 1.0,
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-c05352241"
},
{
"trust": 1.0,
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbgn03707en_us"
},
{
"trust": 1.0,
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbgn03722en_us"
},
{
"trust": 1.0,
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbgn03742en_us"
},
{
"trust": 1.0,
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbgn03761en_us"
},
{
"trust": 1.0,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05341463"
},
{
"trust": 1.0,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05347541"
},
{
"trust": 1.0,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05352241"
},
{
"trust": 1.0,
"url": "https://help.ecostruxureit.com/display/public/uadco8x/struxureware+data+center+operation+software+vulnerability+fixes"
},
{
"trust": 1.0,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10176"
},
{
"trust": 1.0,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10177"
},
{
"trust": 1.0,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10222"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/e7m62srp6czlj4zxcrzkv4wplqbsr7dt/"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/nwmdlbwmgzkfhmrj7quqvcerp5qhdb6w/"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/w3aprvdvpdbxlh4dc5ukzvcr742mjim3/"
},
{
"trust": 1.0,
"url": "https://people.canonical.com/~ubuntu-security/cve/2016/cve-2016-5195.html"
},
{
"trust": 1.0,
"url": "https://security-tracker.debian.org/tracker/cve-2016-5195"
},
{
"trust": 1.0,
"url": "https://security.netapp.com/advisory/ntap-20161025-0001/"
},
{
"trust": 1.0,
"url": "https://security.paloaltonetworks.com/cve-2016-5195"
},
{
"trust": 1.0,
"url": "https://source.android.com/security/bulletin/2016-11-01.html"
},
{
"trust": 1.0,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20181107-vcsd"
},
{
"trust": 1.0,
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1753-security-advisory-0026"
},
{
"trust": 1.0,
"url": "https://www.exploit-db.com/exploits/40611/"
},
{
"trust": 1.0,
"url": "https://www.exploit-db.com/exploits/40616/"
},
{
"trust": 1.0,
"url": "https://www.exploit-db.com/exploits/40839/"
},
{
"trust": 1.0,
"url": "https://www.exploit-db.com/exploits/40847/"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-5195"
},
{
"trust": 0.3,
"url": "https://github.com/amluto/vulnerabilities/blob/master/others/cve-2016-5195/test_cve-2016-5195.c"
},
{
"trust": 0.3,
"url": "https://dirtycow.ninja/"
},
{
"trust": 0.3,
"url": "http://www.kernel.org/"
},
{
"trust": 0.3,
"url": "https://googlechromereleases.blogspot.in/2016/10/stable-channel-update-for-chrome-os_26.html"
},
{
"trust": 0.3,
"url": "https://kb.vmware.com/selfservice/microsites/search.do?language=en_us\u0026cmd=displaykc\u0026externalid=2147515"
},
{
"trust": 0.3,
"url": "https://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10770\u0026actp=rss"
},
{
"trust": 0.3,
"url": "https://help.virtuozzo.com/customer/portal/articles/2613795"
},
{
"trust": 0.3,
"url": "https://help.virtuozzo.com/customer/portal/articles/2613794"
},
{
"trust": 0.3,
"url": "http://kb.odin.com/en/129683"
},
{
"trust": 0.3,
"url": "https://github.com/timwr/cve-2016-5195"
},
{
"trust": 0.3,
"url": "https://forum.proxmox.com/threads/cve-2016-5195-dirty-cow.29908/"
},
{
"trust": 0.3,
"url": "https://centos.org/forums/viewtopic.php?f=51\u0026p=252514"
},
{
"trust": 0.3,
"url": "https://www.cloudlinux.com/kernelcare-blog/entry/dirty-cow-vulnerability-the-fix-is-coming"
},
{
"trust": 0.3,
"url": "https://security-tracker.debian.org/tracker/dla-670-1"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05347541"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05352241"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05341463"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=isg3t1024478"
},
{
"trust": 0.3,
"url": "https://securityadvisories.paloaltonetworks.com/home/detail/73"
},
{
"trust": 0.3,
"url": "https://coreos.com/blog/cve-2016-5195.html"
},
{
"trust": 0.3,
"url": "https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=9691eac5593ff1e2f82391ad327f21d90322aec1"
},
{
"trust": 0.3,
"url": "https://gryzli.info/2016/10/21/protect-cve-2016-5195-dirtycow-centos-7rhel7cpanelcloudlinux/"
},
{
"trust": 0.3,
"url": "https://kc.mcafee.com/resources/sites/mcafee/content/live/product_documentation/27000/pd27128/en_us/meg_7_6_406_3402_103_release_notes_en_us.pdf"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995667"
},
{
"trust": 0.3,
"url": "https://www.ubuntu.com/usn/usn-3104-1/"
},
{
"trust": 0.3,
"url": "https://www.ubuntu.com/usn/usn-3105-1/"
},
{
"trust": 0.3,
"url": "https://www.ubuntu.com/usn/usn-3105-2/"
},
{
"trust": 0.3,
"url": "https://www.ubuntu.com/usn/usn-3106-1/"
},
{
"trust": 0.3,
"url": "https://www.ubuntu.com/usn/usn-3106-2/"
},
{
"trust": 0.3,
"url": "https://www.ubuntu.com/usn/usn-3106-3/"
},
{
"trust": 0.3,
"url": "https://www.ubuntu.com/usn/usn-3106-4/"
},
{
"trust": 0.3,
"url": "https://www.ubuntu.com/usn/usn-3107-1/"
},
{
"trust": 0.3,
"url": "https://help.virtuozzo.com/customer/en/portal/articles/2613793"
},
{
"trust": 0.3,
"url": "http://www.vmware.com/security/advisories/vmsa-2016-0018.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-7039"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-7039"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-raspi2/4.4.0-1029.36"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/support/security_bulletin_archive"
},
{
"trust": 0.1,
"url": "https://www.hpe.com/info/report-security-vulnerability"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/support/subscriber_choice"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-hpesbgn03722en_us"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c01345499"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux/3.2.0-113.155"
}
],
"sources": [
{
"db": "BID",
"id": "93793"
},
{
"db": "PACKETSTORM",
"id": "139337"
},
{
"db": "PACKETSTORM",
"id": "139255"
},
{
"db": "PACKETSTORM",
"id": "141870"
},
{
"db": "PACKETSTORM",
"id": "139250"
},
{
"db": "NVD",
"id": "CVE-2016-5195"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2016-5195"
},
{
"db": "BID",
"id": "93793"
},
{
"db": "PACKETSTORM",
"id": "139337"
},
{
"db": "PACKETSTORM",
"id": "139255"
},
{
"db": "PACKETSTORM",
"id": "141870"
},
{
"db": "PACKETSTORM",
"id": "139250"
},
{
"db": "NVD",
"id": "CVE-2016-5195"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-11-10T00:00:00",
"db": "VULMON",
"id": "CVE-2016-5195"
},
{
"date": "2016-10-19T00:00:00",
"db": "BID",
"id": "93793"
},
{
"date": "2016-10-26T14:03:09",
"db": "PACKETSTORM",
"id": "139337"
},
{
"date": "2016-10-20T15:37:52",
"db": "PACKETSTORM",
"id": "139255"
},
{
"date": "2017-03-31T16:11:41",
"db": "PACKETSTORM",
"id": "141870"
},
{
"date": "2016-10-20T15:37:15",
"db": "PACKETSTORM",
"id": "139250"
},
{
"date": "2016-11-10T21:59:00.197000",
"db": "NVD",
"id": "CVE-2016-5195"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2016-5195"
},
{
"date": "2017-12-19T22:37:00",
"db": "BID",
"id": "93793"
},
{
"date": "2023-11-07T02:33:23.770000",
"db": "NVD",
"id": "CVE-2016-5195"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "93793"
},
{
"db": "PACKETSTORM",
"id": "139337"
},
{
"db": "PACKETSTORM",
"id": "139255"
},
{
"db": "PACKETSTORM",
"id": "139250"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Linux Kernel CVE-2016-5195 Local Privilege Escalation Vulnerability",
"sources": [
{
"db": "BID",
"id": "93793"
}
],
"trust": 0.3
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "93793"
}
],
"trust": 0.3
}
}
VAR-201606-0477
Vulnerability from variot - Updated: 2024-07-23 19:37The dsa_sign_setup function in crypto/dsa/dsa_ossl.c in OpenSSL through 1.0.2h does not properly ensure the use of constant-time operations, which makes it easier for local users to discover a DSA private key via a timing side-channel attack. OpenSSL is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information. This may aid in further attacks. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: openssl security update Advisory ID: RHSA-2016:1940-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-1940.html Issue date: 2016-09-27 CVE Names: CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-2180 CVE-2016-2181 CVE-2016-2182 CVE-2016-6302 CVE-2016-6304 CVE-2016-6306 =====================================================================
- Summary:
An update for openssl is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
- Description:
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.
Security Fix(es):
-
A memory leak flaw was found in the way OpenSSL handled TLS status request extension data during session renegotiation. A remote attacker could cause a TLS server using OpenSSL to consume an excessive amount of memory and, possibly, exit unexpectedly after exhausting all available memory, if it enabled OCSP stapling support. (CVE-2016-6304)
-
It was discovered that OpenSSL did not always use constant time operations when computing Digital Signature Algorithm (DSA) signatures. (CVE-2016-2178)
-
It was discovered that the Datagram TLS (DTLS) implementation could fail to release memory in certain cases. A malicious DTLS client could cause a DTLS server using OpenSSL to consume an excessive amount of memory and, possibly, exit unexpectedly after exhausting all available memory. (CVE-2016-2179)
-
A flaw was found in the Datagram TLS (DTLS) replay protection implementation in OpenSSL. A remote attacker could possibly use this flaw to make a DTLS server using OpenSSL to reject further packets sent from a DTLS client over an established DTLS connection. (CVE-2016-2181)
-
An out of bounds write flaw was discovered in the OpenSSL BN_bn2dec() function. An attacker able to make an application using OpenSSL to process a large BIGNUM could cause the application to crash or, possibly, execute arbitrary code. (CVE-2016-2182)
-
A flaw was found in the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite. (CVE-2016-2183)
This update mitigates the CVE-2016-2183 issue by lowering priority of DES cipher suites so they are not preferred over cipher suites using AES. For compatibility reasons, DES cipher suites remain enabled by default and included in the set of cipher suites identified by the HIGH cipher string. Future updates may move them to MEDIUM or not enable them by default.
-
An integer underflow flaw leading to a buffer over-read was found in the way OpenSSL parsed TLS session tickets. A remote attacker could use this flaw to crash a TLS server using OpenSSL if it used SHA-512 as HMAC for session tickets. (CVE-2016-6302)
-
Multiple integer overflow flaws were found in the way OpenSSL performed pointer arithmetic. A remote attacker could possibly use these flaws to cause a TLS/SSL server or client using OpenSSL to crash. (CVE-2016-2177)
-
An out of bounds read flaw was found in the way OpenSSL formatted Public Key Infrastructure Time-Stamp Protocol data for printing. An attacker could possibly cause an application using OpenSSL to crash if it printed time stamp data from the attacker. (CVE-2016-2180)
-
Multiple out of bounds read flaws were found in the way OpenSSL handled certain TLS/SSL protocol handshake messages. A remote attacker could possibly use these flaws to crash a TLS/SSL server or client using OpenSSL. (CVE-2016-6306)
Red Hat would like to thank the OpenSSL project for reporting CVE-2016-6304 and CVE-2016-6306 and OpenVPN for reporting CVE-2016-2183. Upstream acknowledges Shi Lei (Gear Team of Qihoo 360 Inc.) as the original reporter of CVE-2016-6304 and CVE-2016-6306; and Karthikeyan Bhargavan (Inria) and GaA<<tan Leurent (Inria) as the original reporters of CVE-2016-2183.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.
- Bugs fixed (https://bugzilla.redhat.com/):
1341705 - CVE-2016-2177 openssl: Possible integer overflow vulnerabilities in codebase 1343400 - CVE-2016-2178 openssl: Non-constant time codepath followed for certain operations in DSA implementation 1359615 - CVE-2016-2180 OpenSSL: OOB read in TS_OBJ_print_bio() 1367340 - CVE-2016-2182 openssl: Out-of-bounds write caused by unchecked errors in BN_bn2dec() 1369113 - CVE-2016-2181 openssl: DTLS replay protection bypass allows DoS against DTLS connection 1369383 - CVE-2016-2183 SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32) 1369504 - CVE-2016-2179 openssl: DTLS memory exhaustion DoS when messages are not removed from fragment buffer 1369855 - CVE-2016-6302 openssl: Insufficient TLS session ticket HMAC length checks 1377594 - CVE-2016-6306 openssl: certificate message OOB reads 1377600 - CVE-2016-6304 openssl: OCSP Status Request extension unbounded memory growth
- Package List:
Red Hat Enterprise Linux Desktop (v. 6):
Source: openssl-1.0.1e-48.el6_8.3.src.rpm
i386: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm
x86_64: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
i386: openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm openssl-perl-1.0.1e-48.el6_8.3.i686.rpm openssl-static-1.0.1e-48.el6_8.3.i686.rpm
x86_64: openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm openssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-static-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source: openssl-1.0.1e-48.el6_8.3.src.rpm
x86_64: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
x86_64: openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm openssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-static-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source: openssl-1.0.1e-48.el6_8.3.src.rpm
i386: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm
ppc64: openssl-1.0.1e-48.el6_8.3.ppc.rpm openssl-1.0.1e-48.el6_8.3.ppc64.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.ppc.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.ppc64.rpm openssl-devel-1.0.1e-48.el6_8.3.ppc.rpm openssl-devel-1.0.1e-48.el6_8.3.ppc64.rpm
s390x: openssl-1.0.1e-48.el6_8.3.s390.rpm openssl-1.0.1e-48.el6_8.3.s390x.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.s390.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.s390x.rpm openssl-devel-1.0.1e-48.el6_8.3.s390.rpm openssl-devel-1.0.1e-48.el6_8.3.s390x.rpm
x86_64: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
i386: openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-perl-1.0.1e-48.el6_8.3.i686.rpm openssl-static-1.0.1e-48.el6_8.3.i686.rpm
ppc64: openssl-debuginfo-1.0.1e-48.el6_8.3.ppc64.rpm openssl-perl-1.0.1e-48.el6_8.3.ppc64.rpm openssl-static-1.0.1e-48.el6_8.3.ppc64.rpm
s390x: openssl-debuginfo-1.0.1e-48.el6_8.3.s390x.rpm openssl-perl-1.0.1e-48.el6_8.3.s390x.rpm openssl-static-1.0.1e-48.el6_8.3.s390x.rpm
x86_64: openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm openssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-static-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source: openssl-1.0.1e-48.el6_8.3.src.rpm
i386: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm
x86_64: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
i386: openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-perl-1.0.1e-48.el6_8.3.i686.rpm openssl-static-1.0.1e-48.el6_8.3.i686.rpm
x86_64: openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm openssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-static-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux Client (v. 7):
Source: openssl-1.0.1e-51.el7_2.7.src.rpm
x86_64: openssl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-libs-1.0.1e-51.el7_2.7.i686.rpm openssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64: openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-devel-1.0.1e-51.el7_2.7.i686.rpm openssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm openssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-static-1.0.1e-51.el7_2.7.i686.rpm openssl-static-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: openssl-1.0.1e-51.el7_2.7.src.rpm
x86_64: openssl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-libs-1.0.1e-51.el7_2.7.i686.rpm openssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
x86_64: openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-devel-1.0.1e-51.el7_2.7.i686.rpm openssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm openssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-static-1.0.1e-51.el7_2.7.i686.rpm openssl-static-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: openssl-1.0.1e-51.el7_2.7.src.rpm
ppc64: openssl-1.0.1e-51.el7_2.7.ppc64.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.ppc.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.ppc64.rpm openssl-devel-1.0.1e-51.el7_2.7.ppc.rpm openssl-devel-1.0.1e-51.el7_2.7.ppc64.rpm openssl-libs-1.0.1e-51.el7_2.7.ppc.rpm openssl-libs-1.0.1e-51.el7_2.7.ppc64.rpm
ppc64le: openssl-1.0.1e-51.el7_2.7.ppc64le.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.ppc64le.rpm openssl-devel-1.0.1e-51.el7_2.7.ppc64le.rpm openssl-libs-1.0.1e-51.el7_2.7.ppc64le.rpm
s390x: openssl-1.0.1e-51.el7_2.7.s390x.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.s390.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.s390x.rpm openssl-devel-1.0.1e-51.el7_2.7.s390.rpm openssl-devel-1.0.1e-51.el7_2.7.s390x.rpm openssl-libs-1.0.1e-51.el7_2.7.s390.rpm openssl-libs-1.0.1e-51.el7_2.7.s390x.rpm
x86_64: openssl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-devel-1.0.1e-51.el7_2.7.i686.rpm openssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm openssl-libs-1.0.1e-51.el7_2.7.i686.rpm openssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64: openssl-debuginfo-1.0.1e-51.el7_2.7.ppc.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.ppc64.rpm openssl-perl-1.0.1e-51.el7_2.7.ppc64.rpm openssl-static-1.0.1e-51.el7_2.7.ppc.rpm openssl-static-1.0.1e-51.el7_2.7.ppc64.rpm
ppc64le: openssl-debuginfo-1.0.1e-51.el7_2.7.ppc64le.rpm openssl-perl-1.0.1e-51.el7_2.7.ppc64le.rpm openssl-static-1.0.1e-51.el7_2.7.ppc64le.rpm
s390x: openssl-debuginfo-1.0.1e-51.el7_2.7.s390.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.s390x.rpm openssl-perl-1.0.1e-51.el7_2.7.s390x.rpm openssl-static-1.0.1e-51.el7_2.7.s390.rpm openssl-static-1.0.1e-51.el7_2.7.s390x.rpm
x86_64: openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-static-1.0.1e-51.el7_2.7.i686.rpm openssl-static-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: openssl-1.0.1e-51.el7_2.7.src.rpm
x86_64: openssl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-devel-1.0.1e-51.el7_2.7.i686.rpm openssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm openssl-libs-1.0.1e-51.el7_2.7.i686.rpm openssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64: openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-static-1.0.1e-51.el7_2.7.i686.rpm openssl-static-1.0.1e-51.el7_2.7.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2016-2177 https://access.redhat.com/security/cve/CVE-2016-2178 https://access.redhat.com/security/cve/CVE-2016-2179 https://access.redhat.com/security/cve/CVE-2016-2180 https://access.redhat.com/security/cve/CVE-2016-2181 https://access.redhat.com/security/cve/CVE-2016-2182 https://access.redhat.com/security/cve/CVE-2016-6302 https://access.redhat.com/security/cve/CVE-2016-6304 https://access.redhat.com/security/cve/CVE-2016-6306 https://access.redhat.com/security/updates/classification/#important https://www.openssl.org/news/secadv/20160922.txt
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFX6nnFXlSAg2UNWIIRAqklAJ9uGMit/wxZ0CfuGjR7Vi2+AjmGMwCfTpEI xpTW7ApBLmKhVjs49DGYouI= =4VgY -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Of these 14 vulnerabilities, the OpenSSL Software Foundation classifies one as aCritical Severity,a one as aModerate Severity,a and the other 12 as aLow Severity.a
Subsequently, on September 26, the OpenSSL Software Foundation released an additional advisory that describes two new vulnerabilities. One of the new vulnerabilities was rated as aHigh Severitya and the other as aModerate Severity.a
Of the 16 released vulnerabilities: Fourteen track issues that could result in a denial of service (DoS) condition One (CVE-2016-2183, aka SWEET32) tracks an implementation of a Birthday attack against Transport Layer Security (TLS) block ciphers that use a 64-bit block size that could result in loss of confidentiality One (CVE-2016-2178) is a timing side-channel attack that, in specific circumstances, could allow an attacker to derive the private DSA key that belongs to another user or service running on the same system
Five of the 16 vulnerabilities affect exclusively the recently released OpenSSL versions that belong to the 1.1.0 code train, which has not yet been integrated into any Cisco product.
Gentoo Linux Security Advisory GLSA 201612-16
https://security.gentoo.org/
Severity: Normal Title: OpenSSL: Multiple vulnerabilities Date: December 07, 2016 Bugs: #581234, #585142, #585276, #591454, #592068, #592074, #592082, #594500, #595186 ID: 201612-16
Synopsis
Multiple vulnerabilities have been found in OpenSSL, the worst of which allows attackers to conduct a time based side-channel attack.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-libs/openssl < 1.0.2j >= 1.0.2j
Description
Multiple vulnerabilities have been discovered in OpenSSL. Please review the CVE identifiers and the International Association for Cryptologic Research's (IACR) paper, "Make Sure DSA Signing Exponentiations Really are Constant-Time" for further details.
Workaround
There is no known workaround at this time.
Resolution
All OpenSSL users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/openssl-1.0.2j"
References
[ 1 ] CVE-2016-2105 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2105 [ 2 ] CVE-2016-2106 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2106 [ 3 ] CVE-2016-2107 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2107 [ 4 ] CVE-2016-2108 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2108 [ 5 ] CVE-2016-2109 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2109 [ 6 ] CVE-2016-2176 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2176 [ 7 ] CVE-2016-2177 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2177 [ 8 ] CVE-2016-2178 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2178 [ 9 ] CVE-2016-2180 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2180 [ 10 ] CVE-2016-2183 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2183 [ 11 ] CVE-2016-6304 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6304 [ 12 ] CVE-2016-6305 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6305 [ 13 ] CVE-2016-6306 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6306 [ 14 ] CVE-2016-7052 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7052 [ 15 ] Make Sure DSA Signing Exponentiations Really are Constant-Time http://eprint.iacr.org/2016/594.pdf
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201612-16
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. Description:
Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.
This release includes bug fixes as well as a new release of OpenSSL. For further information, see the knowledge base article linked to in the References section. The JBoss server process must be restarted for the update to take effect. After installing the updated packages, the httpd daemon will be restarted automatically. ========================================================================== Ubuntu Security Notice USN-3087-2 September 23, 2016
openssl regression
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary:
USN-3087-1 introduced a regression in OpenSSL. The fix for CVE-2016-2182 was incomplete and caused a regression when parsing certificates. This update fixes the problem.
We apologize for the inconvenience. This issue has only been addressed in Ubuntu 16.04 LTS in this update. (CVE-2016-2178) Quan Luo discovered that OpenSSL did not properly restrict the lifetime of queue entries in the DTLS implementation. (CVE-2016-2181) Shi Lei discovered that OpenSSL incorrectly validated division results. (CVE-2016-2182) Karthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES ciphers were vulnerable to birthday attacks. (CVE-2016-2183) Shi Lei discovered that OpenSSL incorrectly handled certain ticket lengths. (CVE-2016-6303) Shi Lei discovered that OpenSSL incorrectly performed certain message length checks. (CVE-2016-6306)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 16.04 LTS: libssl1.0.0 1.0.2g-1ubuntu4.5
Ubuntu 14.04 LTS: libssl1.0.0 1.0.1f-1ubuntu2.21
Ubuntu 12.04 LTS: libssl1.0.0 1.0.1-4ubuntu5.38
After a standard system update you need to reboot your computer to make all the necessary changes. (CVE-2016-4459, CVE-2016-8612)
-
A buffer overflow flaw when concatenating virtual host names and URIs was fixed in mod_jk. (CVE-2016-6808)
-
A memory leak flaw was fixed in expat. Solution:
The References section of this erratum contains a download link (you must log in to download the update). JIRA issues fixed (https://issues.jboss.org/):
JBCS-50 - CVE-2012-1148 CVE-2012-0876 expat: various flaws [jbews-3.0.0] JBCS-95 - CVE-2014-3523 httpd: WinNT MPM denial of service
6
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201606-0477",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "linux",
"scope": "eq",
"trust": 1.8,
"vendor": "oracle",
"version": "5"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.8,
"vendor": "oracle",
"version": "6"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.8,
"vendor": "oracle",
"version": "7"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.8,
"vendor": "oracle",
"version": "10"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.8,
"vendor": "oracle",
"version": "11.3"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1q"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2a"
},
{
"model": "node.js",
"scope": "gte",
"trust": 1.0,
"vendor": "nodejs",
"version": "5.0.0"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1m"
},
{
"model": "node.js",
"scope": "lt",
"trust": 1.0,
"vendor": "nodejs",
"version": "6.7.0"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1b"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "14.04"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "8.0"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1r"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "12.04"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1p"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1a"
},
{
"model": "node.js",
"scope": "gte",
"trust": 1.0,
"vendor": "nodejs",
"version": "0.10.0"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1o"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1n"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1f"
},
{
"model": "node.js",
"scope": "lt",
"trust": 1.0,
"vendor": "nodejs",
"version": "0.12.16"
},
{
"model": "node.js",
"scope": "gte",
"trust": 1.0,
"vendor": "nodejs",
"version": "4.0.0"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2f"
},
{
"model": "node.js",
"scope": "gte",
"trust": 1.0,
"vendor": "nodejs",
"version": "4.2.0"
},
{
"model": "linux enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12.0"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1e"
},
{
"model": "node.js",
"scope": "lt",
"trust": 1.0,
"vendor": "nodejs",
"version": "4.6.0"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1s"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1l"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1t"
},
{
"model": "node.js",
"scope": "lte",
"trust": 1.0,
"vendor": "nodejs",
"version": "4.1.2"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "16.04"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2g"
},
{
"model": "node.js",
"scope": "lt",
"trust": 1.0,
"vendor": "nodejs",
"version": "0.10.47"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2"
},
{
"model": "node.js",
"scope": "gte",
"trust": 1.0,
"vendor": "nodejs",
"version": "0.12.0"
},
{
"model": "openssl",
"scope": "lte",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.2h"
},
{
"model": "linux enterprise module for web scripting",
"scope": "eq",
"trust": 0.8,
"vendor": "suse",
"version": "12"
},
{
"model": "capssuite",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v3.0 to v4.0"
},
{
"model": "enterpriseidentitymanager",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "esmpro/serveragentservice",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "(linux edition )"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "sg3600 all series"
},
{
"model": "ix1000 series",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "ix2000 series",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "ix3000 series",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "secureware/pki application development kit",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "ver3.2"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "enterprise v8.2 to v9.4"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "express v8.2 to v9.4"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "foundation v8.2 to v8.5"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "standard v8.2 to v9.4"
},
{
"model": "webotx enterprise service bus",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v8.2 to v8.5"
},
{
"model": "webotx portal",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v8.2 to v9.1"
},
{
"model": "stealthwatch udp director",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "0"
},
{
"model": "paging server",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "0"
},
{
"model": "content security management appliance",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "0"
},
{
"model": "cloud web security",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.26"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.22"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.16"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.14"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.13"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.12"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.11"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.10"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.9"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.8"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.18"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0"
},
{
"model": "transportation management",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"model": "transportation management",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.1"
},
{
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.3"
},
{
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.2"
},
{
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.71"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.55"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.54"
},
{
"model": "oss support tools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.9.15.9.8"
},
{
"model": "oss support tools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.8.15.7.15"
},
{
"model": "mysql workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.3.8"
},
{
"model": "mysql workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.1.5"
},
{
"model": "mysql workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.1.4"
},
{
"model": "mysql enterprise monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.3.0.1098"
},
{
"model": "mysql enterprise monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.4.1102"
},
{
"model": "mysql enterprise monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.1.4.7895"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.15"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.14"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.13"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.12"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.9"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.8"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.7"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.6"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.5"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.4"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.3"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.2"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.33"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.32"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.31"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.30"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.28"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.27"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.26"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.25"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.24"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.23"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.22"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.21"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.17"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.12"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.11"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.10"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.9"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.6"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.11"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.10"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.8"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.7"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.5"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.4"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.29"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.20"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.2"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.19"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.18"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.16"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.15"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.14"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.13"
},
{
"model": "jd edwards enterpriseone tools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.1.1"
},
{
"model": "enterprise manager ops center",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.3.2"
},
{
"model": "enterprise manager ops center",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.2.2"
},
{
"model": "enterprise manager ops center",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1.4"
},
{
"model": "enterprise manager base platform",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1"
},
{
"model": "enterprise manager base platform",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "13.2.0.0"
},
{
"model": "enterprise manager base platform",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "13.1.0.0"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5"
},
{
"model": "communications network charging and control",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.2.0"
},
{
"model": "communications network charging and control",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.1.0"
},
{
"model": "communications network charging and control",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.0.2"
},
{
"model": "communications network charging and control",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.0.1"
},
{
"model": "communications network charging and control",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.4.1.5.0"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.5.2"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.5.1"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.5"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.3"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2.2"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.4.1.2"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.5.2"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.5.1"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.5"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.3"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2.2"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.4.1.2"
},
{
"model": "business intelligence enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.2.1.3.0"
},
{
"model": "business intelligence enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.2.1.2.0"
},
{
"model": "business intelligence enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1.1.9.0"
},
{
"model": "business intelligence enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1.1.7.0"
},
{
"model": "api gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1.2.4.0"
},
{
"model": "access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.4.3.0"
},
{
"model": "project openssl 1.0.0h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0"
},
{
"model": "project openssl 0.9.8u",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.11"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.2"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl m",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl l",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl m",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl l",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.4"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.3"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.2"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.1"
},
{
"model": "project openssl 1.0.2h",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.2g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.2f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.2e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.2d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.2c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.2b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.2a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.1t",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.1s",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.1r",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.1q",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.1p",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.1o",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.1n",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.1m",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.1l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.1k",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.1j",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.1i",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.1h",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.1g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.1f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.1e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.1d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.1c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.1b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.1a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.0x"
},
{
"model": "project openssl 1.0.0t",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.0s",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.0r",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.0q",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.0p",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.0o",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.0n",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.0m",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.0l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.0k",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.0j",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.0i",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.0g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.0f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.0e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.0d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.0c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.0b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.0a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 0.9.8zh",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 0.9.8zg",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 0.9.8zf",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 0.9.8ze",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 0.9.8zd",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 0.9.8zc",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 0.9.8zb",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 0.9.8za",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 0.9.8y",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8x"
},
{
"model": "project openssl 0.9.8w",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 0.9.8t",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 0.9.8s",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 0.9.8r",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 0.9.8q",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 0.9.8p",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 0.9.8o",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 0.9.8n",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 0.9.8m",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 0.9.8l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 0.9.8g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 0.9.8f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8."
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8v"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.405"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.404"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.403"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.402"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.401"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.400"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.4"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.3"
},
{
"model": "email gateway 7.6.405h1165239",
"scope": null,
"trust": 0.3,
"vendor": "mcafee",
"version": null
},
{
"model": "email gateway 7.6.405h1157986",
"scope": null,
"trust": 0.3,
"vendor": "mcafee",
"version": null
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.3.2"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.3.1"
},
{
"model": "email gateway 7.6.2h968406",
"scope": null,
"trust": 0.3,
"vendor": "mcafee",
"version": null
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.1"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6"
},
{
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.2"
},
{
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.1"
},
{
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.0"
},
{
"model": "worklight consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.2"
},
{
"model": "worklight consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.1"
},
{
"model": "worklight consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.0"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"model": "tivoli provisioning manager for os deployment build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.151.05"
},
{
"model": "tivoli provisioning manager for os deployment intirim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.133"
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.3"
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.116"
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "tivoli provisioning manager for os deployment build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.20280.6"
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.19"
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"model": "tivoli provisioning manager for os deployment 5.1.fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"model": "tivoli provisioning manager for os deployment build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1051.07"
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.0.2"
},
{
"model": "tivoli provisioning manager for images system edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x7.1.1.0"
},
{
"model": "tivoli provisioning manager for images build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.20280.6"
},
{
"model": "tivoli provisioning manager for images",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.19"
},
{
"model": "tivoli provisioning manager for images",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.0"
},
{
"model": "tealeaf customer experience on cloud network capture add-on",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "16.1.01"
},
{
"model": "tealeaf customer experience",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.2"
},
{
"model": "tealeaf customer experience",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "tealeaf customer experience",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"model": "tealeaf customer experience",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.6.1.0"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.6.0.1"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.6.0.0"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.2.4"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.2.3"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.2.2"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.2.1"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.2.0"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.1.3"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.1.0"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.0.2"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.0.1"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.0.0"
},
{
"model": "storediq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.9"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.13"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.12"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.11"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.6"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4"
},
{
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.2.4"
},
{
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.2.3"
},
{
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.2.2"
},
{
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.2.1"
},
{
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.2.0"
},
{
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.1.3"
},
{
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.1.0"
},
{
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.2"
},
{
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.1"
},
{
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.0"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"model": "smartcloud entry appliance fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.4"
},
{
"model": "smartcloud entry appliance fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.4"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"model": "smartcloud entry appliance fi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.0.4"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.0"
},
{
"model": "smartcloud entry appliance fi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.0.4"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.0"
},
{
"model": "smartcloud entry appliance fi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.4"
},
{
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.4"
},
{
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.3"
},
{
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.2"
},
{
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.1"
},
{
"model": "security virtual server protection for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1"
},
{
"model": "security virtual server protection for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.1"
},
{
"model": "security virtual server protection for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.3"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2.4"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2.3"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2.2"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2.1"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.9"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.8"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.6"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.5"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.4"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.3"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.2"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.10"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.1"
},
{
"model": "security guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0.1"
},
{
"model": "security guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.2"
},
{
"model": "security guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "security guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.6.0.0"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.0.0"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.0"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.0.0"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5.0.0"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4.6.0"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4.5.0"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4.4.0"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4.3.0"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4.2.0"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4.1.0"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4.0.0"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.2.0"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.1.0"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.9"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.8"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.4"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.3"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.2"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.14"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.13"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.12"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.11"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.10"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.1"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.3"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.2"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.1"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.0"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.9"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.7"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.6"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.5"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.3"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.21"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.20"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.2"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.19"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.18"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.15"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.14"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.13"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.12"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.6"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.5"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.4"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.3"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.1"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.13"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.12"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.11"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.7"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.6"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.5"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.4"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"model": "rational application developer for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"model": "rational application developer for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "powerkvm",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"model": "powerkvm",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "openssh for gpfs",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5"
},
{
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.0"
},
{
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.0"
},
{
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.0"
},
{
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.0.0"
},
{
"model": "lotus protector for mail security",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.8.3.0"
},
{
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3"
},
{
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.20"
},
{
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.4.0"
},
{
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.3.0"
},
{
"model": "cognos metrics manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2"
},
{
"model": "cognos metrics manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"model": "cognos metrics manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"model": "cognos metrics manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.11"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"model": "bigfix remote control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.2"
},
{
"model": "api management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "api connect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex node for mcs",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings server ssl gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "webex meetings server multimedia platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "webex meetings for windows phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "80"
},
{
"model": "webex meetings for blackberry",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings client on-premises",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "webex meetings client hosted",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "webex meeting center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex business suite",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "visual quality experience tools server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "visual quality experience server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "virtualization experience media edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "virtual security gateway for microsoft hyper-v",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "virtual security gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "videoscape control suite",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "videoscape anyres live",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance ptz ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance media server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"model": "video surveillance 4300e and 4500e high-definition ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance series high-definition ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40000"
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "video distribution suite for internet streaming",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "universal small cell iuh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "universal small cell cloudbase factory recovery root filesystem",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.99.4"
},
{
"model": "universal small cell cloudbase factory recovery root filesystem",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "universal small cell series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70003.4.2.0"
},
{
"model": "universal small cell series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50003.4.2.0"
},
{
"model": "universal small cell series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50000"
},
{
"model": "unity express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unity connection",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified workforce optimization quality management solution",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "unified workforce optimization",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified wireless ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified sip proxy software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified sip proxy",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified meetingplace",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "99710"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "99510"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89610"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89450"
},
{
"model": "unified ip conference phone for third-party call control",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"model": "unified ip conference phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"model": "unified ip series phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "79000"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "69450"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "69010"
},
{
"model": "unified intelligent contact management enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified intelligence center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified contact center enterprise live data server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "unified contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified communications manager session management edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified communications manager im \u0026 presence service (formerly c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified communications domain manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified attendant console standard",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified attendant console premium edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified attendant console enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified attendant console department edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified attendant console business edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified attendant console advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified attendant console",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ucs standalone c-series rack server integrated management cont",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "ucs manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ucs director",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ucs central software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ucs b-series blade servers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ucs series and series fabric interconnects",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "620063000"
},
{
"model": "uc integration for microsoft lync",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence video communication server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence tx9000 series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence system tx1310",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence system ex series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500-370"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500-320"
},
{
"model": "telepresence system series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "13000"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11000"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10000"
},
{
"model": "telepresence system tx9000",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500-37"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500-32"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1100"
},
{
"model": "telepresence sx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence supervisor mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "80500"
},
{
"model": "telepresence server on virtual machine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8200"
},
{
"model": "telepresence server on multiparty media and",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3103200"
},
{
"model": "telepresence server and mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "701087100"
},
{
"model": "telepresence serial gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence profile series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence mx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence isdn link",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence isdn gateway mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83210"
},
{
"model": "telepresence isdn gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32410"
},
{
"model": "telepresence integrator c series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence content server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence conductor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tapi service provider",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tandberg codian mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83200"
},
{
"model": "tandberg codian isdn gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "stealthwatch management console",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "stealthwatch identity",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "stealthwatch flowcollector sflow",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "stealthwatch flowcollector netflow",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "spa525g 5-line ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "spa51x ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "spa232d multi-line dect analog telephone adapter",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "spa122 analog telephone adapter with router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "spa112 2-port phone adapter",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "socialminer",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smart net total care local collector appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "smart care",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "small business spa500 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "small business spa300 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "small business series managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3000"
},
{
"model": "small business series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3000"
},
{
"model": "show and share",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "services provisioning platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "secure access control system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "registered envelope service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "proactive network operations center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime performance manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime optical for service providers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime optical",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime network services controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime network",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime license manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime lan management solution",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime ip express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime infrastructure plug and play standalone gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime data center network manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "prime collaboration provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime collaboration deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime collaboration assurance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime access registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "physical access gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "partner support service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "packaged contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ons series multiservice provisioning platforms",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "onepk all-in-one vm",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "onepk all-in-one virtual machine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "one portal",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus series switches standalone nx-os mode",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9000-0"
},
{
"model": "nexus series fabric switches aci mode",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9000-0"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50000"
},
{
"model": "nexus series blade switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40000"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1000v0"
},
{
"model": "nexus intercloud for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1000v0"
},
{
"model": "nexus intercloud",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1000v0"
},
{
"model": "network performance analysis",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "network analysis module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "netflow generation appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nac guest server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nac appliance clean access server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "nac appliance clean access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "mxe series media experience engines",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "35000"
},
{
"model": "multicast manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mobility services engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "media services interface",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mds series multilayer switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"model": "management appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "lancope stealthwatch flowcollector sflow",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "lancope stealthwatch flowcollector netflow",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jabber software development kit",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jabber guest",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jabber for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jabber for mac",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jabber for iphone and ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jabber for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jabber client framework components",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jabber",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ironport email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ip interoperability and collaboration system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ip series phones vpn feature",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8800-0"
},
{
"model": "ip series phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "78000"
},
{
"model": "ios xr software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "intrusion prevention system solutions",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "intracer",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "intelligent automation for cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "identity services engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "hosted collaboration mediation fulfillment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "firesight system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "expressway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "enterprise content delivery system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "emergency responder",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "edge digital media player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3400"
},
{
"model": "edge digital media player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3000"
},
{
"model": "dx series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "content security appliance update servers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "connected grid routers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "connected analytics for collaboration",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "configuration professional",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "computer telephony integration object server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "common services platform collector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cloupia unified infrastructure controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cloud object storage",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "clean access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "broadband access center telco and wireless",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ata series analog terminal adaptors",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1900"
},
{
"model": "ata analog telephone adaptor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1870"
},
{
"model": "asr series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50000"
},
{
"model": "asa next-generation firewall services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "application policy infrastructure controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "application networking manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "application and content networking system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "anyconnect secure mobility client for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "anyconnect secure mobility client for mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x0"
},
{
"model": "anyconnect secure mobility client for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "anyconnect secure mobility client for ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "anyconnect secure mobility client for desktop platforms",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "anyconnect secure mobility client for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "anyconnect secure mobility client",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "27000"
},
{
"model": "agent for openflow",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "agent desktop for cisco unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "agent desktop",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "adaptive security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ace30 application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ace application control engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "47100"
},
{
"model": "industrial router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9100"
},
{
"model": "series stackable managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"model": "series stackable",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"model": "series digital media players",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44000"
},
{
"model": "series digital media players",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "43000"
},
{
"model": "series smart plus switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2200"
},
{
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "7"
},
{
"model": "x-series xos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "9.7"
},
{
"model": "x-series xos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "11.0"
},
{
"model": "x-series xos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "10.0"
},
{
"model": "ssl visibility",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "3.9"
},
{
"model": "ssl visibility 3.8.4fc",
"scope": null,
"trust": 0.3,
"vendor": "bluecoat",
"version": null
},
{
"model": "policycenter s-series",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "1.1"
},
{
"model": "policycenter",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "9.2"
},
{
"model": "packetshaper s-series",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "11.6"
},
{
"model": "packetshaper s-series",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "11.5"
},
{
"model": "packetshaper s-series",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "11.4"
},
{
"model": "packetshaper s-series",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "11.3"
},
{
"model": "packetshaper s-series",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "11.2"
},
{
"model": "packetshaper",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "9.2"
},
{
"model": "norman shark scada protection",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.3"
},
{
"model": "norman shark network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.3"
},
{
"model": "norman shark industrial control system protection",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.3"
},
{
"model": "management center",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "1.7"
},
{
"model": "malware analysis appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "4.2"
},
{
"model": "vm virtualbox",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "5.1.8"
},
{
"model": "vm virtualbox",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.28"
},
{
"model": "oss support tools",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "8.15.17.3.14"
},
{
"model": "email gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.406-3402.103"
},
{
"model": "tivoli provisioning manager for os deployment build",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1051.08"
},
{
"model": "tivoli provisioning manager for os deployment build",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.20290.1"
},
{
"model": "tivoli provisioning manager for images build",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.20290.1"
},
{
"model": "sterling connect:express for unix ifix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.13150-13"
},
{
"model": "sonas",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.2.5"
},
{
"model": "security network protection",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.3.1"
},
{
"model": "security network protection",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2.5"
},
{
"model": "security network protection",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.11"
},
{
"model": "sdk for node.js",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.7.0.0"
},
{
"model": "sdk for node.js",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.0.0"
},
{
"model": "sdk for node.js",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.15"
},
{
"model": "sdk for node.js",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.4"
},
{
"model": "powerkvm update",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.23"
},
{
"model": "powerkvm update",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.1.3-6513"
},
{
"model": "bigfix remote control",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.3"
},
{
"model": "wireless lan controller",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.4"
},
{
"model": "webex meetings server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.1.30"
},
{
"model": "webex meetings for windows phone",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "82.8"
},
{
"model": "webex meetings client on-premises t32",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings client hosted t32",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex centers t32",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "virtualization experience media edition",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"model": "virtual security gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1.6"
},
{
"model": "videoscape anyres live",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9.7.2"
},
{
"model": "video surveillance ptz ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.9"
},
{
"model": "video surveillance series ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70002.9"
},
{
"model": "video surveillance series ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "60002.9"
},
{
"model": "video surveillance 4300e and 4500e high-definition ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.9"
},
{
"model": "video surveillance series high-definition ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "40002.9"
},
{
"model": "video surveillance series ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30002.9"
},
{
"model": "video distribution suite for internet streaming",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.003(002)"
},
{
"model": "universal small cell iuh",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.17.3"
},
{
"model": "universal small cell cloudbase factory recovery root filesystem",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.17.3"
},
{
"model": "universal small cell series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70003.5.12.23"
},
{
"model": "universal small cell series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "50003.5.12.23"
},
{
"model": "unity express",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10"
},
{
"model": "unified workforce optimization quality management solution 11.5 su1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "unified sip proxy software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10"
},
{
"model": "unified meetingplace 8.6mr1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "unified ip conference phone for third-party call control 9.3 sr3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8831"
},
{
"model": "unified ip conference phone 10.3.1sr4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8831"
},
{
"model": "unified ip phone 9.3 sr3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6901"
},
{
"model": "unified intelligent contact management enterprise",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6.1"
},
{
"model": "unified intelligence center",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6(1)"
},
{
"model": "unified contact center express",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6"
},
{
"model": "unified contact center enterprise",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6.1"
},
{
"model": "ucs standalone c-series rack server integrated management cont",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "-3.0"
},
{
"model": "ucs b-series blade servers",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1.3"
},
{
"model": "uc integration for microsoft lync",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6.3"
},
{
"model": "telepresence video communication server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x8.8.3"
},
{
"model": "telepresence tx9000 series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1"
},
{
"model": "telepresence system tx1310",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1"
},
{
"model": "telepresence system ex series tc7.3.7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "telepresence system ex series ce8.2.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "telepresence system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "500-376.1"
},
{
"model": "telepresence system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "500-326.1"
},
{
"model": "telepresence system series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30006.1"
},
{
"model": "telepresence system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "13006.1"
},
{
"model": "telepresence system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11006.1"
},
{
"model": "telepresence system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10006.1"
},
{
"model": "telepresence sx series tc7.3.7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "telepresence sx series ce8.2.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "telepresence server on multiparty media",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8204.4"
},
{
"model": "telepresence server on multiparty media and",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3103204.4"
},
{
"model": "telepresence server and mse",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "701087104.4"
},
{
"model": "telepresence profile series tc7.3.7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "telepresence profile series ce8.2.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "telepresence mx series tc7.3.7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "telepresence mx series ce8.2.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "telepresence mcu",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5(1.89)"
},
{
"model": "telepresence integrator c series tc7.3.7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "telepresence integrator c series ce8.2.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "spa232d multi-line dect analog telephone adapter",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.4.2"
},
{
"model": "spa122 analog telephone adapter with router",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.4.2"
},
{
"model": "spa112 2-port phone adapter",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.4.2"
},
{
"model": "services provisioning platform sfp1.1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "security manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.13"
},
{
"model": "secure access control system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.8.0.32.8"
},
{
"model": "secure access control system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.8.0.32.7"
},
{
"model": "prime performance manager sp1611",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.7"
},
{
"model": "prime network services controller 1.01u",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "prime network registrar",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.3.5"
},
{
"model": "prime network registrar",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0"
},
{
"model": "prime network",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "431"
},
{
"model": "prime infrastructure",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "prime collaboration provisioning",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6"
},
{
"model": "prime collaboration assurance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6"
},
{
"model": "ons series multiservice provisioning platforms",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1545410.7"
},
{
"model": "nexus series switches standalone nx-os mode 7.0 i5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9000-"
},
{
"model": "nexus series fabric switches aci mode",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9000-0"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70006.2.19"
},
{
"model": "nexus series switches 5.2.8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7000"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "60006.2.19"
},
{
"model": "nexus series switches 5.2.8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6000"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "50006.2.19"
},
{
"model": "nexus series switches 5.2.8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"model": "nexus series blade switches 4.1 e1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4000"
},
{
"model": "nexus series switches 5.2 sv3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1000v"
},
{
"model": "network analysis module",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2(2)"
},
{
"model": "network analysis module 6.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "netflow generation appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.1(1)"
},
{
"model": "mds series multilayer switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "90006.2.19"
},
{
"model": "mds series multilayer switches 5.2.8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9000"
},
{
"model": "jabber software development kit",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"model": "jabber guest",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11"
},
{
"model": "jabber for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"model": "jabber for mac",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"model": "jabber for iphone and ipad",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"model": "jabber for android",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"model": "jabber client framework components",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"model": "ip interoperability and collaboration system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0(1)"
},
{
"model": "ios and cisco ios xe software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "16.4"
},
{
"model": "ios and cisco ios xe software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "16.3"
},
{
"model": "ios and cisco ios xe software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "16.2"
},
{
"model": "ios and cisco ios xe software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "16.1"
},
{
"model": "ios and cisco ios xe software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "15.5(3)"
},
{
"model": "firesight system software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1.0.1"
},
{
"model": "firesight system software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.0.1.3"
},
{
"model": "firesight system software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.4.1.9"
},
{
"model": "firesight system software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.4.0.10"
},
{
"model": "expressway series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x8.8.3"
},
{
"model": "enterprise content delivery system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.9"
},
{
"model": "email security appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0.1"
},
{
"model": "edge digital media player 1.2rb1.0.3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "340"
},
{
"model": "edge digital media player 1.6rb5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "300"
},
{
"model": "digital media manager 5.4.1 rb4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "digital media manager 5.3.6 rb3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "dcm series d9900 digital content manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "content security management appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1.140"
},
{
"model": "connected grid routers",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "15.8.9"
},
{
"model": "connected grid routers",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.3"
},
{
"model": "computer telephony integration object server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6.1"
},
{
"model": "common services platform collector",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.11"
},
{
"model": "ata series analog terminal adaptors",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1901.3"
},
{
"model": "asr series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "500021.2"
},
{
"model": "asa next-generation firewall services",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1.2"
},
{
"model": "application policy infrastructure controller",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2(1)"
},
{
"model": "anyconnect secure mobility client for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.7"
},
{
"model": "anyconnect secure mobility client for mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x4.0.7"
},
{
"model": "anyconnect secure mobility client for linux",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.7"
},
{
"model": "anyconnect secure mobility client for ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.7"
},
{
"model": "anyconnect secure mobility client for desktop platforms",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3.4"
},
{
"model": "anyconnect secure mobility client for desktop platforms",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.4"
},
{
"model": "anyconnect secure mobility client for android",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.7"
},
{
"model": "aironet series access points",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "270016.4"
},
{
"model": "aironet series access points",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "270016.3"
},
{
"model": "aironet series access points",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "270016.2"
},
{
"model": "aironet series access points",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "270016.1"
},
{
"model": "aironet series access points",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "270015.5(3)"
},
{
"model": "industrial router 1.2.1rb4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "910"
},
{
"model": "series digital media players 5.4.1 rb4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4400"
},
{
"model": "series digital media players 5.3.6 rb3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4400"
},
{
"model": "series digital media players 5.4.1 rb4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4300"
},
{
"model": "series digital media players 5.3.6 rb3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4300"
}
],
"sources": [
{
"db": "BID",
"id": "91081"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003305"
},
{
"db": "NVD",
"id": "CVE-2016-2178"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1m:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1j:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1h:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1r:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2g:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2h:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1t:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1p:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1k:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1n:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1q:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1l:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1o:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1i:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:oracle:linux:5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.1.2",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
"cpe_name": [],
"versionEndExcluding": "0.12.16",
"versionStartIncluding": "0.12.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
"cpe_name": [],
"versionEndExcluding": "0.10.47",
"versionStartIncluding": "0.10.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.6.0",
"versionStartIncluding": "4.2.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.7.0",
"versionStartIncluding": "5.0.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-2178"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "138870"
},
{
"db": "PACKETSTORM",
"id": "143176"
},
{
"db": "PACKETSTORM",
"id": "143181"
},
{
"db": "PACKETSTORM",
"id": "140182"
}
],
"trust": 0.4
},
"cve": "CVE-2016-2178",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 2.1,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2016-2178",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2016-2178",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-2178",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2016-2178",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-2178"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003305"
},
{
"db": "NVD",
"id": "CVE-2016-2178"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The dsa_sign_setup function in crypto/dsa/dsa_ossl.c in OpenSSL through 1.0.2h does not properly ensure the use of constant-time operations, which makes it easier for local users to discover a DSA private key via a timing side-channel attack. OpenSSL is prone to a local information-disclosure vulnerability. \nLocal attackers can exploit this issue to obtain sensitive information. This may aid in further attacks. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: openssl security update\nAdvisory ID: RHSA-2016:1940-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2016-1940.html\nIssue date: 2016-09-27\nCVE Names: CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 \n CVE-2016-2180 CVE-2016-2181 CVE-2016-2182 \n CVE-2016-6302 CVE-2016-6304 CVE-2016-6306 \n=====================================================================\n\n1. Summary:\n\nAn update for openssl is now available for Red Hat Enterprise Linux 6 and\nRed Hat Enterprise Linux 7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Desktop (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux HPC Node (v. 6) - x86_64\nRed Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64\nRed Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - x86_64\n\n3. Description:\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and\nTransport Layer Security (TLS) protocols, as well as a full-strength\ngeneral-purpose cryptography library. \n\nSecurity Fix(es):\n\n* A memory leak flaw was found in the way OpenSSL handled TLS status\nrequest extension data during session renegotiation. A remote attacker\ncould cause a TLS server using OpenSSL to consume an excessive amount of\nmemory and, possibly, exit unexpectedly after exhausting all available\nmemory, if it enabled OCSP stapling support. (CVE-2016-6304)\n\n* It was discovered that OpenSSL did not always use constant time\noperations when computing Digital Signature Algorithm (DSA) signatures. \n(CVE-2016-2178)\n\n* It was discovered that the Datagram TLS (DTLS) implementation could fail\nto release memory in certain cases. A malicious DTLS client could cause a\nDTLS server using OpenSSL to consume an excessive amount of memory and,\npossibly, exit unexpectedly after exhausting all available memory. \n(CVE-2016-2179)\n\n* A flaw was found in the Datagram TLS (DTLS) replay protection\nimplementation in OpenSSL. A remote attacker could possibly use this flaw\nto make a DTLS server using OpenSSL to reject further packets sent from a\nDTLS client over an established DTLS connection. (CVE-2016-2181)\n\n* An out of bounds write flaw was discovered in the OpenSSL BN_bn2dec()\nfunction. An attacker able to make an application using OpenSSL to process\na large BIGNUM could cause the application to crash or, possibly, execute\narbitrary code. (CVE-2016-2182)\n\n* A flaw was found in the DES/3DES cipher was used as part of the TLS/SSL\nprotocol. A man-in-the-middle attacker could use this flaw to recover some\nplaintext data by capturing large amounts of encrypted traffic between\nTLS/SSL server and client if the communication used a DES/3DES based\nciphersuite. (CVE-2016-2183)\n\nThis update mitigates the CVE-2016-2183 issue by lowering priority of DES\ncipher suites so they are not preferred over cipher suites using AES. For\ncompatibility reasons, DES cipher suites remain enabled by default and\nincluded in the set of cipher suites identified by the HIGH cipher string. \nFuture updates may move them to MEDIUM or not enable them by default. \n\n* An integer underflow flaw leading to a buffer over-read was found in the\nway OpenSSL parsed TLS session tickets. A remote attacker could use this\nflaw to crash a TLS server using OpenSSL if it used SHA-512 as HMAC for\nsession tickets. (CVE-2016-6302)\n\n* Multiple integer overflow flaws were found in the way OpenSSL performed\npointer arithmetic. A remote attacker could possibly use these flaws to\ncause a TLS/SSL server or client using OpenSSL to crash. (CVE-2016-2177)\n\n* An out of bounds read flaw was found in the way OpenSSL formatted Public\nKey Infrastructure Time-Stamp Protocol data for printing. An attacker could\npossibly cause an application using OpenSSL to crash if it printed time\nstamp data from the attacker. (CVE-2016-2180)\n\n* Multiple out of bounds read flaws were found in the way OpenSSL handled\ncertain TLS/SSL protocol handshake messages. A remote attacker could\npossibly use these flaws to crash a TLS/SSL server or client using OpenSSL. \n(CVE-2016-6306)\n\nRed Hat would like to thank the OpenSSL project for reporting CVE-2016-6304\nand CVE-2016-6306 and OpenVPN for reporting CVE-2016-2183. Upstream\nacknowledges Shi Lei (Gear Team of Qihoo 360 Inc.) as the original reporter\nof CVE-2016-6304 and CVE-2016-6306; and Karthikeyan Bhargavan (Inria) and\nGaA\u003c\u003ctan Leurent (Inria) as the original reporters of CVE-2016-2183. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library\nmust be restarted, or the system rebooted. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1341705 - CVE-2016-2177 openssl: Possible integer overflow vulnerabilities in codebase\n1343400 - CVE-2016-2178 openssl: Non-constant time codepath followed for certain operations in DSA implementation\n1359615 - CVE-2016-2180 OpenSSL: OOB read in TS_OBJ_print_bio()\n1367340 - CVE-2016-2182 openssl: Out-of-bounds write caused by unchecked errors in BN_bn2dec()\n1369113 - CVE-2016-2181 openssl: DTLS replay protection bypass allows DoS against DTLS connection\n1369383 - CVE-2016-2183 SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)\n1369504 - CVE-2016-2179 openssl: DTLS memory exhaustion DoS when messages are not removed from fragment buffer\n1369855 - CVE-2016-6302 openssl: Insufficient TLS session ticket HMAC length checks\n1377594 - CVE-2016-6306 openssl: certificate message OOB reads\n1377600 - CVE-2016-6304 openssl: OCSP Status Request extension unbounded memory growth\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 6):\n\nSource:\nopenssl-1.0.1e-48.el6_8.3.src.rpm\n\ni386:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\n\nx86_64:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Optional (v. 6):\n\ni386:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-static-1.0.1e-48.el6_8.3.i686.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-static-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node (v. 6):\n\nSource:\nopenssl-1.0.1e-48.el6_8.3.src.rpm\n\nx86_64:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Optional (v. 6):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-static-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 6):\n\nSource:\nopenssl-1.0.1e-48.el6_8.3.src.rpm\n\ni386:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\n\nppc64:\nopenssl-1.0.1e-48.el6_8.3.ppc.rpm\nopenssl-1.0.1e-48.el6_8.3.ppc64.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.ppc.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.ppc64.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.ppc.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.ppc64.rpm\n\ns390x:\nopenssl-1.0.1e-48.el6_8.3.s390.rpm\nopenssl-1.0.1e-48.el6_8.3.s390x.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.s390.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.s390x.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.s390.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.s390x.rpm\n\nx86_64:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 6):\n\ni386:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-static-1.0.1e-48.el6_8.3.i686.rpm\n\nppc64:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.ppc64.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.ppc64.rpm\nopenssl-static-1.0.1e-48.el6_8.3.ppc64.rpm\n\ns390x:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.s390x.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.s390x.rpm\nopenssl-static-1.0.1e-48.el6_8.3.s390x.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-static-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 6):\n\nSource:\nopenssl-1.0.1e-48.el6_8.3.src.rpm\n\ni386:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\n\nx86_64:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 6):\n\ni386:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-static-1.0.1e-48.el6_8.3.i686.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-static-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nopenssl-1.0.1e-51.el7_2.7.src.rpm\n\nx86_64:\nopenssl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-static-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-static-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nopenssl-1.0.1e-51.el7_2.7.src.rpm\n\nx86_64:\nopenssl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-static-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-static-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nopenssl-1.0.1e-51.el7_2.7.src.rpm\n\nppc64:\nopenssl-1.0.1e-51.el7_2.7.ppc64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.ppc.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.ppc64.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.ppc.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.ppc64.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.ppc.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.ppc64.rpm\n\nppc64le:\nopenssl-1.0.1e-51.el7_2.7.ppc64le.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.ppc64le.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.ppc64le.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.ppc64le.rpm\n\ns390x:\nopenssl-1.0.1e-51.el7_2.7.s390x.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.s390.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.s390x.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.s390.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.s390x.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.s390.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.s390x.rpm\n\nx86_64:\nopenssl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.ppc.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.ppc64.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.ppc64.rpm\nopenssl-static-1.0.1e-51.el7_2.7.ppc.rpm\nopenssl-static-1.0.1e-51.el7_2.7.ppc64.rpm\n\nppc64le:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.ppc64le.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.ppc64le.rpm\nopenssl-static-1.0.1e-51.el7_2.7.ppc64le.rpm\n\ns390x:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.s390.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.s390x.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.s390x.rpm\nopenssl-static-1.0.1e-51.el7_2.7.s390.rpm\nopenssl-static-1.0.1e-51.el7_2.7.s390x.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-static-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-static-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nopenssl-1.0.1e-51.el7_2.7.src.rpm\n\nx86_64:\nopenssl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-static-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-static-1.0.1e-51.el7_2.7.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2016-2177\nhttps://access.redhat.com/security/cve/CVE-2016-2178\nhttps://access.redhat.com/security/cve/CVE-2016-2179\nhttps://access.redhat.com/security/cve/CVE-2016-2180\nhttps://access.redhat.com/security/cve/CVE-2016-2181\nhttps://access.redhat.com/security/cve/CVE-2016-2182\nhttps://access.redhat.com/security/cve/CVE-2016-6302\nhttps://access.redhat.com/security/cve/CVE-2016-6304\nhttps://access.redhat.com/security/cve/CVE-2016-6306\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://www.openssl.org/news/secadv/20160922.txt\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFX6nnFXlSAg2UNWIIRAqklAJ9uGMit/wxZ0CfuGjR7Vi2+AjmGMwCfTpEI\nxpTW7ApBLmKhVjs49DGYouI=\n=4VgY\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. Of these 14 vulnerabilities, the OpenSSL Software Foundation classifies one as aCritical Severity,a one as aModerate Severity,a and the other 12 as aLow Severity.a\n\nSubsequently, on September 26, the OpenSSL Software Foundation released an additional advisory that describes two new vulnerabilities. One of the new vulnerabilities was rated as aHigh Severitya and the other as aModerate Severity.a\n\nOf the 16 released vulnerabilities:\n Fourteen track issues that could result in a denial of service (DoS) condition\n One (CVE-2016-2183, aka SWEET32) tracks an implementation of a Birthday attack against Transport Layer Security (TLS) block ciphers that use a 64-bit block size that could result in loss of confidentiality\n One (CVE-2016-2178) is a timing side-channel attack that, in specific circumstances, could allow an attacker to derive the private DSA key that belongs to another user or service running on the same system\n\nFive of the 16 vulnerabilities affect exclusively the recently released OpenSSL versions that belong to the 1.1.0 code train, which has not yet been integrated into any Cisco product. \n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201612-16\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: OpenSSL: Multiple vulnerabilities\n Date: December 07, 2016\n Bugs: #581234, #585142, #585276, #591454, #592068, #592074,\n #592082, #594500, #595186\n ID: 201612-16\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in OpenSSL, the worst of which\nallows attackers to conduct a time based side-channel attack. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 dev-libs/openssl \u003c 1.0.2j \u003e= 1.0.2j\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in OpenSSL. Please review\nthe CVE identifiers and the International Association for Cryptologic\nResearch\u0027s (IACR) paper, \"Make Sure DSA Signing Exponentiations Really\nare Constant-Time\" for further details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll OpenSSL users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-1.0.2j\"\n\nReferences\n==========\n\n[ 1 ] CVE-2016-2105\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2105\n[ 2 ] CVE-2016-2106\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2106\n[ 3 ] CVE-2016-2107\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2107\n[ 4 ] CVE-2016-2108\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2108\n[ 5 ] CVE-2016-2109\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2109\n[ 6 ] CVE-2016-2176\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2176\n[ 7 ] CVE-2016-2177\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2177\n[ 8 ] CVE-2016-2178\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2178\n[ 9 ] CVE-2016-2180\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2180\n[ 10 ] CVE-2016-2183\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2183\n[ 11 ] CVE-2016-6304\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6304\n[ 12 ] CVE-2016-6305\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6305\n[ 13 ] CVE-2016-6306\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6306\n[ 14 ] CVE-2016-7052\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7052\n[ 15 ] Make Sure DSA Signing Exponentiations Really are Constant-Time\n http://eprint.iacr.org/2016/594.pdf\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201612-16\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2016 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n\n. Description:\n\nRed Hat JBoss Enterprise Application Platform is a platform for Java\napplications based on the JBoss Application Server. \n\nThis release includes bug fixes as well as a new release of OpenSSL. For\nfurther information, see the knowledge base article linked to in the\nReferences section. The JBoss server process must be restarted for the update\nto take effect. After installing the updated\npackages, the httpd daemon will be restarted automatically. ==========================================================================\nUbuntu Security Notice USN-3087-2\nSeptember 23, 2016\n\nopenssl regression\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 16.04 LTS\n- Ubuntu 14.04 LTS\n- Ubuntu 12.04 LTS\n\nSummary:\n\nUSN-3087-1 introduced a regression in OpenSSL. The fix for CVE-2016-2182 was\nincomplete and caused a regression when parsing certificates. This update\nfixes the problem. \n\nWe apologize for the inconvenience. This\n issue has only been addressed in Ubuntu 16.04 LTS in this update. (CVE-2016-2178)\n Quan Luo discovered that OpenSSL did not properly restrict the lifetime\n of queue entries in the DTLS implementation. (CVE-2016-2181)\n Shi Lei discovered that OpenSSL incorrectly validated division results. \n (CVE-2016-2182)\n Karthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES\n ciphers were vulnerable to birthday attacks. \n (CVE-2016-2183)\n Shi Lei discovered that OpenSSL incorrectly handled certain ticket lengths. (CVE-2016-6303)\n Shi Lei discovered that OpenSSL incorrectly performed certain message\n length checks. (CVE-2016-6306)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 16.04 LTS:\n libssl1.0.0 1.0.2g-1ubuntu4.5\n\nUbuntu 14.04 LTS:\n libssl1.0.0 1.0.1f-1ubuntu2.21\n\nUbuntu 12.04 LTS:\n libssl1.0.0 1.0.1-4ubuntu5.38\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. (CVE-2016-4459,\nCVE-2016-8612)\n\n* A buffer overflow flaw when concatenating virtual host names and URIs was\nfixed in mod_jk. (CVE-2016-6808)\n\n* A memory leak flaw was fixed in expat. Solution:\n\nThe References section of this erratum contains a download link (you must\nlog in to download the update). JIRA issues fixed (https://issues.jboss.org/):\n\nJBCS-50 - CVE-2012-1148 CVE-2012-0876 expat: various flaws [jbews-3.0.0]\nJBCS-95 - CVE-2014-3523 httpd: WinNT MPM denial of service\n\n6",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-2178"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003305"
},
{
"db": "BID",
"id": "91081"
},
{
"db": "VULMON",
"id": "CVE-2016-2178"
},
{
"db": "PACKETSTORM",
"id": "138870"
},
{
"db": "PACKETSTORM",
"id": "143176"
},
{
"db": "PACKETSTORM",
"id": "138889"
},
{
"db": "PACKETSTORM",
"id": "140056"
},
{
"db": "PACKETSTORM",
"id": "138820"
},
{
"db": "PACKETSTORM",
"id": "143181"
},
{
"db": "PACKETSTORM",
"id": "138826"
},
{
"db": "PACKETSTORM",
"id": "140182"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-2178",
"trust": 3.0
},
{
"db": "BID",
"id": "91081",
"trust": 1.4
},
{
"db": "MCAFEE",
"id": "SB10215",
"trust": 1.1
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2016/06/08/6",
"trust": 1.1
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2016/06/08/7",
"trust": 1.1
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2016/06/08/5",
"trust": 1.1
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2016/06/09/8",
"trust": 1.1
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2016/06/08/2",
"trust": 1.1
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2016/06/08/12",
"trust": 1.1
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2016/06/08/8",
"trust": 1.1
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2016/06/08/11",
"trust": 1.1
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2016/06/09/2",
"trust": 1.1
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2016/06/08/10",
"trust": 1.1
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2016/06/08/4",
"trust": 1.1
},
{
"db": "TENABLE",
"id": "TNS-2016-16",
"trust": 1.1
},
{
"db": "TENABLE",
"id": "TNS-2016-21",
"trust": 1.1
},
{
"db": "TENABLE",
"id": "TNS-2016-20",
"trust": 1.1
},
{
"db": "JUNIPER",
"id": "JSA10759",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1036054",
"trust": 1.1
},
{
"db": "PULSESECURE",
"id": "SA40312",
"trust": 1.1
},
{
"db": "SIEMENS",
"id": "SSA-412672",
"trust": 1.1
},
{
"db": "JVN",
"id": "JVNVU98667810",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003305",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-22-349-21",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-2178",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "138870",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "143176",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "138889",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "140056",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "138820",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "143181",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "138826",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "140182",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-2178"
},
{
"db": "BID",
"id": "91081"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003305"
},
{
"db": "PACKETSTORM",
"id": "138870"
},
{
"db": "PACKETSTORM",
"id": "143176"
},
{
"db": "PACKETSTORM",
"id": "138889"
},
{
"db": "PACKETSTORM",
"id": "140056"
},
{
"db": "PACKETSTORM",
"id": "138820"
},
{
"db": "PACKETSTORM",
"id": "143181"
},
{
"db": "PACKETSTORM",
"id": "138826"
},
{
"db": "PACKETSTORM",
"id": "140182"
},
{
"db": "NVD",
"id": "CVE-2016-2178"
}
]
},
"id": "VAR-201606-0477",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.4102494200000001
},
"last_update_date": "2024-07-23T19:37:05.973000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20160927-openssl",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160927-openssl"
},
{
"title": "HPSBGN03658",
"trust": 0.8,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05302448"
},
{
"title": "1995039",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039"
},
{
"title": "NV17-001",
"trust": 0.8,
"url": "http://jpn.nec.com/security-info/secinfo/nv17-001.html"
},
{
"title": "OpenSSL 1.0.2 Series Release Notes",
"trust": 0.8,
"url": "https://www.openssl.org/news/openssl-1.0.2-notes.html"
},
{
"title": "OpenSSL 1.0.1 Series Release Notes",
"trust": 0.8,
"url": "https://www.openssl.org/news/openssl-1.0.1-notes.html"
},
{
"title": "Security updates for all active release lines, September 2016",
"trust": 0.8,
"url": "https://nodejs.org/en/blog/vulnerability/september-2016-security-releases/"
},
{
"title": "Fix DSA, preserve BN_FLG_CONSTTIME",
"trust": 0.8,
"url": "https://git.openssl.org/?p=openssl.git;a=commit;h=399944622df7bd81af62e67ea967c470534090e2"
},
{
"title": "SUSE-SU-2016:2470",
"trust": 0.8,
"url": "https://lists.opensuse.org/opensuse-security-announce/2016-10/msg00013.html"
},
{
"title": "Oracle Critical Patch Update Advisory - October 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"title": "Oracle Linux Bulletin - October 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html"
},
{
"title": "Oracle VM Server for x86 Bulletin - October 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html"
},
{
"title": "Oracle Solaris Third Party Bulletin - April 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"title": "Bug 1343400",
"trust": 0.8,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343400"
},
{
"title": "SA132",
"trust": 0.8,
"url": "https://bto.bluecoat.com/security-advisory/sa132"
},
{
"title": "SA40312",
"trust": 0.8,
"url": "https://kb.pulsesecure.net/articles/pulse_security_advisories/sa40312"
},
{
"title": "JSA10759",
"trust": 0.8,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10759"
},
{
"title": "Splunk Enterprise 6.4.5 addresses multiple vulnerabilities",
"trust": 0.8,
"url": "http://www.splunk.com/view/sp-caaapue"
},
{
"title": "Splunk Enterprise 6.5.1 addresses multiple OpenSSL vulnerabilities",
"trust": 0.8,
"url": "http://www.splunk.com/view/sp-caaapsv"
},
{
"title": "TNS-2016-16",
"trust": 0.8,
"url": "https://www.tenable.com/security/tns-2016-16"
},
{
"title": "TLSA-2016-17",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2016/tlsa-2016-17j.html"
},
{
"title": "Red Hat: Important: Red Hat JBoss Enterprise Application Platform 6.4.16 natives update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20171659 - security advisory"
},
{
"title": "Red Hat: Important: Red Hat JBoss Enterprise Application Platform 6.4.16 natives update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20171658 - security advisory"
},
{
"title": "Red Hat: Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Release on RHEL 7",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20170194 - security advisory"
},
{
"title": "Red Hat: Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Release on RHEL 6",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20170193 - security advisory"
},
{
"title": "Red Hat: Important: openssl security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20161940 - security advisory"
},
{
"title": "Red Hat: CVE-2016-2178",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2016-2178"
},
{
"title": "Arch Linux Issues: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=cve-2016-2178"
},
{
"title": "Ubuntu Security Notice: openssl vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3087-1"
},
{
"title": "Ubuntu Security Notice: openssl regression",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3087-2"
},
{
"title": "Amazon Linux AMI: ALAS-2016-755",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2016-755"
},
{
"title": "Arch Linux Advisories: [ASA-201609-23] openssl: multiple issues",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=asa-201609-23"
},
{
"title": "Arch Linux Advisories: [ASA-201609-24] lib32-openssl: multiple issues",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=asa-201609-24"
},
{
"title": "Red Hat: Important: Red Hat JBoss Core Services Apache HTTP 2.4.23 Release",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20162957 - security advisory"
},
{
"title": "IBM: IBM Security Bulletin: Fabric OS firmware for Brocade 8Gb SAN Switch Module for BladeCenter is affected by vulnerabilities in OpenSSL and OpenSSH",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=b7f5b1e7edcafce07f28205855d4db49"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - January 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=69e9536e77203a3c76b24dd89f4f9300"
},
{
"title": "Tenable Security Advisories: [R7] Nessus 6.9 Fixes Multiple Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=tns-2016-16"
},
{
"title": "Symantec Security Advisories: SA132 : OpenSSL Vulnerabilities 22-Sep-2016 and 26-Sep-2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=1e6dcaf5dac6ef96a7d917a8c1393040"
},
{
"title": "Cisco: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: September 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20160927-openssl"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=05aabe19d38058b7814ef5514aab4c0c"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - July 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=ac5af5dd99788925425f5747ec672707"
},
{
"title": "Tenable Security Advisories: [R3] PVS 5.2.0 Fixes Multiple Third-party Library Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=tns-2016-20"
},
{
"title": "Tenable Security Advisories: [R2] LCE 4.8.2 Fixes Multiple Third-party Library Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=tns-2016-21"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - July 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=2f446a7e1ea263c0c3a365776c6713f2"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - April 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=a31bff03e9909229fd67996884614fdf"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - April 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=976a4da35d55283870dbb31b88a6c655"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - January 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=e2a7f287e9acc8c64ab3df71130bc64d"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - July 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=586e6062440cdd312211d748e028164e"
},
{
"title": "Oracle VM Server for x86 Bulletins: Oracle VM Server for x86 Bulletin - October 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_vm_server_for_x86_bulletins\u0026qid=21c0efa2643d707e2f50a501209eb75c"
},
{
"title": "Oracle Linux Bulletins: Oracle Linux Bulletin - October 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=13f3551b67d913fba90df4b2c0dae0bf"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - April 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=4019ca77f50c7a34e4d97833e6f3321e"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - April 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=143b3fb255063c81571469eaa3cf0a87"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=523d3f220a64ff01dd95e064bd37566a"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-2178 "
},
{
"title": "alpine-cvecheck",
"trust": 0.1,
"url": "https://github.com/tomwillfixit/alpine-cvecheck "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-2178"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003305"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-203",
"trust": 1.0
},
{
"problemtype": "CWE-200",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-003305"
},
{
"db": "NVD",
"id": "CVE-2016-2178"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.5,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160927-openssl"
},
{
"trust": 1.4,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343400"
},
{
"trust": 1.4,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"trust": 1.4,
"url": "https://bto.bluecoat.com/security-advisory/sa132"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039"
},
{
"trust": 1.4,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"trust": 1.3,
"url": "http://www.ubuntu.com/usn/usn-3087-1"
},
{
"trust": 1.2,
"url": "http://eprint.iacr.org/2016/594.pdf"
},
{
"trust": 1.2,
"url": "https://security.gentoo.org/glsa/201612-16"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2017:1658"
},
{
"trust": 1.2,
"url": "http://rhn.redhat.com/errata/rhsa-2017-1659.html"
},
{
"trust": 1.2,
"url": "http://rhn.redhat.com/errata/rhsa-2016-2957.html"
},
{
"trust": 1.2,
"url": "http://rhn.redhat.com/errata/rhsa-2016-1940.html"
},
{
"trust": 1.2,
"url": "http://www.ubuntu.com/usn/usn-3087-2"
},
{
"trust": 1.1,
"url": "http://www.openwall.com/lists/oss-security/2016/06/09/8"
},
{
"trust": 1.1,
"url": "http://www.openwall.com/lists/oss-security/2016/06/08/2"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00013.html"
},
{
"trust": 1.1,
"url": "https://nodejs.org/en/blog/vulnerability/september-2016-security-releases/"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05302448"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/91081"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1036054"
},
{
"trust": 1.1,
"url": "http://www.splunk.com/view/sp-caaapue"
},
{
"trust": 1.1,
"url": "http://www.splunk.com/view/sp-caaapsv"
},
{
"trust": 1.1,
"url": "https://kb.pulsesecure.net/articles/pulse_security_advisories/sa40312"
},
{
"trust": 1.1,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10759"
},
{
"trust": 1.1,
"url": "https://www.tenable.com/security/tns-2016-16"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"trust": 1.1,
"url": "https://www.tenable.com/security/tns-2016-21"
},
{
"trust": 1.1,
"url": "https://www.tenable.com/security/tns-2016-20"
},
{
"trust": 1.1,
"url": "https://security.freebsd.org/advisories/freebsd-sa-16:26.openssl.asc"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2017:0194"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2017:0193"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"trust": 1.1,
"url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03856en_us"
},
{
"trust": 1.1,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10215"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00005.html"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2016/dsa-3673"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00024.html"
},
{
"trust": 1.1,
"url": "https://support.f5.com/csp/article/k53084033"
},
{
"trust": 1.1,
"url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en\u0026docid=emr_na-hpesbhf03856en_us"
},
{
"trust": 1.1,
"url": "http://www.openwall.com/lists/oss-security/2016/06/08/12"
},
{
"trust": 1.1,
"url": "http://www.openwall.com/lists/oss-security/2016/06/08/11"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00010.html"
},
{
"trust": 1.1,
"url": "http://www.openwall.com/lists/oss-security/2016/06/08/10"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00029.html"
},
{
"trust": 1.1,
"url": "http://www.openwall.com/lists/oss-security/2016/06/08/6"
},
{
"trust": 1.1,
"url": "http://www.openwall.com/lists/oss-security/2016/06/08/5"
},
{
"trust": 1.1,
"url": "http://www.openwall.com/lists/oss-security/2016/06/08/4"
},
{
"trust": 1.1,
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1749-security-advisory-24"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00012.html"
},
{
"trust": 1.1,
"url": "http://www.openwall.com/lists/oss-security/2016/06/08/8"
},
{
"trust": 1.1,
"url": "http://www.openwall.com/lists/oss-security/2016/06/08/7"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00032.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00023.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00011.html"
},
{
"trust": 1.1,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170322-01-openssl-en"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00031.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00011.html"
},
{
"trust": 1.1,
"url": "http://seclists.org/fulldisclosure/2017/jul/31"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00021.html"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-c05302448"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00022.html"
},
{
"trust": 1.1,
"url": "http://www.openwall.com/lists/oss-security/2016/06/09/2"
},
{
"trust": 1.1,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
},
{
"trust": 1.1,
"url": "https://git.openssl.org/?p=openssl.git%3ba=commit%3bh=399944622df7bd81af62e67ea967c470534090e2"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2178"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu98667810/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-2178"
},
{
"trust": 0.8,
"url": "http://www.bizmobile.co.jp/news_02.php?id=4069\u0026nc=1"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2178"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2177"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6304"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2016-2177"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6306"
},
{
"trust": 0.4,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2016-2178"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2180"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2183"
},
{
"trust": 0.3,
"url": "http://openssl.org/"
},
{
"trust": 0.3,
"url": "http://eprint.iacr.org/2016/594"
},
{
"trust": 0.3,
"url": "https://git.openssl.org/?p=openssl.git;a=commit;h=399944622df7bd81af62e67ea967c470534090e2"
},
{
"trust": 0.3,
"url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory21.asc"
},
{
"trust": 0.3,
"url": "https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-openssl-affect-ibm-worklight-and-ibm-mobilefirst-platform-foundation-2/"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1024394"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=isg3t1024401"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1024507"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1024648"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1021643"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
},
{
"trust": 0.3,
"url": "https://kc.mcafee.com/resources/sites/mcafee/content/live/product_documentation/27000/pd27128/en_us/meg_7_6_406_3402_103_release_notes_en_us.pdf"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995935"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21991896"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21994870"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1009586"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1s1009648"
},
{
"trust": 0.3,
"url": "https://www-01.ibm.com/support/docview.wss?uid=swg21985392"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21991724"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21992348"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21992427"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21992681"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21992898"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21993061"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21993856"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21993875"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21994534"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21994861"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995392"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995393"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995691"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg2c1000242"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2182"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6302"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2179"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2181"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2016-6304"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/articles/2688611"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/solutions/222023"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-8610"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-8610"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?product=appplatform\u0026downloadtype=securitypatches\u0026version=6.4"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2107"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2109"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2106"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2108"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2105"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6303"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/203.html"
},
{
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-2178"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2017:1659"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/3087-1/"
},
{
"trust": 0.1,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-21"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=49001"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2180"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/news/secadv/20160922.txt"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-6306"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2181"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2179"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2182"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-6302"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en/jboss-enterprise-application-platform/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2105"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2183"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2107"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2178"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2176"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-7052"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-6304"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-6305"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2106"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2108"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7052"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2109"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6305"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2176"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2180"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2177"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-6306"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1-4ubuntu5.37"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu2.20"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.2g-1ubuntu4.4"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu2.21"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1-4ubuntu5.38"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.2g-1ubuntu4.5"
},
{
"trust": 0.1,
"url": "https://launchpad.net/bugs/1626883"
},
{
"trust": 0.1,
"url": "https://issues.jboss.org/):"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0705"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-3196"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-4448"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3216"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2106"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0702"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0797"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-8176"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-6808"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1835"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en/red-hat-jboss-core-services-apache-http-server/version-2.4.23/apache-http-server-2423-release-notes/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-3705"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1838"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2107"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0799"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3196"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1839"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3523"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-4483"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-3523"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2842"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-8612"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1148"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1840"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0797"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3185"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1836"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0705"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-3185"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-3194"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1833"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?product=core.service.apachehttp\u0026downloadtype=distributions\u0026version=2.4.23"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2105"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8176"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1840"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1836"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1762"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1835"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-4449"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-0286"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1762"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-5420"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3194"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2108"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0286"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-3627"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2012-1148"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1837"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2109"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1834"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3195"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0209"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1837"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1839"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-5419"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-4459"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-0209"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-3195"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0702"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-3216"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1838"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1833"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1834"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-4447"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-7141"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0799"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-2178"
},
{
"db": "BID",
"id": "91081"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003305"
},
{
"db": "PACKETSTORM",
"id": "138870"
},
{
"db": "PACKETSTORM",
"id": "143176"
},
{
"db": "PACKETSTORM",
"id": "138889"
},
{
"db": "PACKETSTORM",
"id": "140056"
},
{
"db": "PACKETSTORM",
"id": "138820"
},
{
"db": "PACKETSTORM",
"id": "143181"
},
{
"db": "PACKETSTORM",
"id": "138826"
},
{
"db": "PACKETSTORM",
"id": "140182"
},
{
"db": "NVD",
"id": "CVE-2016-2178"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2016-2178"
},
{
"db": "BID",
"id": "91081"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003305"
},
{
"db": "PACKETSTORM",
"id": "138870"
},
{
"db": "PACKETSTORM",
"id": "143176"
},
{
"db": "PACKETSTORM",
"id": "138889"
},
{
"db": "PACKETSTORM",
"id": "140056"
},
{
"db": "PACKETSTORM",
"id": "138820"
},
{
"db": "PACKETSTORM",
"id": "143181"
},
{
"db": "PACKETSTORM",
"id": "138826"
},
{
"db": "PACKETSTORM",
"id": "140182"
},
{
"db": "NVD",
"id": "CVE-2016-2178"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-06-20T00:00:00",
"db": "VULMON",
"id": "CVE-2016-2178"
},
{
"date": "2016-06-08T00:00:00",
"db": "BID",
"id": "91081"
},
{
"date": "2016-06-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-003305"
},
{
"date": "2016-09-27T19:32:00",
"db": "PACKETSTORM",
"id": "138870"
},
{
"date": "2017-06-28T22:12:00",
"db": "PACKETSTORM",
"id": "143176"
},
{
"date": "2016-09-28T23:24:00",
"db": "PACKETSTORM",
"id": "138889"
},
{
"date": "2016-12-07T16:37:31",
"db": "PACKETSTORM",
"id": "140056"
},
{
"date": "2016-09-22T22:25:00",
"db": "PACKETSTORM",
"id": "138820"
},
{
"date": "2017-06-28T22:37:00",
"db": "PACKETSTORM",
"id": "143181"
},
{
"date": "2016-09-23T19:19:00",
"db": "PACKETSTORM",
"id": "138826"
},
{
"date": "2016-12-16T16:34:49",
"db": "PACKETSTORM",
"id": "140182"
},
{
"date": "2016-06-20T01:59:03.023000",
"db": "NVD",
"id": "CVE-2016-2178"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2016-2178"
},
{
"date": "2018-02-05T14:00:00",
"db": "BID",
"id": "91081"
},
{
"date": "2017-10-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-003305"
},
{
"date": "2023-11-07T02:31:01.430000",
"db": "NVD",
"id": "CVE-2016-2178"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "91081"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL of crypto/dsa/dsa_ossl.c of dsa_sign_setup In function DSA Vulnerability to obtain a private key",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-003305"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "91081"
}
],
"trust": 0.3
}
}
VAR-201605-0077
Vulnerability from variot - Updated: 2024-07-22 22:40The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h does not consider memory allocation during a certain padding check, which allows remote attackers to obtain sensitive cleartext information via a padding-oracle attack against an AES CBC session. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-0169. OpenSSL is prone to an information-disclosure vulnerability. An attacker can exploit this issue to perform man-in-the-middle attacks and obtain sensitive information. Successful exploits will lead to other attacks. Note : This issue is the result of an incomplete fix for the issue described in 57778 (Multiple TLS And DTLS Implementations CVE-2013-0169 Information Disclosure Vulnerability) OpenSSL versions 1.0.2 prior to 1.0.2h are vulnerable. OpenSSL versions 1.0.1 prior to 1.0.1t are vulnerable. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03756en_us
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: hpesbhf03756en_us Version: 1
HPESBHF03756 rev.1 - HPE Network Products including Comware 7, iMC, and VCX running OpenSSL, Remote Denial of Service (DoS), Disclosure of Sensitive Information
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2017-06-05 Last Updated: 2017-06-05
Potential Security Impact: Remote: Denial of Service (DoS), Disclosure of Sensitive Information
Source: Hewlett Packard Enterprise, Product Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities with OpenSSL have been addressed for HPE network products including Comware 7, iMC, and VCX. The vulnerabilities could be remotely exploited resulting in Denial of Service (DoS) or disclosure of sensitive information.
References:
- CVE-2016-2105 - Remote Denial of Service (DoS)
- CVE-2016-2106 - Remote Denial of Service (DoS)
- CVE-2016-2107 - Remote disclosure of sensitive information
- CVE-2016-2108 - Remote Denial of Service (DoS)
- CVE-2016-2109 - Remote Denial of Service (DoS)
- CVE-2016-2176 - Remote Denial of Service (DoS)
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
- VCX Products All versions - Please refer to the RESOLUTION below for a list of updated products.
- Comware v7 (CW7) Products All versions - Please refer to the RESOLUTION below for a list of updated products.
- HP Intelligent Management Center (iMC) All versions - Please refer to the RESOLUTION below for a list of updated products.
BACKGROUND
CVSS Base Metrics ================= Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector
CVE-2016-2105
5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVE-2016-2106
5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVE-2016-2107
3.7 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
2.6 (AV:N/AC:H/Au:N/C:P/I:N/A:N)
CVE-2016-2108
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2016-2109
7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.8 (AV:N/AC:L/Au:N/C:N/I:N/A:C)
CVE-2016-2176
6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
6.4 (AV:N/AC:L/Au:N/C:P/I:N/A:P)
Information on CVSS is documented in
HPE Customer Notice HPSN-2008-002 here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499
RESOLUTION
HPE has made the following software updates available to resolve the vulnerabilities in the Comware 7, iMC and VCX products running OpenSSL.
COMWARE 7 Products
- 12500 (Comware 7) - Version: R7377P02
- HP Network Products
- JC072B HP 12500 Main Processing Unit
- JC085A HP A12518 Switch Chassis
- JC086A HP A12508 Switch Chassis
- JC652A HP 12508 DC Switch Chassis
- JC653A HP 12518 DC Switch Chassis
- JC654A HP 12504 AC Switch Chassis
- JC655A HP 12504 DC Switch Chassis
- JF430A HP A12518 Switch Chassis
- JF430B HP 12518 Switch Chassis
- JF430C HP 12518 AC Switch Chassis
- JF431A HP A12508 Switch Chassis
- JF431B HP 12508 Switch Chassis
- JF431C HP 12508 AC Switch Chassis
- JG497A HP 12500 MPU w/Comware V7 OS
- JG782A HP FF 12508E AC Switch Chassis
- JG783A HP FF 12508E DC Switch Chassis
- JG784A HP FF 12518E AC Switch Chassis
- JG785A HP FF 12518E DC Switch Chassis
- JG802A HP FF 12500E MPU
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 10500 (Comware 7) - Version: R7184
- HP Network Products
- JC611A HP 10508-V Switch Chassis
- JC612A HP 10508 Switch Chassis
- JC613A HP 10504 Switch Chassis
- JC748A HP 10512 Switch Chassis
- JG608A HP FlexFabric 11908-V Switch Chassis
- JG609A HP FlexFabric 11900 Main Processing Unit
- JG820A HP 10504 TAA Switch Chassis
- JG821A HP 10508 TAA Switch Chassis
- JG822A HP 10508-V TAA Switch Chassis
- JG823A HP 10512 TAA Switch Chassis
- JG496A HP 10500 Type A MPU w/Comware v7 OS
- JH198A HP 10500 Type D Main Processing Unit with Comware v7 Operating System
- JH206A HP 10500 Type D TAA-compliant with Comware v7 Operating System Main Processing Unit
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 5900/5920 (Comware 7) - Version: R2422P02
- HP Network Products
- JC772A HP 5900AF-48XG-4QSFP+ Switch
- JG296A HP 5920AF-24XG Switch
- JG336A HP 5900AF-48XGT-4QSFP+ Switch
- JG510A HP 5900AF-48G-4XG-2QSFP+ Switch
- JG554A HP 5900AF-48XG-4QSFP+ TAA Switch
- JG555A HP 5920AF-24XG TAA Switch
- JG838A HP FF 5900CP-48XG-4QSFP+ Switch
- JH036A HP FlexFabric 5900CP 48XG 4QSFP+ TAA-Compliant
- JH037A HP 5900AF 48XGT 4QSFP+ TAA-Compliant Switch
- JH038A HP 5900AF 48G 4XG 2QSFP+ TAA-Compliant
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- MSR1000 (Comware 7) - Version: R0306P52
- HP Network Products
- JG875A HP MSR1002-4 AC Router
- JH060A HP MSR1003-8S AC Router
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- MSR2000 (Comware 7) - Version: R0306P52
- HP Network Products
- JG411A HP MSR2003 AC Router
- JG734A HP MSR2004-24 AC Router
- JG735A HP MSR2004-48 Router
- JG866A HP MSR2003 TAA-compliant AC Router
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- MSR3000 (Comware 7) - Version: R0306P52
- HP Network Products
- JG404A HP MSR3064 Router
- JG405A HP MSR3044 Router
- JG406A HP MSR3024 AC Router
- JG407A HP MSR3024 DC Router
- JG408A HP MSR3024 PoE Router
- JG409A HP MSR3012 AC Router
- JG410A HP MSR3012 DC Router
- JG861A HP MSR3024 TAA-compliant AC Router
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- MSR4000 (Comware 7) - Version: R0306P52
- HP Network Products
- JG402A HP MSR4080 Router Chassis
- JG403A HP MSR4060 Router Chassis
- JG412A HP MSR4000 MPU-100 Main Processing Unit
- JG869A HP MSR4000 TAA-compliant MPU-100 Main Processing Unit
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- VSR (Comware 7) - Version: E0324
- HP Network Products
- JG810AAE HP VSR1001 Virtual Services Router 60 Day Evaluation Software
- JG811AAE HP VSR1001 Comware 7 Virtual Services Router
- JG812AAE HP VSR1004 Comware 7 Virtual Services Router
- JG813AAE HP VSR1008 Comware 7 Virtual Services Router
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 7900 (Comware 7) - Version: R2152
- HP Network Products
- JG682A HP FlexFabric 7904 Switch Chassis
- JG841A HP FlexFabric 7910 Switch Chassis
- JG842A HP FlexFabric 7910 7.2Tbps Fabric / Main Processing Unit
- JH001A HP FlexFabric 7910 2.4Tbps Fabric / Main Processing Unit
- JH122A HP FlexFabric 7904 TAA-compliant Switch Chassis
- JH123A HP FlexFabric 7910 TAA-compliant Switch Chassis
- JH124A HP FlexFabric 7910 7.2Tbps TAA-compliant Fabric/Main Processing Unit
- JH125A HP FlexFabric 7910 2.4Tbps TAA-compliant Fabric/Main Processing Unit
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 5130 (Comware 7) - Version: R3115
- HP Network Products
- JG932A HP 5130-24G-4SFP+ EI Switch
- JG933A HP 5130-24G-SFP-4SFP+ EI Switch
- JG934A HP 5130-48G-4SFP+ EI Switch
- JG936A HP 5130-24G-PoE+-4SFP+ (370W) EI Switch
- JG937A HP 5130-48G-PoE+-4SFP+ (370W) EI Switch
- JG938A HP 5130-24G-2SFP+-2XGT EI Switch
- JG939A HP 5130-48G-2SFP+-2XGT EI Switch
- JG940A HP 5130-24G-PoE+-2SFP+-2XGT (370W) EI Switch
- JG941A HP 5130-48G-PoE+-2SFP+-2XGT (370W) EI Switch
- JG975A HP 5130-24G-4SFP+ EI Brazil Switch
- JG976A HP 5130-48G-4SFP+ EI Brazil Switch
- JG977A HP 5130-24G-PoE+-4SFP+ (370W) EI Brazil Switch
- JG978A HP 5130-48G-PoE+-4SFP+ (370W) EI Brazil Switch
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 6125XLG - Version: R2422P02
- HP Network Products
- 711307-B21 HP 6125XLG Blade Switch
- 737230-B21 HP 6125XLG Blade Switch with TAA
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 6127XLG - Version: R2422P02
- HP Network Products
- 787635-B21 HP 6127XLG Blade Switch Opt Kit
- 787635-B22 HP 6127XLG Blade Switch with TAA
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- Moonshot - Version: R2432
- HP Network Products
- 786617-B21 - HP Moonshot-45Gc Switch Module
- 704654-B21 - HP Moonshot-45XGc Switch Module
- 786619-B21 - HP Moonshot-180XGc Switch Module
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 5700 (Comware 7) - Version: R2422P02
- HP Network Products
- JG894A HP FlexFabric 5700-48G-4XG-2QSFP+ Switch
- JG895A HP FlexFabric 5700-48G-4XG-2QSFP+ TAA-compliant Switch
- JG896A HP FlexFabric 5700-40XG-2QSFP+ Switch
- JG897A HP FlexFabric 5700-40XG-2QSFP+ TAA-compliant Switch
- JG898A HP FlexFabric 5700-32XGT-8XG-2QSFP+ Switch
- JG899A HP FlexFabric 5700-32XGT-8XG-2QSFP+ TAA-compliant Switch
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 5930 (Comware 7) - Version: R2422P02
- HP Network Products
- JG726A HP FlexFabric 5930 32QSFP+ Switch
- JG727A HP FlexFabric 5930 32QSFP+ TAA-compliant Switch
- JH178A HP FlexFabric 5930 2QSFP+ 2-slot Switch
- JH179A HP FlexFabric 5930 4-slot Switch
- JH187A HP FlexFabric 5930 2QSFP+ 2-slot TAA-compliant Switch
- JH188A HP FlexFabric 5930 4-slot TAA-compliant Switch
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 1950 (Comware 7) - Version: R3115
- HP Network Products
- JG960A HP 1950-24G-4XG Switch
- JG961A HP 1950-48G-2SFP+-2XGT Switch
- JG962A HP 1950-24G-2SFP+-2XGT-PoE+(370W) Switch
- JG963A HP 1950-48G-2SFP+-2XGT-PoE+(370W) Switch
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 7500 (Comware 7) - Version: R7184
- HP Network Products
- JD238C HP 7510 Switch Chassis
- JD239C HP 7506 Switch Chassis
- JD240C HP 7503 Switch Chassis
- JD242C HP 7502 Switch Chassis
- JH207A HP 7500 1.2Tbps Fabric with 2-port 40GbE QSFP+ for IRF-Only Main Processing Unit
- JH208A HP 7502 Main Processing Unit
- JH209A HP 7500 2.4Tbps Fabric with 8-port 1/10GbE SFP+ and 2-port 40GbE QSFP+ Main Processing Unit
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 5510HI (Comware 7) - Version: R1120P10
- HP Network Products
- JH145A HPE 5510 24G 4SFP+ HI 1-slot Switch
- JH146A HPE 5510 48G 4SFP+ HI 1-slot Switch
- JH147A HPE 5510 24G PoE+ 4SFP+ HI 1-slot Switch
- JH148A HPE 5510 48G PoE+ 4SFP+ HI 1-slot Switch
- JH149A HPE 5510 24G SFP 4SFP+ HI 1-slot Switch
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 5130HI (Comware 7) - Version: R1120P10
- HP Network Products
- JH323A HPE 5130 24G 4SFP+ 1-slot HI Switch
- JH324A HPE 5130 48G 4SFP+ 1-slot HI Switch
- JH325A HPE 5130 24G PoE+ 4SFP+ 1-slot HI Switch
- JH326A HPE 5130 48G PoE+ 4SFP+ 1-slot HI Switch
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 5940 - Version: R2509
- HP Network Products
- JH390A HPE FlexFabric 5940 48SFP+ 6QSFP28 Switch
- JH391A HPE FlexFabric 5940 48XGT 6QSFP28 Switch
- JH394A HPE FlexFabric 5940 48XGT 6QSFP+ Switch
- JH395A HPE FlexFabric 5940 48SFP+ 6QSFP+ Switch
- JH396A HPE FlexFabric 5940 32QSFP+ Switch
- JH397A HPE FlexFabric 5940 2-slot Switch
- JH398A HPE FlexFabric 5940 4-slot Switch
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 5950 - Version: R6123
- HP Network Products
- JH321A HPE FlexFabric 5950 32QSFP28 Switch
- JH402A HPE FlexFabric 5950 48SFP28 8QSFP28 Switch
- JH404A HPE FlexFabric 5950 4-slot Switch
- 12900E (Comware 7) - Version: R2609
- HP Network Products
- JG619A HP FlexFabric 12910 Switch AC Chassis
- JG621A HP FlexFabric 12910 Main Processing Unit
- JG632A HP FlexFabric 12916 Switch AC Chassis
- JG634A HP FlexFabric 12916 Main Processing Unit
- JH104A HP FlexFabric 12900E Main Processing Unit
- JH114A HP FlexFabric 12910 TAA-compliant Main Processing Unit
- JH263A HP FlexFabric 12904E Main Processing Unit
- JH255A HP FlexFabric 12908E Switch Chassis
- JH262A HP FlexFabric 12904E Switch Chassis
- JH113A HP FlexFabric 12910 TAA-compliant Switch AC Chassis
- JH103A HP FlexFabric 12916E Switch Chassis
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
iMC Products
- iNode PC 7.2 (E0410) - Version: 7.2 E0410
- HP Network Products
- JD144A HP A-IMC User Access Management Software Module with 200-user License
- JD147A HP IMC Endpoint Admission Defense Software Module with 200-user License
- JD435A HP A-IMC Endpoint Admission Defense Client Software
- JF388A HP IMC User Authentication Management Software Module with 200-user License
- JF388AAE HP IMC User Authentication Management Software Module with 200-user E-LTU
- JF391A HP IMC Endpoint Admission Defense Software Module with 200-user License
- JF391AAE HP IMC Endpoint Admission Defense Software Module with 200-user E-LTU
- JG752AAE HP IMC User Access Manager Software Module with 50-user E-LTU
- JG754AAE) HP IMC Endpoint Admission Defense Software Module with 50-user E-LTU
- CVEs
- CVE-2016-2106
- CVE-2016-2109
- CVE-2016-2176
- iMC UAM_TAM 7.2-E0409 - Version: 7.2 E0409
- HP Network Products
- JF388A HP IMC UAM S/W MODULE W/200-USER LICENSE
- JF388AAE HP IMC UAM S/W MODULE W/200-USER E-LTU
- JG752AAE HP IMC UAM SW MOD W/ 50-USER E-LTU
- JG483A HP IMC TAM S/W MODULE W/100-NODE LIC
- JG483AAE HP IMC TAM S/W MODULE W/100-NODE E-LTU
- JG764AAE HP IMC TAM SW MOD W/ 50-NODE E-LTU
- CVEs
- CVE-2016-2106
- CVE-2016-2109
- CVE-2016-2176
VCX Products
- VCX - Version: 9.8.19
- HP Network Products
- J9672A HP VCX V7205 Platform w/ DL360 G7 Srvr
- J9668A HP VCX IPC V7005 Pltfrm w/ DL120 G6 Srvr
- JC517A HP VCX V7205 Platform w/DL 360 G6 Server
- JE355A HP VCX V6000 Branch Platform 9.0
- JC516A HP VCX V7005 Platform w/DL 120 G6 Server
- JC518A HP VCX Connect 200 Primry 120 G6 Server
- J9669A HP VCX IPC V7310 Pltfrm w/ DL360 G7 Srvr
- JE341A HP VCX Connect 100 Secondary
- JE252A HP VCX Connect Primary MIM Module
- JE253A HP VCX Connect Secondary MIM Module
- JE254A HP VCX Branch MIM Module
- JE355A HP VCX V6000 Branch Platform 9.0
- JD028A HP MS30-40 RTR w/VCX + T1/FXO/FXS/Mod
- JD023A HP MSR30-40 Router with VCX MIM Module
- JD024A HP MSR30-16 RTR w/VCX Ent Br Com MIM
- JD025A HP MSR30-16 RTR w/VCX + 4FXO/2FXS Mod
- JD026A HP MSR30-16 RTR w/VCX + 8FXO/4FXS Mod
- JD027A HP MSR30-16 RTR w/VCX + 8BRI/4FXS Mod
- JD029A HP MSR30-16 RTR w/VCX + E1/4BRI/4FXS
- JE340A HP VCX Connect 100 Pri Server 9.0
- JE342A HP VCX Connect 100 Sec Server 9.0
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
Note: Please contact HPE Technical Support if any assistance is needed acquiring the software updates.
HISTORY Version:1 (rev.1) - 2 June 2017 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running Hewlett Packard Enterprise (HPE) software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HPE Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hpe.com.
Report: To report a potential security vulnerability for any HPE supported product: Web form: https://www.hpe.com/info/report-security-vulnerability Email: security-alert@hpe.com
Subscribe: To initiate a subscription to receive future HPE Security Bulletin alerts via Email: http://www.hpe.com/support/Subscriber_Choice
Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://www.hpe.com/support/Security_Bulletin_Archive
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HPE General Software HF = HPE Hardware and Firmware MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PV = ProCurve ST = Storage Software UX = HP-UX
Copyright 2016 Hewlett Packard Enterprise
Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett Packard Enterprise and the names of Hewlett Packard Enterprise products referenced herein are trademarks of Hewlett Packard Enterprise in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. Corrected: 2016-05-03 18:54:20 UTC (stable/10, 10.3-STABLE) 2016-05-04 15:25:47 UTC (releng/10.3, 10.3-RELEASE-p2) 2016-05-04 15:26:23 UTC (releng/10.2, 10.2-RELEASE-p16) 2016-05-04 15:27:09 UTC (releng/10.1, 10.1-RELEASE-p33) 2016-05-04 06:53:02 UTC (stable/9, 9.3-STABLE) 2016-05-04 15:27:09 UTC (releng/9.3, 9.3-RELEASE-p41) CVE Name: CVE-2016-2105, CVE-2016-2106, CVE-2016-2107, CVE-2016-2109, CVE-2016-2176
For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . Background
FreeBSD includes software from the OpenSSL Project.
II. [CVE-2016-2176] FreeBSD does not run on any EBCDIC systems and therefore is not affected.
III.
IV. Workaround
No workaround is available.
V. Solution
Perform one of the following:
1) Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date.
Restart all daemons that use the library, or reboot the system.
2) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility:
freebsd-update fetch
freebsd-update install
Restart all daemons that use the library, or reboot the system.
3) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to the applicable FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.
[FreeBSD 10.x]
fetch https://security.FreeBSD.org/patches/SA-16:17/openssl-10.patch
fetch https://security.FreeBSD.org/patches/SA-16:17/openssl-10.patch.asc
gpg --verify openssl-10.patch.asc
[FreeBSD 9.3]
fetch https://security.FreeBSD.org/patches/SA-16:17/openssl-9.patc
fetch https://security.FreeBSD.org/patches/SA-16:17/openssl-9.patch.asc
gpg --verify openssl-9.patch.asc
b) Apply the patch. Execute the following commands as root:
cd /usr/src
patch < /path/to/patch
c) Recompile the operating system using buildworld and installworld as described in .
Restart all daemons that use the library, or reboot the system.
VI. Correction details
The following list contains the correction revision numbers for each affected branch.
Branch/path Revision
stable/9/ r299053 releng/9.3/ r299068 stable/10/ r298999 releng/10.1/ r299068 releng/10.2/ r299067 releng/10.3/ r299066
To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed:
svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
VII.
Gentoo Linux Security Advisory GLSA 201612-16
https://security.gentoo.org/
Severity: Normal Title: OpenSSL: Multiple vulnerabilities Date: December 07, 2016 Bugs: #581234, #585142, #585276, #591454, #592068, #592074, #592082, #594500, #595186 ID: 201612-16
Synopsis
Multiple vulnerabilities have been found in OpenSSL, the worst of which allows attackers to conduct a time based side-channel attack.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-libs/openssl < 1.0.2j >= 1.0.2j
Description
Multiple vulnerabilities have been discovered in OpenSSL. Please review the CVE identifiers and the International Association for Cryptologic Research's (IACR) paper, "Make Sure DSA Signing Exponentiations Really are Constant-Time" for further details. Additionally, a time based side-channel attack may allow a local attacker to recover a private DSA key.
Resolution
All OpenSSL users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/openssl-1.0.2j"
References
[ 1 ] CVE-2016-2105 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2105 [ 2 ] CVE-2016-2106 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2106 [ 3 ] CVE-2016-2107 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2107 [ 4 ] CVE-2016-2108 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2108 [ 5 ] CVE-2016-2109 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2109 [ 6 ] CVE-2016-2176 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2176 [ 7 ] CVE-2016-2177 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2177 [ 8 ] CVE-2016-2178 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2178 [ 9 ] CVE-2016-2180 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2180 [ 10 ] CVE-2016-2183 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2183 [ 11 ] CVE-2016-6304 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6304 [ 12 ] CVE-2016-6305 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6305 [ 13 ] CVE-2016-6306 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6306 [ 14 ] CVE-2016-7052 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7052 [ 15 ] Make Sure DSA Signing Exponentiations Really are Constant-Time http://eprint.iacr.org/2016/594.pdf
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201612-16
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us.
License
Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: openssl security update Advisory ID: RHSA-2016:0722-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-0722.html Issue date: 2016-05-09 CVE Names: CVE-2016-0799 CVE-2016-2105 CVE-2016-2106 CVE-2016-2107 CVE-2016-2108 CVE-2016-2109 CVE-2016-2842 =====================================================================
- Summary:
An update for openssl is now available for Red Hat Enterprise Linux 7. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
- Description:
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.
Security Fix(es):
-
A flaw was found in the way OpenSSL encoded certain ASN.1 data structures. An attacker could use this flaw to create a specially crafted certificate which, when verified or re-encoded by OpenSSL, could cause it to crash, or execute arbitrary code using the permissions of the user running an application compiled against the OpenSSL library. A remote attacker could use these flaws to crash an application using OpenSSL or, possibly, execute arbitrary code with the permissions of the user running that application. (CVE-2016-2105, CVE-2016-2106)
-
It was discovered that OpenSSL leaked timing information when decrypting TLS/SSL and DTLS protocol encrypted records when the connection used the AES CBC cipher suite and the server supported AES-NI. A remote attacker could possibly use this flaw to retrieve plain text from encrypted packets by using a TLS/SSL or DTLS server as a padding oracle. (CVE-2016-0799, CVE-2016-2842)
-
A denial of service flaw was found in the way OpenSSL parsed certain ASN.1-encoded data from BIO (OpenSSL's I/O abstraction) inputs. (CVE-2016-2109)
Red Hat would like to thank the OpenSSL project for reporting CVE-2016-2108, CVE-2016-2842, CVE-2016-2105, CVE-2016-2106, CVE-2016-2107, and CVE-2016-0799. Upstream acknowledges Huzaifa Sidhpurwala (Red Hat), Hanno Böck, and David Benjamin (Google) as the original reporters of CVE-2016-2108; Guido Vranken as the original reporter of CVE-2016-2842, CVE-2016-2105, CVE-2016-2106, and CVE-2016-0799; and Juraj Somorovsky as the original reporter of CVE-2016-2107.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.
- Bugs fixed (https://bugzilla.redhat.com/):
1312219 - CVE-2016-0799 OpenSSL: Fix memory issues in BIO_*printf functions 1314757 - CVE-2016-2842 openssl: doapr_outch function does not verify that certain memory allocation succeeds 1330101 - CVE-2016-2109 openssl: ASN.1 BIO handling of large amounts of data 1331402 - CVE-2016-2108 openssl: Memory corruption in the ASN.1 encoder 1331426 - CVE-2016-2107 openssl: Padding oracle in AES-NI CBC MAC check 1331441 - CVE-2016-2105 openssl: EVP_EncodeUpdate overflow 1331536 - CVE-2016-2106 openssl: EVP_EncryptUpdate overflow
- Package List:
Red Hat Enterprise Linux Client (v. 7):
Source: openssl-1.0.1e-51.el7_2.5.src.rpm
x86_64: openssl-1.0.1e-51.el7_2.5.x86_64.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.x86_64.rpm openssl-libs-1.0.1e-51.el7_2.5.i686.rpm openssl-libs-1.0.1e-51.el7_2.5.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64: openssl-debuginfo-1.0.1e-51.el7_2.5.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.x86_64.rpm openssl-devel-1.0.1e-51.el7_2.5.i686.rpm openssl-devel-1.0.1e-51.el7_2.5.x86_64.rpm openssl-perl-1.0.1e-51.el7_2.5.x86_64.rpm openssl-static-1.0.1e-51.el7_2.5.i686.rpm openssl-static-1.0.1e-51.el7_2.5.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: openssl-1.0.1e-51.el7_2.5.src.rpm
x86_64: openssl-1.0.1e-51.el7_2.5.x86_64.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.x86_64.rpm openssl-libs-1.0.1e-51.el7_2.5.i686.rpm openssl-libs-1.0.1e-51.el7_2.5.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
x86_64: openssl-debuginfo-1.0.1e-51.el7_2.5.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.x86_64.rpm openssl-devel-1.0.1e-51.el7_2.5.i686.rpm openssl-devel-1.0.1e-51.el7_2.5.x86_64.rpm openssl-perl-1.0.1e-51.el7_2.5.x86_64.rpm openssl-static-1.0.1e-51.el7_2.5.i686.rpm openssl-static-1.0.1e-51.el7_2.5.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: openssl-1.0.1e-51.el7_2.5.src.rpm
ppc64: openssl-1.0.1e-51.el7_2.5.ppc64.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.ppc.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.ppc64.rpm openssl-devel-1.0.1e-51.el7_2.5.ppc.rpm openssl-devel-1.0.1e-51.el7_2.5.ppc64.rpm openssl-libs-1.0.1e-51.el7_2.5.ppc.rpm openssl-libs-1.0.1e-51.el7_2.5.ppc64.rpm
ppc64le: openssl-1.0.1e-51.el7_2.5.ppc64le.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.ppc64le.rpm openssl-devel-1.0.1e-51.el7_2.5.ppc64le.rpm openssl-libs-1.0.1e-51.el7_2.5.ppc64le.rpm
s390x: openssl-1.0.1e-51.el7_2.5.s390x.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.s390.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.s390x.rpm openssl-devel-1.0.1e-51.el7_2.5.s390.rpm openssl-devel-1.0.1e-51.el7_2.5.s390x.rpm openssl-libs-1.0.1e-51.el7_2.5.s390.rpm openssl-libs-1.0.1e-51.el7_2.5.s390x.rpm
x86_64: openssl-1.0.1e-51.el7_2.5.x86_64.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.x86_64.rpm openssl-devel-1.0.1e-51.el7_2.5.i686.rpm openssl-devel-1.0.1e-51.el7_2.5.x86_64.rpm openssl-libs-1.0.1e-51.el7_2.5.i686.rpm openssl-libs-1.0.1e-51.el7_2.5.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64: openssl-debuginfo-1.0.1e-51.el7_2.5.ppc.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.ppc64.rpm openssl-perl-1.0.1e-51.el7_2.5.ppc64.rpm openssl-static-1.0.1e-51.el7_2.5.ppc.rpm openssl-static-1.0.1e-51.el7_2.5.ppc64.rpm
ppc64le: openssl-debuginfo-1.0.1e-51.el7_2.5.ppc64le.rpm openssl-perl-1.0.1e-51.el7_2.5.ppc64le.rpm openssl-static-1.0.1e-51.el7_2.5.ppc64le.rpm
s390x: openssl-debuginfo-1.0.1e-51.el7_2.5.s390.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.s390x.rpm openssl-perl-1.0.1e-51.el7_2.5.s390x.rpm openssl-static-1.0.1e-51.el7_2.5.s390.rpm openssl-static-1.0.1e-51.el7_2.5.s390x.rpm
x86_64: openssl-debuginfo-1.0.1e-51.el7_2.5.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.x86_64.rpm openssl-perl-1.0.1e-51.el7_2.5.x86_64.rpm openssl-static-1.0.1e-51.el7_2.5.i686.rpm openssl-static-1.0.1e-51.el7_2.5.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: openssl-1.0.1e-51.el7_2.5.src.rpm
x86_64: openssl-1.0.1e-51.el7_2.5.x86_64.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.x86_64.rpm openssl-devel-1.0.1e-51.el7_2.5.i686.rpm openssl-devel-1.0.1e-51.el7_2.5.x86_64.rpm openssl-libs-1.0.1e-51.el7_2.5.i686.rpm openssl-libs-1.0.1e-51.el7_2.5.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64: openssl-debuginfo-1.0.1e-51.el7_2.5.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.x86_64.rpm openssl-perl-1.0.1e-51.el7_2.5.x86_64.rpm openssl-static-1.0.1e-51.el7_2.5.i686.rpm openssl-static-1.0.1e-51.el7_2.5.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2016-0799 https://access.redhat.com/security/cve/CVE-2016-2105 https://access.redhat.com/security/cve/CVE-2016-2106 https://access.redhat.com/security/cve/CVE-2016-2107 https://access.redhat.com/security/cve/CVE-2016-2108 https://access.redhat.com/security/cve/CVE-2016-2109 https://access.redhat.com/security/cve/CVE-2016-2842 https://access.redhat.com/security/updates/classification/#important
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFXMFlTXlSAg2UNWIIRAhYAAJ0T9Ib2vXUa5te34i6fphHrbe0HlwCfePy5 WjaK8x9OaI0FgbWyfxvwq6o= =jHjh -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce. This could lead to a heap corruption. This could lead to a heap corruption.
CVE-2016-2108
David Benjamin from Google discovered that two separate bugs in the
ASN.1 encoder, related to handling of negative zero integer values
and large universal tags, could lead to an out-of-bounds write.
For the unstable distribution (sid), these problems have been fixed in version 1.0.2h-1.
A security vulnerability in QEMU was addressed by HPE Helion OpenStack. The vulnerability could be exploited resulting in local unauthorized data access.
References:
CVE-2016-2108 CVE-2016-2107 CVE-2016-3710 PSRT110142
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
APPLE-SA-2016-07-18-1 OS X El Capitan v10.11.6 and Security Update 2016-004
OS X El Capitan v10.11.6 and Security Update 2016-004 is now available and addresses the following:
apache_mod_php
Available for:
OS X Yosemite v10.10.5 and OS X El Capitan v10.11 and later
Impact: A remote attacker may be able to execute arbitrary code
Description: Multiple issues existed in PHP versions prior to
5.5.36. These were addressed by updating PHP to version 5.5.36.
CVE-2016-4650
Audio Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed through improved memory handling. CVE-2016-4647 : Juwei Lin (@fuzzerDOTcn) of Trend Micro
Audio Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to determine kernel memory layout Description: An out-of-bounds read was addressed through improved input validation. CVE-2016-4648 : Juwei Lin(@fuzzerDOTcn) of Trend Micro
Audio Available for: OS X El Capitan v10.11 and later Impact: Parsing a maliciously crafted audio file may lead to the disclosure of user information Description: An out-of-bounds read was addressed through improved bounds checking. CVE-2016-4646 : Steven Seeley of Source Incite working with Trend Micro's Zero Day Initiative
Audio Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to cause a system denial of service Description: A null pointer dereference was addressed through improved input validation. CVE-2016-4649 : Juwei Lin(@fuzzerDOTcn) of Trend Micro
bsdiff Available for: OS X El Capitan v10.11 and later Impact: A local attacker may be able to cause unexpected application termination or arbitrary code execution Description: An integer overflow existed in bspatch. This issue was addressed through improved bounds checking. CVE-2014-9862 : an anonymous researcher
CFNetwork Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to view sensitive user information Description: A permissions issue existed in the handling of web browser cookies. This issue was addressed through improved restrictions. CVE-2016-4645 : Abhinav Bansal of Zscaler Inc.
CoreGraphics Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later Impact: A remote attacker may be able to execute arbitrary code Description: A memory corruption issue was addressed through improved memory handling. CVE-2016-4637 : Tyler Bohan of Cisco Talos (talosintel.com /vulnerability-reports)
CoreGraphics Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to elevate privileges Description: An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed through improved input validation. CVE-2016-4652 : Yubin Fu of Tencent KeenLab working with Trend Micro's Zero Day Initiative
FaceTime Available for: OS X El Capitan v10.11 and later Impact: An attacker in a privileged network position may be able to cause a relayed call to continue transmitting audio while appearing as if the call terminated Description: User interface inconsistencies existed in the handling of relayed calls. These issues were addressed through improved FaceTime display logic. CVE-2016-4635 : Martin Vigo
Graphics Drivers Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed through improved input validation. CVE-2016-4634 : Stefan Esser of SektionEins
ImageIO Available for: OS X El Capitan v10.11 and later Impact: A remote attacker may be able to cause a denial of service Description: A memory consumption issue was addressed through improved memory handling. CVE-2016-4632 : Evgeny Sidorov of Yandex
ImageIO Available for: OS X El Capitan v10.11 and later Impact: A remote attacker may be able to execute arbitrary code Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-4631 : Tyler Bohan of Cisco Talos (talosintel.com /vulnerability-reports)
ImageIO Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later Impact: A remote attacker may be able to execute arbitrary code Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-4629 : Tyler Bohan of Cisco Talos (talosintel.com /vulnerability-reports) CVE-2016-4630 : Tyler Bohan of Cisco Talos (talosintel.com /vulnerability-reports)
Intel Graphics Driver Available for: OS X El Capitan v10.11 and later Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-4633 : an anonymous researcher
IOHIDFamily Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A null pointer dereference was addressed through improved input validation. CVE-2016-4626 : Stefan Esser of SektionEins
IOSurface Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A use-after-free was addressed through improved memory management. CVE-2016-4625 : Ian Beer of Google Project Zero
Kernel Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-1863 : Ian Beer of Google Project Zero CVE-2016-1864 : Ju Zhu of Trend Micro CVE-2016-4582 : Shrek_wzw and Proteas of Qihoo 360 Nirvan Team
Kernel Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to cause a system denial of service Description: A null pointer dereference was addressed through improved input validation. CVE-2016-1865 : CESG, Marco Grassi (@marcograss) of KeenLab (@keen_lab), Tencent
libc++abi Available for: OS X El Capitan v10.11 and later Impact: An application may be able to execute arbitrary code with root privileges Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-4621 : an anonymous researcher
libexpat Available for: OS X El Capitan v10.11 and later Impact: Processing maliciously crafted XML may lead to unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-0718 : Gustavo Grieco
LibreSSL Available for: OS X El Capitan v10.11 and later Impact: A remote attacker may be able to execute arbitrary code Description: Multiple issues existed in LibreSSL before 2.2.7. These were addressed by updating LibreSSL to version 2.2.7. CVE-2016-2108 : Huzaifa Sidhpurwala (Red Hat), Hanno Boeck, David Benjamin (Google) Mark Brand, Ian Beer of Google Project Zero CVE-2016-2109 : Brian Carpenter
libxml2 Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later Impact: Parsing a maliciously crafted XML document may lead to disclosure of user information Description: An access issue existed in the parsing of maliciously crafted XML files. This issue was addressed through improved input validation. CVE-2016-4449 : Kostya Serebryany
libxml2 Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later Impact: Multiple vulnerabilities in libxml2 Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-1836 : Wei Lei and Liu Yang of Nanyang Technological University CVE-2016-4447 : Wei Lei and Liu Yang of Nanyang Technological University CVE-2016-4448 : Apple CVE-2016-4483 : Gustavo Grieco CVE-2016-4614 : Nick Wellnhofe CVE-2016-4615 : Nick Wellnhofer CVE-2016-4616 : Michael Paddon CVE-2016-4619 : Hanno Boeck
libxslt Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later Impact: Multiple vulnerabilities in libxslt Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-1684 : Nicolas GrA(c)goire CVE-2016-4607 : Nick Wellnhofer CVE-2016-4608 : Nicolas GrA(c)goire CVE-2016-4609 : Nick Wellnhofer CVE-2016-4610 : Nick Wellnhofer CVE-2016-4612 : Nicolas GrA(c)goire
Login Window Available for: OS X El Capitan v10.11 and later Impact: A malicious application may be able to execute arbitrary code leading to compromise of user information Description: A memory corruption issue was addressed through improved input validation. CVE-2016-4640 : Yubin Fu of Tencent KeenLab working with Trend Micro's Zero Day Initiative
Login Window Available for: OS X El Capitan v10.11 and later Impact: A malicious application may be able to execute arbitrary code leading to the compromise of user information Description: A type confusion issue was addressed through improved memory handling. CVE-2016-4641 : Yubin Fu of Tencent KeenLab working with Trend Micro's Zero Day Initiative
Login Window Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to cause a denial of service Description: A memory initialization issue was addressed through improved memory handling. CVE-2016-4639 : Yubin Fu of Tencent KeenLab working with Trend Micro's Zero Day Initiative
Login Window Available for: OS X El Capitan v10.11 and later Impact: A malicious application may be able to gain root privileges Description: A type confusion issue was addressed through improved memory handling. CVE-2016-4638 : Yubin Fu of Tencent KeenLab working with Trend Micro's Zero Day Initiative
OpenSSL Available for: OS X El Capitan v10.11 and later Impact: A remote attacker may be able to execute arbitrary code Description: Multiple issues existed in OpenSSL. CVE-2016-2105 : Guido Vranken CVE-2016-2106 : Guido Vranken CVE-2016-2107 : Juraj Somorovsky CVE-2016-2108 : Huzaifa Sidhpurwala (Red Hat), Hanno Boeck, David Benjamin (Google), Mark Brand and Ian Beer of Google Project Zero CVE-2016-2109 : Brian Carpenter CVE-2016-2176 : Guido Vranken
QuickTime Available for: OS X El Capitan v10.11 and later Impact: Processing a maliciously crafted FlashPix Bitmap Image may lead to unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-4596 : Ke Liu of Tencent's Xuanwu Lab CVE-2016-4597 : Ke Liu of Tencent's Xuanwu Lab CVE-2016-4600 : Ke Liu of Tencent's Xuanwu Lab CVE-2016-4602 : Ke Liu of Tencent's Xuanwu Lab
QuickTime Available for: OS X El Capitan v10.11 and later Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved input validation. CVE-2016-4598 : Ke Liu of Tencent's Xuanwu Lab
QuickTime Available for: OS X El Capitan v10.11 and later Impact: Processing a maliciously crafted SGI file may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved input validation. CVE-2016-4601 : Ke Liu of Tencent's Xuanwu Lab
QuickTime Available for: OS X El Capitan v10.11 and later Impact: Processing a maliciously crafted Photoshop document may lead to unexpected application termination or arbitrary code execution Description: A memory corruption issue was addressed through improved input validation. CVE-2016-4599 : Ke Liu of Tencent's Xuanwu Lab
Safari Login AutoFill Available for: OS X El Capitan v10.11 and later Impact: A user's password may be visible on screen Description: An issue existed in Safari's password auto-fill. This issue was addressed through improved matching of form fields. CVE-2016-4595 : Jonathan Lewis from DeARX Services (PTY) LTD
Sandbox Profiles Available for: OS X El Capitan v10.11 and later Impact: A local application may be able to access the process list Description: An access issue existed with privileged API calls. This issue was addressed through additional restrictions. CVE-2016-4594 : Stefan Esser of SektionEins
Note: OS X El Capitan 10.11.6 includes the security content of Safari 9.1.2. For further details see https://support.apple.com/kb/HT206900
OS X El Capitan v10.11.6 and Security Update 2016-004 may be obtained from the Mac App Store or Apple's Software Downloads web site: http://www.apple.com/support/downloads/
Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org
iQIcBAEBCgAGBQJXjXAvAAoJEIOj74w0bLRG/5EP/2v9SJTrO+/4b3A1gqC1ch8y +cJ04tXRsO7rvjKT5nCylo30U0Sanz/bUbDx4559YS7/P/IyeyZVheaTJwK8wzEy pSOPpy35hUuVIw0/p4YsuHDThSBPFMmDljTxH7elkfuBV1lPSrCkyDXc0re2HxWV xj68zAxtM0jkkhgcxb2ApZSZVXhrjUZtbY0xEVOoWKKFwbMvKfx+4xSqunwQeS1u wevs1EbxfvsZbc3pG+xYcOonbegBzOy9aCvNO1Yv1zG+AYXC5ERMq1vk3PsWOTQN ZVY1I7mvCaEfvmjq2isRw8XYapAIKISDLwMKBSYrZDQFwPQLRi1VXxQZ67Kq1M3k ah04/lr0RIcoosIcBqxD2+1UAFjUzEUNFkYivjhuaeegN2QdL7Ujegf1QjdAt8lk mmKduxYUDOaRX50Kw7n14ZveJqzE1D5I6QSItaZ9M1vR60a7u91DSj9D87vbt1YC JM/Rvf/4vonp1NjwA2JQwCiZfYliBDdn9iiCl8mzxdsSRD/wXcZCs05nnKmKsCfc 55ET7IwdG3622lVheOJGQZuucwJiTn36zC11XVzZysQd/hLD5rUKUQNX1WOgZdzs xPsslXF5MWx9jcdyWVSWxDrN0sFk+GpQFQDuVozP60xuxqR3qQ0TXir2NP39uIF5 YozOGPQFmX0OviWCQsX6 =ng+m -----END PGP SIGNATURE----- . Description:
This release of Red Hat JBoss Core Services httpd 2.4.23 serves as a replacement for JBoss Core Services Apache HTTP Server 2.4.6. (CVE-2014-8176, CVE-2015-0209, CVE-2015-0286, CVE-2015-3194, CVE-2015-3195, CVE-2015-3196, CVE-2015-3216, CVE-2016-0702, CVE-2016-0705, CVE-2016-0797, CVE-2016-0799, CVE-2016-2105, CVE-2016-2106, CVE-2016-2107, CVE-2016-2108, CVE-2016-2109, CVE-2016-2177, CVE-2016-2178, CVE-2016-2842)
-
This update fixes several flaws in libxml2. (CVE-2016-1762, CVE-2016-1833, CVE-2016-1834, CVE-2016-1835, CVE-2016-1836, CVE-2016-1837, CVE-2016-1838, CVE-2016-1839, CVE-2016-1840, CVE-2016-3627, CVE-2016-3705, CVE-2016-4447, CVE-2016-4448, CVE-2016-4449, CVE-2016-4483)
-
This update fixes three flaws in curl. (CVE-2016-5419, CVE-2016-5420, CVE-2016-7141)
-
This update fixes two flaws in httpd. (CVE-2014-3523, CVE-2015-3185)
-
This update fixes two flaws in mod_cluster. (CVE-2016-4459, CVE-2016-8612)
-
A buffer overflow flaw when concatenating virtual host names and URIs was fixed in mod_jk. (CVE-2016-6808)
-
A memory leak flaw was fixed in expat.
See the corresponding CVE pages linked to in the References section for more information about each of the flaws listed in this advisory. Solution:
The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).
After installing the updated packages, the httpd daemon will be restarted automatically. JIRA issues fixed (https://issues.jboss.org/):
JBCS-50 - CVE-2012-1148 CVE-2012-0876 expat: various flaws [jbews-3.0.0] JBCS-95 - CVE-2014-3523 httpd: WinNT MPM denial of service
6. OpenSSL Security Advisory [3rd May 2016]
Memory corruption in the ASN.1 encoder (CVE-2016-2108)
Severity: High
This issue affected versions of OpenSSL prior to April 2015. The bug causing the vulnerability was fixed on April 18th 2015, and released as part of the June 11th 2015 security releases. The security impact of the bug was not known at the time.
In previous versions of OpenSSL, ASN.1 encoding the value zero represented as a negative integer can cause a buffer underflow with an out-of-bounds write in i2c_ASN1_INTEGER. The ASN.1 parser does not normally create "negative zeroes" when parsing ASN.1 input, and therefore, an attacker cannot trigger this bug.
However, a second, independent bug revealed that the ASN.1 parser (specifically, d2i_ASN1_TYPE) can misinterpret a large universal tag as a negative zero value. Large universal tags are not present in any common ASN.1 structures (such as X509) but are accepted as part of ANY structures.
Therefore, if an application deserializes untrusted ASN.1 structures containing an ANY field, and later reserializes them, an attacker may be able to trigger an out-of-bounds write. This has been shown to cause memory corruption that is potentially exploitable with some malloc implementations.
Applications that parse and re-encode X509 certificates are known to be vulnerable. Applications that verify RSA signatures on X509 certificates may also be vulnerable; however, only certificates with valid signatures trigger ASN.1 re-encoding and hence the bug. Specifically, since OpenSSL's default TLS X509 chain verification code verifies the certificate chain from root to leaf, TLS handshakes could only be targeted with valid certificates issued by trusted Certification Authorities.
OpenSSL 1.0.2 users should upgrade to 1.0.2c OpenSSL 1.0.1 users should upgrade to 1.0.1o
This vulnerability is a combination of two bugs, neither of which individually has security impact. The first bug (mishandling of negative zero integers) was reported to OpenSSL by Huzaifa Sidhpurwala (Red Hat) and independently by Hanno Böck in April 2015. The second issue (mishandling of large universal tags) was found using libFuzzer, and reported on the public issue tracker on March 1st 2016. The fact that these two issues combined present a security vulnerability was reported by David Benjamin (Google) on March 31st 2016. The fixes were developed by Steve Henson of the OpenSSL development team, and David Benjamin. The OpenSSL team would also like to thank Mark Brand and Ian Beer from the Google Project Zero team for their careful analysis of the impact.
The fix for the "negative zero" memory corruption bug can be identified by commits
3661bb4e7934668bd99ca777ea8b30eedfafa871 (1.0.2) and 32d3b0f52f77ce86d53f38685336668d47c5bdfe (1.0.1)
Padding oracle in AES-NI CBC MAC check (CVE-2016-2107)
Severity: High
A MITM attacker can use a padding oracle attack to decrypt traffic when the connection uses an AES CBC cipher and the server support AES-NI.
This issue was introduced as part of the fix for Lucky 13 padding attack (CVE-2013-0169). The padding check was rewritten to be in constant time by making sure that always the same bytes are read and compared against either the MAC or padding bytes. But it no longer checked that there was enough data to have both the MAC and padding bytes.
OpenSSL 1.0.2 users should upgrade to 1.0.2h OpenSSL 1.0.1 users should upgrade to 1.0.1t
This issue was reported to OpenSSL on 13th of April 2016 by Juraj Somorovsky using TLS-Attacker. The fix was developed by Kurt Roeckx of the OpenSSL development team.
EVP_EncodeUpdate overflow (CVE-2016-2105)
Severity: Low
An overflow can occur in the EVP_EncodeUpdate() function which is used for Base64 encoding of binary data. If an attacker is able to supply very large amounts of input data then a length check can overflow resulting in a heap corruption.
Internally to OpenSSL the EVP_EncodeUpdate() function is primarly used by the PEM_write_bio family of functions. These are mainly used within the OpenSSL command line applications. These internal uses are not considered vulnerable because all calls are bounded with length checks so no overflow is possible. User applications that call these APIs directly with large amounts of untrusted data may be vulnerable. (Note: Initial analysis suggested that the PEM_write_bio were vulnerable, and this is reflected in the patch commit message. This is no longer believed to be the case).
OpenSSL 1.0.2 users should upgrade to 1.0.2h OpenSSL 1.0.1 users should upgrade to 1.0.1t
This issue was reported to OpenSSL on 3rd March 2016 by Guido Vranken. The fix was developed by Matt Caswell of the OpenSSL development team.
EVP_EncryptUpdate overflow (CVE-2016-2106)
Severity: Low
An overflow can occur in the EVP_EncryptUpdate() function. If an attacker is able to supply very large amounts of input data after a previous call to EVP_EncryptUpdate() with a partial block then a length check can overflow resulting in a heap corruption. Following an analysis of all OpenSSL internal usage of the EVP_EncryptUpdate() function all usage is one of two forms. The first form is where the EVP_EncryptUpdate() call is known to be the first called function after an EVP_EncryptInit(), and therefore that specific call must be safe. The second form is where the length passed to EVP_EncryptUpdate() can be seen from the code to be some small value and therefore there is no possibility of an overflow. Since all instances are one of these two forms, it is believed that there can be no overflows in internal code due to this problem. It should be noted that EVP_DecryptUpdate() can call EVP_EncryptUpdate() in certain code paths. Also EVP_CipherUpdate() is a synonym for EVP_EncryptUpdate(). All instances of these calls have also been analysed too and it is believed there are no instances in internal usage where an overflow could occur.
This could still represent a security issue for end user code that calls this function directly.
OpenSSL 1.0.2 users should upgrade to 1.0.2h OpenSSL 1.0.1 users should upgrade to 1.0.1t
This issue was reported to OpenSSL on 3rd March 2016 by Guido Vranken. The fix was developed by Matt Caswell of the OpenSSL development team.
ASN.1 BIO excessive memory allocation (CVE-2016-2109)
Severity: Low
When ASN.1 data is read from a BIO using functions such as d2i_CMS_bio() a short invalid encoding can casuse allocation of large amounts of memory potentially consuming excessive resources or exhausting memory.
Any application parsing untrusted data through d2i BIO functions is affected. The memory based functions such as d2i_X509() are not affected. Since the memory based functions are used by the TLS library, TLS applications are not affected.
OpenSSL 1.0.2 users should upgrade to 1.0.2h OpenSSL 1.0.1 users should upgrade to 1.0.1t
This issue was reported to OpenSSL on 4th April 2016 by Brian Carpenter. The fix was developed by Stephen Henson of the OpenSSL development team.
EBCDIC overread (CVE-2016-2176)
Severity: Low
ASN1 Strings that are over 1024 bytes can cause an overread in applications using the X509_NAME_oneline() function on EBCDIC systems. This could result in arbitrary stack data being returned in the buffer.
OpenSSL 1.0.2 users should upgrade to 1.0.2h OpenSSL 1.0.1 users should upgrade to 1.0.1t
This issue was reported to OpenSSL on 5th March 2016 by Guido Vranken. The fix was developed by Matt Caswell of the OpenSSL development team.
Note
As per our previous announcements and our Release Strategy (https://www.openssl.org/policies/releasestrat.html), support for OpenSSL version 1.0.1 will cease on 31st December 2016. No security updates for that version will be provided after that date. Users of 1.0.1 are advised to upgrade.
Support for versions 0.9.8 and 1.0.0 ended on 31st December 2015. Those versions are no longer receiving security updates.
References
URL for this Security Advisory: https://www.openssl.org/news/secadv/20160503.txt
Note: the online version of the advisory may be updated with additional details over time.
For details of OpenSSL severity classifications please see: https://www.openssl.org/policies/secpolicy.html
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201605-0077",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.6,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.6,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.6,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 1.6,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "helion openstack",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"model": "helion openstack",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"model": "enterprise linux hpc node eus",
"scope": "eq",
"trust": 1.3,
"vendor": "redhat",
"version": "7.2"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.3,
"vendor": "redhat",
"version": "7.2"
},
{
"model": "enterprise linux server eus",
"scope": "eq",
"trust": 1.3,
"vendor": "redhat",
"version": "7.2"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2"
},
{
"model": "openssl",
"scope": "lte",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1s"
},
{
"model": "android",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "5.0.1"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "15.10"
},
{
"model": "android",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "4.0.2"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2g"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "13.2"
},
{
"model": "android",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "4.0.1"
},
{
"model": "helion openstack",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "2.1.0"
},
{
"model": "node.js",
"scope": "lt",
"trust": 1.0,
"vendor": "nodejs",
"version": "0.12.14"
},
{
"model": "node.js",
"scope": "gte",
"trust": 1.0,
"vendor": "nodejs",
"version": "4.0.0"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2e"
},
{
"model": "android",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "5.0"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "android",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "4.4.1"
},
{
"model": "node.js",
"scope": "gte",
"trust": 1.0,
"vendor": "nodejs",
"version": "0.10.0"
},
{
"model": "android",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "4.0.3"
},
{
"model": "node.js",
"scope": "eq",
"trust": 1.0,
"vendor": "nodejs",
"version": "6.0.0"
},
{
"model": "node.js",
"scope": "lt",
"trust": 1.0,
"vendor": "nodejs",
"version": "4.4.4"
},
{
"model": "android",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "4.2.2"
},
{
"model": "node.js",
"scope": "gte",
"trust": 1.0,
"vendor": "nodejs",
"version": "0.12.0"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "16.04"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "12.04"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2a"
},
{
"model": "node.js",
"scope": "lt",
"trust": 1.0,
"vendor": "nodejs",
"version": "5.11.1"
},
{
"model": "android",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "4.1"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "android",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "4.0.4"
},
{
"model": "android",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "4.3"
},
{
"model": "android",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "5.1"
},
{
"model": "android",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "4.4.2"
},
{
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "android",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "5.1.0"
},
{
"model": "node.js",
"scope": "lte",
"trust": 1.0,
"vendor": "nodejs",
"version": "4.1.2"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "14.04"
},
{
"model": "android",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "4.4"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2d"
},
{
"model": "android",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "4.0"
},
{
"model": "android",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "4.2"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "node.js",
"scope": "lt",
"trust": 1.0,
"vendor": "nodejs",
"version": "0.10.45"
},
{
"model": "android",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "4.3.1"
},
{
"model": "android",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "4.2.1"
},
{
"model": "android",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "4.4.3"
},
{
"model": "helion openstack",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "2.0.0"
},
{
"model": "android",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "4.1.2"
},
{
"model": "leap",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "42.1"
},
{
"model": "node.js",
"scope": "gte",
"trust": 1.0,
"vendor": "nodejs",
"version": "4.2.0"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2f"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "8.0"
},
{
"model": "node.js",
"scope": "gte",
"trust": 1.0,
"vendor": "nodejs",
"version": "5.0.0"
},
{
"model": "registered envelope service",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "0"
},
{
"model": "paging server",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": "11.5.1"
},
{
"model": "ironport encryption appliance",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence video communication server",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus series switches 5.2 sv3",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": "1000v"
},
{
"model": "network performance analytics",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "0"
},
{
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.2.1"
},
{
"model": "clean access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.9"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.6"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.53"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.18"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.10"
},
{
"model": "nexus series blade switches 0.9.8zf",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4000"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.5"
},
{
"model": "cognos insight fp if",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.216"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5.1.6"
},
{
"model": "unified intelligent contact management enterprise",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.51"
},
{
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "85100"
},
{
"model": "unified workforce optimization",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1.4"
},
{
"model": "rational tau",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.35"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "asr series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50000"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.2"
},
{
"model": "tivoli netcool system service monitors fp3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(1)"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.11"
},
{
"model": "websphere cast iron",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.1"
},
{
"model": "prime security manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9.5.4.3"
},
{
"model": "watson explorer foundational components",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.6"
},
{
"model": "tivoli netcool system service monitors fp15",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "ata analog telephone adaptor",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1879.2.5"
},
{
"model": "prime license manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3394"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.2"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.8"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.7"
},
{
"model": "mysql enterprise backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.10.1"
},
{
"model": "local collector appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2.8"
},
{
"model": "9.3-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "mds series multilayer switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "90008.3"
},
{
"model": "spa50x series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tivoli netcool system service monitors fp1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "telepresence integrator c series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.3.7"
},
{
"model": "10.1-release-p17",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "sterling connect:express for unix ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.6.1146-109"
},
{
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.2"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"model": "nexus intercloud",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1000v0"
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.0"
},
{
"model": "buildforge",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"model": "project openssl 1.0.1i",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "unified workforce optimization quality management sr3 es5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.0"
},
{
"model": "qradar",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0"
},
{
"model": "security identity manager virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.2"
},
{
"model": "xenserver common criteria",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "6.0.2"
},
{
"model": "mediasense",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5.1"
},
{
"model": "unified ip phone 9.4.2sr3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8961"
},
{
"model": "unified wireless ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.0.11"
},
{
"model": "spa122 ata with router",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.4.5"
},
{
"model": "webex meeting center",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.9.1"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.6"
},
{
"model": "10.2-release-p6",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.211"
},
{
"model": "virtual security gateway for microsoft hyper-v",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(1)"
},
{
"model": "communications session border controller scz7.3.0",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.5"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.11-28"
},
{
"model": "security appscan enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.2"
},
{
"model": "cognos tm1 interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1.2"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.3"
},
{
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"model": "primavera p6 professional project management",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.3"
},
{
"model": "security network controller 1.0.3350m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "anyconnect secure mobility client for linux",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3"
},
{
"model": "anyconnect secure mobility client for android",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3"
},
{
"model": "lancope stealthwatch flowsensor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.17"
},
{
"model": "abyp-2t-1s-1l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "websphere cast iron",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.1"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.30.0-13"
},
{
"model": "abyp-10g-2sr-2lr-1-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.14"
},
{
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.2.1"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.16"
},
{
"model": "agent for openflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0.7"
},
{
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32200"
},
{
"model": "show and share",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(3)"
},
{
"model": "webex meetings for wp8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "netezza platform software 7.1.0.9-p1",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "webex meetings for android",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.3"
},
{
"model": "flex system fc3171 8gb san pass-thru",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.8.01.00"
},
{
"model": "ios software and cisco ios xe software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "16.3.1"
},
{
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.2"
},
{
"model": "webex meeting center",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.9.0.5"
},
{
"model": "exalogic infrastructure",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0"
},
{
"model": "proventia network enterprise scanner",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3"
},
{
"model": "enterprise content delivery system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.4.1"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.19"
},
{
"model": "netezza platform software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.7"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.4"
},
{
"model": "abyp-10g-4lr-1-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3200"
},
{
"model": "sterling connect:direct for hp nonstop ifix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.6.0.1030"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.2"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.1"
},
{
"model": "webex meetings server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.7"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(2.10000.5)"
},
{
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"model": "telepresence server on multiparty media",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3204.4"
},
{
"model": "helion openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.5"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v5000-"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.5"
},
{
"model": "project openssl 1.0.1f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.15"
},
{
"model": "jabber for android mr",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6"
},
{
"model": "websphere cast iron",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.12"
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.5"
},
{
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.0"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.7"
},
{
"model": "business intelligence enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1.1.9.0"
},
{
"model": "sterling connect:express for unix ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.6.1146-110"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"model": "messagesight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2"
},
{
"model": "prime network services controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "communications application session controller",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.0"
},
{
"model": "helion openstack",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.63"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.30-12"
},
{
"model": "tivoli netcool system service monitors",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "cognos tm1 fix pack",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.26"
},
{
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.5"
},
{
"model": "life sciences data hub",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2.0"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.3"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.1"
},
{
"model": "netezza platform software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.8"
},
{
"model": "cloud manager with openstack interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.4"
},
{
"model": "websphere cast iron",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.0.1"
},
{
"model": "unified attendant console department edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "netezza platform software",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.1.3"
},
{
"model": "series ip phones vpn feature",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8800-0"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3387"
},
{
"model": "webex messenger service",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.20"
},
{
"model": "abyp-10g-4sr-1-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "media experience engines",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "10.3-stable",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.2.2"
},
{
"model": "mysql enterprise backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.10"
},
{
"model": "video distribution suite for internet streaming",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "digital media players series 5.4 rb",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4300"
},
{
"model": "telepresence server on multiparty media mr2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3204.2"
},
{
"model": "security appscan enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.7"
},
{
"model": "enterprise session border controller ecz7.3m2p2",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "jabber for mac",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.7"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.12"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1"
},
{
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3204.1"
},
{
"model": "lancope stealthwatch smc",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.7.3"
},
{
"model": "packet tracer",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.0"
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"model": "unified intelligence center",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5.1"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(3.10000.9)"
},
{
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.0.6"
},
{
"model": "infosphere data explorer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"model": "webex meetings client hosted",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "enterprise",
"scope": "ne",
"trust": 0.3,
"vendor": "splunk",
"version": "6.2.10"
},
{
"model": "sterling connect:express for unix ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.6.1146-108"
},
{
"model": "sterling connect:express for unix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.13"
},
{
"model": "operations agent",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "11.16"
},
{
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.1.5"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.6"
},
{
"model": "flashsystem 9848-ac0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "840"
},
{
"model": "netezza platform software 7.2.0.7-p1",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.5"
},
{
"model": "9.3-release-p13",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0"
},
{
"model": "edge digital media player 1.6rb4 5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "300"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6"
},
{
"model": "9.3-release-p36",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89450"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.10"
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.2"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2.2"
},
{
"model": "webex meeting center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.9"
},
{
"model": "spa30x series ip phones",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.6.5"
},
{
"model": "digital media players series 5.4 rb",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4400"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.13"
},
{
"model": "enterprise content management system monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "spa112 2-port phone adapter",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mysql enterprise backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.12.2"
},
{
"model": "lancope stealthwatch smc",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8"
},
{
"model": "video surveillance series high-definition ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "40002.4.7"
},
{
"model": "video surveillance media server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.7"
},
{
"model": "light",
"scope": "ne",
"trust": 0.3,
"vendor": "splunk",
"version": "6.4.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.5"
},
{
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "84200"
},
{
"model": "websphere cast iron",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "9.3-release-p41",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "flex system fc3171 8gb san switch",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.8.01.00"
},
{
"model": "lancope stealthwatch udp director",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "agile engineering data management",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2.0.0"
},
{
"model": "cloud object store",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.8"
},
{
"model": "registered envelope service",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"model": "telepresence server on multiparty media",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3104.4"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.4"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.7"
},
{
"model": "anyconnect secure mobility client for linux",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"model": "asa cx and prime security manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.1.10"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.4"
},
{
"model": "anyconnect secure mobility client for android",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"model": "edge digital media player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3000"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.1"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.5"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.1"
},
{
"model": "10.3-rc2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.3"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "xenserver",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "6.0.2"
},
{
"model": "show and share",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified communications for microsoft lync",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6"
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.4"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.7"
},
{
"model": "abyp-0t-0s-4l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "flashsystem 9840-ae1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "840"
},
{
"model": "sterling connect:direct for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"model": "application policy infrastructure controller",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0(0.400)"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.3.2"
},
{
"model": "digital media manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3.6"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.3"
},
{
"model": "lancope stealthwatch flowcollector netflow",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "lancope stealthwatch smc",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.2"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "enterprise",
"scope": "ne",
"trust": 0.3,
"vendor": "splunk",
"version": "6.4.2"
},
{
"model": "life sciences data hub",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2.1"
},
{
"model": "tivoli netcool system service monitors interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.12-04"
},
{
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.2.1"
},
{
"model": "telepresence server on virtual machine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cognos tm1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"model": "rational application developer for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1.1"
},
{
"model": "prime license manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"model": "infosphere data explorer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2-4"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.2"
},
{
"model": "tivoli netcool system service monitors interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.12-01"
},
{
"model": "nexus series switches 7.3.1nx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6000"
},
{
"model": "netezza platform software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.9"
},
{
"model": "9.3-release-p39",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "rational application developer for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.0.1"
},
{
"model": "sterling connect:express for unix ifix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.6.1146-114"
},
{
"model": "flashsystem 9848-ae1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "840"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.2"
},
{
"model": "xenserver",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "6.2"
},
{
"model": "telepresence profile series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.1.2"
},
{
"model": "anyconnect secure mobility client for os",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x4.2"
},
{
"model": "tivoli netcool system service monitors interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.014-08"
},
{
"model": "application policy infrastructure controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "globalprotect agent",
"scope": "ne",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "3.1.1"
},
{
"model": "10.3-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.1"
},
{
"model": "netezza platform software 7.2.1.2-p1",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "connected analytics for collaboration",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cognos tm1 interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.0.2"
},
{
"model": "multicast manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "10.1-release-p23",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"model": "qradar siem mr2 patch",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.113"
},
{
"model": "lancope stealthwatch udp director",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.1"
},
{
"model": "security identity manager virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.0"
},
{
"model": "9.3-release-p6",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "communications webrtc session controller",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "7.1"
},
{
"model": "telepresence serial gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2"
},
{
"model": "webex meetings server 2.5mr2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "services analytic platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jabber for apple ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.7"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89610"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "60006.2.17"
},
{
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.2"
},
{
"model": "security network controller 1.0.3376m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "agent for openflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1.5"
},
{
"model": "xenserver",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "6.5"
},
{
"model": "virtual security gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(1)"
},
{
"model": "unified attendant console enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 1.0.2b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "prime data center network manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime access registrar",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.1"
},
{
"model": "9.3-release-p34",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.0"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.10"
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.1"
},
{
"model": "project openssl 1.0.1l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "websphere cast iron",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "unity connection",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 1.0.1h",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(2.13900.9)"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.1"
},
{
"model": "ata series analog terminal adaptor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1900"
},
{
"model": "network health framework",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "infosphere information server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.5"
},
{
"model": "spa232d multi-line dect ata",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "show and share",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(1)"
},
{
"model": "unified series ip phones",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "780011.5.2"
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.3.0.0"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.2"
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(3.10000.9)"
},
{
"model": "hosted collaboration mediation fulfillment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.6(3)"
},
{
"model": "communications application session controller",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.5"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.3"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.2"
},
{
"model": "video distribution suite for internet streaming",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3.2"
},
{
"model": "emergency responder",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"model": "xenserver service pack",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "6.21"
},
{
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32400"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5.1.131"
},
{
"model": "watson explorer foundational components",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.0.0.1"
},
{
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.1"
},
{
"model": "lancope stealthwatch flowcollector netflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.1"
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.2"
},
{
"model": "abyp-4tl-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "powerkvm",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1209"
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4.0.0"
},
{
"model": "edge digital media player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3400"
},
{
"model": "prime collaboration assurance sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"model": "unified contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jabber guest",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0(2)"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3361"
},
{
"model": "10.1-release-p5",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "unified ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "69010"
},
{
"model": "flex system fc3171 8gb san pass-thru",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "websphere cast iron",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.15"
},
{
"model": "prime collaboration deployment",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"model": "visual quality experience server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "filenet system monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"model": "project openssl 1.0.1t",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "anyconnect secure mobility client for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3"
},
{
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.4.0"
},
{
"model": "netezza platform software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.3"
},
{
"model": "webex recording playback client",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "communications application session controller",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.6"
},
{
"model": "9.3-release-p38",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.2"
},
{
"model": "sterling connect:direct for hp nonstop",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.1"
},
{
"model": "9.3-release-p10",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.16-37"
},
{
"model": "10.2-release-p13",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "nexus series switches 7.3.1nx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"model": "opensuse evergreen",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.4"
},
{
"model": "prime infrastructure standalone plug and play gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings for blackberry",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tivoli netcool system service monitors interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.014-01"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "87100"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.1"
},
{
"model": "communications application session controller",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.4"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.4.2"
},
{
"model": "unified attendant console advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.3"
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "10.2-release-p9",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "project openssl 1.0.1s",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "websphere application server liberty pr",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.0-"
},
{
"model": "10.1-release-p27",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.3.4"
},
{
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32100"
},
{
"model": "digital media players series 5.4 rb",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4300"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"model": "buildforge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "abyp-2t-1s-1l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "rational tau",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.36"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "flashsystem 9846-ac0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "840"
},
{
"model": "websphere cast iron",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.3"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.03"
},
{
"model": "anyconnect secure mobility client for os",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x4.3"
},
{
"model": "unified ip phone series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "79000"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.213"
},
{
"model": "websphere cast iron",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.7"
},
{
"model": "rational tau",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.34"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1"
},
{
"model": "anyres live",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ons series multiservice provisioning platforms",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1545410.6.1"
},
{
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.4.0"
},
{
"model": "telepresence server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70104.4"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.5.1"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.14"
},
{
"model": "globalprotect agent",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "3.1.0"
},
{
"model": "abyp-2t-2s-0l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "mds series multilayer switches 7.3.1nx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9000"
},
{
"model": "communications unified session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "7.3.5"
},
{
"model": "cognos insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.4"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.11"
},
{
"model": "unified sip proxy",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0"
},
{
"model": "abyp-0t-4s-0l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.5"
},
{
"model": "digital media players series 5.4 rb",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4400"
},
{
"model": "watson explorer foundational components",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0.0.2"
},
{
"model": "rational application developer for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"model": "unified communications for microsoft lync",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tivoli composite application manager for transactions if03",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.4.0.1"
},
{
"model": "access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.4"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.4"
},
{
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.2.2"
},
{
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.2.5"
},
{
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.1.0"
},
{
"model": "digital media players series 5.3 rb",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4300"
},
{
"model": "telepresence profile series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.3.7"
},
{
"model": "openssh for gpfs for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5"
},
{
"model": "primavera p6 professional project management",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "16.0"
},
{
"model": "anyconnect secure mobility client",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3"
},
{
"model": "tivoli provisioning manager for images",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.0"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.5"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.2"
},
{
"model": "webex meetings server ssl gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "ironport email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "9.3-release-p3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "prime collaboration provisioning",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.2"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.12"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.2"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.1"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.3"
},
{
"model": "telepresence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70100"
},
{
"model": "rational software architect for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.2"
},
{
"model": "websphere cast iron",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.0"
},
{
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.0"
},
{
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.1.1"
},
{
"model": "cognos tm1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.0"
},
{
"model": "project openssl 1.0.2d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "10.3"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "prime lan management solution",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4.3.0"
},
{
"model": "algo audit and compliance if",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0.32"
},
{
"model": "spa525g",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "9.3-release-p25",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "xenserver",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "6.1"
},
{
"model": "unified ip phone 9.4.2sr3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9971"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.1"
},
{
"model": "abyp-2t-0s-2l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "spa112 2-port phone adapter",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.4.5"
},
{
"model": "cognos tm1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2"
},
{
"model": "rational tau interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.6"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.14"
},
{
"model": "rational software architect for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "cloupia unified infrastructure controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "hosted collaboration mediation fulfillment",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5:20"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.1.1"
},
{
"model": "agent desktop for cisco unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.2"
},
{
"model": "digital media players series 5.3 rb",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4400"
},
{
"model": "network analysis module",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.3.1"
},
{
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.1.0"
},
{
"model": "security access manager for web",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.4"
},
{
"model": "virtual security gateway vsg2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "linux x86 64 -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "policy suite",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "flashsystem 9843-ae2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "900"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "10.1"
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.7"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.18"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.3"
},
{
"model": "anyconnect secure mobility client for ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.0"
},
{
"model": "telepresence sx series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.1.2"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.9"
},
{
"model": "anyconnect secure mobility client for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2"
},
{
"model": "webex meetings for wp8",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings for wp8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.1"
},
{
"model": "wide area application services",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.5.7"
},
{
"model": "9.3-release-p24",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "security privileged identity manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"model": "prime ip express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.0"
},
{
"model": "mysql workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.1.4"
},
{
"model": "10.1-release-p30",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "intelligent automation for cloud",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "0.9.8"
},
{
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.0.4"
},
{
"model": "business intelligence enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1.1.0.0"
},
{
"model": "communications eagle lnp application processor",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.0"
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.11"
},
{
"model": "edge digital media player",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3401.2.0.20"
},
{
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.1.4"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.1"
},
{
"model": "abyp-0t-4s-0l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.8"
},
{
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "42000"
},
{
"model": "standalone rack server cimc",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.0.0"
},
{
"model": "intracer",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ironport email security appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5"
},
{
"model": "transportation management",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.1"
},
{
"model": "mmp server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.9.0.5"
},
{
"model": "websphere cast iron",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4.0.1"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.4.4"
},
{
"model": "10.1-release-p25",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "enterprise content management system monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "infosphere information server on cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.5"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"model": "mq appliance m2001",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "cognos business intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"model": "security guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.13"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.4"
},
{
"model": "project openssl 1.0.1m",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0(1)"
},
{
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"model": "10.1-release-p6",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0.2"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.21"
},
{
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.3"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.13-41"
},
{
"model": "websphere cast iron",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.9"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"model": "identity services engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "universal small cell series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70003.4.2.0"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.0"
},
{
"model": "10.1-release-p33",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "telepresence conductor",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3"
},
{
"model": "unified attendant console standard",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jazz reporting service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "mate live",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "netezza platform software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.12"
},
{
"model": "security appscan enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.3"
},
{
"model": "telepresence integrator c series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.2"
},
{
"model": "lancope stealthwatch udp director",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.7.3"
},
{
"model": "security identity governance and intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.1"
},
{
"model": "digital media players series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "43000"
},
{
"model": "cloud manager with openstack interim fix1",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.6"
},
{
"model": "unified ip phones 9.3 sr3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6901"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11.0(0.98000.225)"
},
{
"model": "prime performance manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime collaboration provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "telepresence video communication server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.8"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.1"
},
{
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.2.0"
},
{
"model": "abyp-10g-2sr-2lr-1-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1.0.0"
},
{
"model": "telepresence isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32410"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "50008.3"
},
{
"model": "10.1-release-p31",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.0"
},
{
"model": "communications application session controller",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.7"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.8"
},
{
"model": "telepresence ex series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(1.10000.5)"
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.6"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.0"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3376"
},
{
"model": "netezza platform software 7.2.1.1-p1",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "netezza platform software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.18-42"
},
{
"model": "expressway series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.8"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v3500-"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.14"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.4"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.2"
},
{
"model": "unified intelligent contact management enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "anyconnect secure mobility client for ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence mx series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.1.2"
},
{
"model": "sun ray operating software",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1.7"
},
{
"model": "spa232d multi-line dect ata",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.4.5"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.13"
},
{
"model": "watson explorer foundational components",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0.0.0"
},
{
"model": "lancope stealthwatch udp director",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v3700-"
},
{
"model": "telepresence conductor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "dcm series 9900-digital content manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "19.0"
},
{
"model": "sterling connect:direct for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.0"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1876"
},
{
"model": "video surveillance 4300e/4500e high-definition ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0"
},
{
"model": "local collector appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2.12"
},
{
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0.0"
},
{
"model": "10.1-release-p29",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "netezza platform software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.1.1"
},
{
"model": "mac os security update",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x2016"
},
{
"model": "10.1-release-p16",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.11"
},
{
"model": "lancope stealthwatch flowcollector netflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.7.3"
},
{
"model": "security appscan enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.8"
},
{
"model": "virtualization experience media engine",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.7(0)"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.12"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.12"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.3"
},
{
"model": "project openssl 1.0.2h",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "rational tau",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "cognos insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2"
},
{
"model": "policy suite",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0"
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"model": "communications unified session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "7.2.5"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "unified communications manager session management edition",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"model": "rational software architect for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "53000"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0(1)"
},
{
"model": "integration bus",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"model": "webex meetings server mr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "telepresence isdn gw mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83210"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "cloud manager with openstack interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.3"
},
{
"model": "mysql enterprise backup",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.1"
},
{
"model": "nexus series switches 7.3.1dx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7000"
},
{
"model": "asa cx and cisco prime security manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9.5.4.3"
},
{
"model": "rational software architect for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.2.1"
},
{
"model": "management appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cognos insight fp if",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.126"
},
{
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.1.2"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(0.98000.88)"
},
{
"model": "project openssl 1.0.1p",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.1.8"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.19"
},
{
"model": "lancope stealthwatch flowcollector netflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8"
},
{
"model": "sdk for node.js",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.1"
},
{
"model": "websphere cast iron",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.0.2"
},
{
"model": "telepresence server mr2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "87104.2"
},
{
"model": "video surveillance media server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.5.3"
},
{
"model": "project openssl 1.0.1e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "lancope stealthwatch udp director",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.2"
},
{
"model": "telepresence isdn link",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.1.6"
},
{
"model": "project openssl 1.0.2g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0.1"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"model": "telepresence sx series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.3.7"
},
{
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "helion openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.15"
},
{
"model": "cognos business intelligence interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.119"
},
{
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.3.0"
},
{
"model": "10.1-release-p26",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "enterprise content delivery system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.8"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5"
},
{
"model": "intelligent automation for cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.13-34"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.1"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"model": "ucs central 1.5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.1"
},
{
"model": "real-time compression appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.2"
},
{
"model": "cloud manager with openstack interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.3"
},
{
"model": "mobile foundation consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.0.1"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2.2"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.3.5"
},
{
"model": "agent for openflow",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.1"
},
{
"model": "primavera p6 professional project management",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "15.0"
},
{
"model": "tandberg codian mse model",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83200"
},
{
"model": "security identity manager virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.3"
},
{
"model": "lancope stealthwatch flowcollector sflow",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.8"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.20"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.4-23"
},
{
"model": "10.2-release-p14",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "media experience engines",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.5"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70000"
},
{
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0.1"
},
{
"model": "anyconnect secure mobility client for ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "prime access registrar",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.0.1.7"
},
{
"model": "media experience engines",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "lancope stealthwatch flowcollector netflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.2"
},
{
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.2.8"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.15"
},
{
"model": "webex node for mcs",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.12.9.8"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "jabber for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance 4300e/4500e high-definition ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2.8"
},
{
"model": "light",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.4.1"
},
{
"model": "cloud manager with openstack interix fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.3"
},
{
"model": "unified sip proxy",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.7"
},
{
"model": "qradar",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.16"
},
{
"model": "prime optical for sps",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 1.0.1r",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "websphere cast iron",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.8"
},
{
"model": "communications webrtc session controller",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "7.0"
},
{
"model": "enterprise manager base platform",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1.0.5"
},
{
"model": "connected analytics for collaboration 1.0.1q",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "show and share",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(2)"
},
{
"model": "computer telephony integration object server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.51"
},
{
"model": "unified communications for microsoft lync",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.6.7"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.3"
},
{
"model": "packet tracer",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2"
},
{
"model": "openssh for gpfs for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.0.31"
},
{
"model": "mds series multilayer switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"model": "enterprise",
"scope": "ne",
"trust": 0.3,
"vendor": "splunk",
"version": "6.0.12"
},
{
"model": "ace application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "300"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.1.3"
},
{
"model": "security network controller 1.0.3387m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1"
},
{
"model": "prime collaboration deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "9.3-release-p35",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "dx series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.2.3"
},
{
"model": "security network controller 1.0.3379m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "packet tracer",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3"
},
{
"model": "10.2-release-p10",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "spa50x series ip phones",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.6.5"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "abyp-4ts-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "netezza platform software 7.2.0.8-p1",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "operations agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.14"
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.6"
},
{
"model": "jabber software development kit",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "9.3-stable",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "10.1-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "10.1-release-p9",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "transportation management",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.4.1.2"
},
{
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3"
},
{
"model": "telepresence mx series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.3.7"
},
{
"model": "websphere cast iron",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.4.0.0"
},
{
"model": "project openssl 1.0.2a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "sterling connect:direct for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5.00"
},
{
"model": "project openssl 1.0.2f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.2"
},
{
"model": "connected grid router-cgos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.2919"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.9"
},
{
"model": "abyp-0t-2s-2l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "websphere cast iron",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "integration bus",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0"
},
{
"model": "lancope stealthwatch flowcollector sflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.1"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.3"
},
{
"model": "spa30x series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings client on premises",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.1.6"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.7"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5(.1.131)"
},
{
"model": "prime access registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "onepk all-in-one vm",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1(1)"
},
{
"model": "buildforge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.2"
},
{
"model": "lancope stealthwatch flowsensor",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.1"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.1.4"
},
{
"model": "security network controller 1.0.3352m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "connected grid router 15.6.2.15t",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "infosphere information server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.3"
},
{
"model": "counter fraud management for safer payments",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.0"
},
{
"model": "telepresence server on multiparty media mr2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3104.2"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70006.2.17"
},
{
"model": "unified wireless ip phone",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5.1"
},
{
"model": "10.2-release-p12",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "spa51x series ip phones",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.6.5"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.55"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"model": "telepresence server on virtual machine",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.4"
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.0.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.13"
},
{
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.2.2"
},
{
"model": "show and share",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(2.1)"
},
{
"model": "physical access control gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex messenger service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.1"
},
{
"model": "application and content networking system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.5.41"
},
{
"model": "enterprise",
"scope": "ne",
"trust": 0.3,
"vendor": "splunk",
"version": "6.1.11"
},
{
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.2.1"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.9"
},
{
"model": "mds series multilayer switches 7.3.1dx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9000"
},
{
"model": "abyp-10g-4sr-1-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "digital media manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.4.1"
},
{
"model": "video surveillance series ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30002.8"
},
{
"model": "flashsystem 9846-ac1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "840"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.11"
},
{
"model": "mobility services engine",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.0"
},
{
"model": "security access manager for web",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.1.0"
},
{
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.2.4"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.18"
},
{
"model": "jabber for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "10.2"
},
{
"model": "anyconnect secure mobility client for linux",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.3"
},
{
"model": "prime network registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "anyconnect secure mobility client for android",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "cognos business intelligence fixpack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.12"
},
{
"model": "security network controller 1.0.3381m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "99710"
},
{
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.5(4)"
},
{
"model": "meetingplace",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.9"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.0"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.6"
},
{
"model": "ata analog telephone adaptor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1870"
},
{
"model": "universal small cell series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "50003.5.12.21"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "13.1"
},
{
"model": "expressway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.6"
},
{
"model": "unified ip phone 9.4.2sr3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8945"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.2"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0(1.10000.12)"
},
{
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.3"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.6"
},
{
"model": "mate design",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.6"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.1"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.5"
},
{
"model": "rational tau",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.31"
},
{
"model": "connected grid routers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified workforce optimization sr3 es5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.0"
},
{
"model": "project openssl 1.0.1d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "unified communications manager 10.5 su3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "abyp-4tl-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "nac server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.3"
},
{
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3100"
},
{
"model": "security proventia network active bypass 0343c3c",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.12"
},
{
"model": "network analysis module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.5.2"
},
{
"model": "prime optical for sps",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.6"
},
{
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "45000"
},
{
"model": "telepresence server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "87104.4"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.6"
},
{
"model": "webex meetings for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.0"
},
{
"model": "sterling connect:direct for hp nonstop",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance series ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70002.8"
},
{
"model": "abyp-4t-0s-0l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "virtual security gateway for microsoft hyper-v vsg2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "wide area application services",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2.3"
},
{
"model": "mmp server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.9.1"
},
{
"model": "business intelligence enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1.1.7.0"
},
{
"model": "primavera p6 professional project management",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.4"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.2.1"
},
{
"model": "project openssl 1.0.1b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "universal small cell series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70003.5.12.21"
},
{
"model": "security access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.0.0"
},
{
"model": "unified ip phone 9.4.2sr3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9951"
},
{
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "content security appliance updater servers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence ex series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.3.7"
},
{
"model": "jazz reporting service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "50006.2.17"
},
{
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.30.4-12"
},
{
"model": "webex node for mcs",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "900012.0"
},
{
"model": "sterling connect:direct for hp nonstop",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.6"
},
{
"model": "rational tau",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.32"
},
{
"model": "tivoli netcool system service monitors",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "unified series ip conference phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"model": "unified communications manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.2.7"
},
{
"model": "unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3379"
},
{
"model": "communications webrtc session controller",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "7.2"
},
{
"model": "videoscape control suite",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.8"
},
{
"model": "watson explorer foundational components",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.0.0.3"
},
{
"model": "jabber software development kit",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.7"
},
{
"model": "unified contact center express",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5.1"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.99.2"
},
{
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.1.9"
},
{
"model": "telepresence profile series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tivoli provisioning manager for images",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x7.1.1.0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.7"
},
{
"model": "prime access registrar",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.2"
},
{
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "im and presence service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "9.3-release-p29",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "cloud object store",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.1"
},
{
"model": "spa51x series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mate collector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.3"
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "security network controller 1.0.3361m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.10"
},
{
"model": "telepresence server on virtual machine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2"
},
{
"model": "10.2-release-p8",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "proactive network operations center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.5"
},
{
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11"
},
{
"model": "project openssl 1.0.1a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "enterprise",
"scope": "ne",
"trust": 0.3,
"vendor": "splunk",
"version": "6.3.6"
},
{
"model": "watson explorer foundational components",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.0.0.2"
},
{
"model": "mediasense 9.0",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "communications session border controller scz7.4.0",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.3"
},
{
"model": "cognos insight fp",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.26"
},
{
"model": "communications session router scz740",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "im and presence service",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"model": "jabber guest",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "show and share",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5(2)"
},
{
"model": "series ip phones vpn feature",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8800-11.5.2"
},
{
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.4.0.1"
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jd edwards enterpriseone tools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.1.1"
},
{
"model": "content security management appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "10.1-release-p28",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.3"
},
{
"model": "prime collaboration assurance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.4"
},
{
"model": "asa next-generation firewall services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence content server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "digital media players series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44000"
},
{
"model": "flashsystem 9843-ae1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "840"
},
{
"model": "project openssl 1.0.1g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "media experience engines",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.5.1"
},
{
"model": "exalogic infrastructure",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2.0"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.4"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "light",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.4.0"
},
{
"model": "anyconnect secure mobility client",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.1"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.25-57"
},
{
"model": "flashsystem 9848-ac1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "840"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.18-43"
},
{
"model": "cloud manager with openstack interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.5"
},
{
"model": "media services interface",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.1"
},
{
"model": "ips",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security appscan enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.1"
},
{
"model": "meetingplace",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.7"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.2"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.913"
},
{
"model": "webex messenger service ep1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.9.9"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.2"
},
{
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.0.0"
},
{
"model": "unified attendant console premium edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "flashsystem 9846-ae1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "840"
},
{
"model": "mysql workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.1.5"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.5.3"
},
{
"model": "pureapplication system",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1"
},
{
"model": "mds series multilayer switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "90006.2.17"
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0.0"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.10"
},
{
"model": "netezza platform software 7.2.0.4-p2",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.0.997"
},
{
"model": "cognos insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"model": "jabber guest",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.0"
},
{
"model": "operations agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.15"
},
{
"model": "lancope stealthwatch flowcollector sflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.7.3"
},
{
"model": "mmp server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "13.2"
},
{
"model": "prime security manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.3.4.2-4"
},
{
"model": "websphere cast iron",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.2"
},
{
"model": "telepresence isdn link",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified attendant console business edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cloud manager with openstack interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.5"
},
{
"model": "cognos business intelligence interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.117"
},
{
"model": "unified contact center enterprise",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.51"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.54"
},
{
"model": "bigfix remote control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.2"
},
{
"model": "powerkvm",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.11"
},
{
"model": "sterling connect:direct for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5.01"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.15-36"
},
{
"model": "lancope stealthwatch flowsensor",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.7.3"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.06"
},
{
"model": "websphere cast iron",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.6"
},
{
"model": "nac guest server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "local collector appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2.10"
},
{
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(1)"
},
{
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.2.6"
},
{
"model": "vm virtualbox",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.22"
},
{
"model": "mobile foundation consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.0.0"
},
{
"model": "flashsystem 9840-ae2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "900"
},
{
"model": "webex meetings client hosted t31r1sp6",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cloud manager with openstack interim fix1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.6"
},
{
"model": "virtualization experience media engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance series ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "60002.8"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3x000"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.18"
},
{
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.0.1"
},
{
"model": "netezza platform software",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.9"
},
{
"model": "ata series analog terminal adaptor",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1901.3"
},
{
"model": "enterprise manager base platform",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "13.1.0.0"
},
{
"model": "virtualization experience media engine",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5.1"
},
{
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.3.1"
},
{
"model": "abyp-10g-4lr-1-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "9.3-release-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "video surveillance ptz ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8"
},
{
"model": "spa122 ata with router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational application developer for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.4"
},
{
"model": "identity services engine",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2.1"
},
{
"model": "project openssl 1.0.1c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "infosphere information server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "lancope stealthwatch flowcollector sflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8"
},
{
"model": "qradar siem/qrif/qrm/qvm patch",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.71"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1768"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.1"
},
{
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.6"
},
{
"model": "abyp-0t-0s-4l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "nexus series switches 7.3.1nx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7000"
},
{
"model": "abyp-4t-0s-0l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "netezza platform software 7.2.0.4-p3",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "algo audit and compliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "lancope stealthwatch smc",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence server on virtual machine mr2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "unified ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "69450"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "60008.3"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.30.2-9"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70008.3"
},
{
"model": "sterling connect:express for unix ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.6.1146-113"
},
{
"model": "lancope stealthwatch flowsensor",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.3(1)"
},
{
"model": "hosted collaboration mediation fulfillment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "digital media manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.4"
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "security manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.12"
},
{
"model": "abyp-0t-2s-2l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "nexus series switches 7.3.1dx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6000"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.29-9"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.6"
},
{
"model": "telepresence server mr2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70104.2"
},
{
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.1.1"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.0"
},
{
"model": "rational software architect for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"model": "watson explorer foundational components",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.0.0.0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.14"
},
{
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.20"
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"model": "adaptive security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "flex system fc3171 8gb san switch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.2.9"
},
{
"model": "project openssl 1.0.1n",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.1o",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "anyconnect secure mobility client for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.3.3"
},
{
"model": "webex meetings client on premises",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "-2.7"
},
{
"model": "unified ip conference phone for third-party call control",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"model": "communications session router scz730",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "common services platform collector",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.9.1"
},
{
"model": "project openssl 1.0.2e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.2"
},
{
"model": "hosted collaboration mediation fulfillment",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"model": "project openssl 1.0.1q",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "dcm series 9900-digital content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "digital media manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3"
},
{
"model": "lancope stealthwatch flowcollector sflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.2"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.13"
},
{
"model": "10.1-release-p19",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "mmp server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.10"
},
{
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.0.3"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.010"
},
{
"model": "cognos business intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "99510"
},
{
"model": "agile engineering data management",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.1.3.0"
},
{
"model": "lancope stealthwatch flowsensor",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.2"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.12"
},
{
"model": "business intelligence enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.2.1.1.0"
},
{
"model": "partner supporting service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "unified series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "78000"
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.8"
},
{
"model": "10.2-release-p11",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.6"
},
{
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.71"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.11"
},
{
"model": "socialminer",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.3"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5"
},
{
"model": "tivoli netcool system service monitors fp14",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "jabber for apple ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6.2"
},
{
"model": "9.3-release-p33",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.8"
},
{
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "spa525g",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.6.5"
},
{
"model": "telepresence integrator c series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.1.2"
},
{
"model": "buildforge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.3"
},
{
"model": "netezza platform software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.1"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.1.4"
},
{
"model": "telepresence sx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network controller 1.0.3394m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.1.5"
},
{
"model": "lancope stealthwatch smc",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.1"
},
{
"model": "telepresence content server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.2"
},
{
"model": "websphere message broker",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "sterling connect:direct for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.5"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "50007.3.1"
},
{
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.5(3)"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.5"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"model": "security identity manager virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.9"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.18-49"
},
{
"model": "infosphere information server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "mq appliance m2000",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "telepresence ex series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.1.2"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1000v0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.3.2"
},
{
"model": "network admission control",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 1.0.1j",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "nexus series switches 7.3.1dx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"model": "mobile security suite",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.0.1"
},
{
"model": "security identity manager virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.1"
},
{
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.4.0.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5(.1.6)"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1"
},
{
"model": "access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1.1.7.0"
},
{
"model": "jazz reporting service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "abyp-2t-2s-0l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3381"
},
{
"model": "rational software architect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.9-34"
},
{
"model": "abyp-4ts-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.5.1"
},
{
"model": "9.3-release-p31",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "infosphere information server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "prime network",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "anyconnect secure mobility client for ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.02"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.12"
},
{
"model": "unity connection",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(1.98991.13)"
},
{
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.1.7"
},
{
"model": "xenserver",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "6.0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.16"
},
{
"model": "netflow generation appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "pureapplication system",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.2.3"
},
{
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3104.1"
},
{
"model": "webex meetings server ssl gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "-2.7"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.5"
},
{
"model": "rational application developer for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"model": "tivoli composite application manager for transactions if37",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0.1"
},
{
"model": "tivoli network manager ip edition fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.94"
},
{
"model": "messagesight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"model": "email security appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.2"
},
{
"model": "connected grid router cgos 15.6.2.15t",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "9.3-release-p5",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "security identity manager virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.1"
},
{
"model": "application and content networking system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 1.0.1k",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "communications session router ecz730",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "netezza platform software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.4.1.2"
},
{
"model": "jabber for mac",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "10.3-release-p2",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "emergency responder 10.5",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.2"
},
{
"model": "unified communications manager session management edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance ptz ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "9.3-release-p9",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "project openssl 1.0.2c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "xenserver service pack",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "6.51"
},
{
"model": "virtual security gateway for microsoft hyper-v",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified ip phone series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "79009.4(2)"
},
{
"model": "video surveillance media server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.9"
},
{
"model": "10.2-release-p16",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.9"
},
{
"model": "buildforge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.1"
},
{
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.0"
},
{
"model": "watson explorer foundational components",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.0"
},
{
"model": "anyres live",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9.4.5"
},
{
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.3.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"model": "infosphere information server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.7"
},
{
"model": "telepresence mx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.2"
},
{
"model": "jazz reporting service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.10"
},
{
"model": "abyp-2t-0s-2l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "visual quality experience tools server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational tau",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.33"
},
{
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3"
},
{
"model": "firesight system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational team concert",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.1"
},
{
"model": "anyconnect secure mobility client for os",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x4.0"
},
{
"model": "ip interoperability and collaboration system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
}
],
"sources": [
{
"db": "BID",
"id": "89760"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-080"
},
{
"db": "NVD",
"id": "CVE-2016-2107"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2g:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2:beta3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.0.1s",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2:beta2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:5.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:google:android:4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:google:android:4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:google:android:4.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:google:android:4.4.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:google:android:4.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:google:android:4.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:google:android:4.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:google:android:4.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:google:android:5.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:google:android:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:google:android:4.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:google:android:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:google:android:4.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:google:android:4.4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:google:android:4.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:google:android:4.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:google:android:4.4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:google:android:5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:google:android:4.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:hp:helion_openstack:2.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hp:helion_openstack:2.1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hp:helion_openstack:2.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hp:helion_openstack:2.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:nodejs:node.js:6.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.1.2",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "0.12.14",
"versionStartIncluding": "0.12.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "0.10.45",
"versionStartIncluding": "0.10.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.4.4",
"versionStartIncluding": "4.2.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.11.1",
"versionStartIncluding": "5.0.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-2107"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Juraj Somorovsky using TLS-Attacker",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201605-080"
}
],
"trust": 0.6
},
"cve": "CVE-2016-2107",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 4.9,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 4.9,
"id": "CVE-2016-2107",
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "LOW",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-2107",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201605-080",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2016-2107",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-2107"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-080"
},
{
"db": "NVD",
"id": "CVE-2016-2107"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h does not consider memory allocation during a certain padding check, which allows remote attackers to obtain sensitive cleartext information via a padding-oracle attack against an AES CBC session. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-0169. OpenSSL is prone to an information-disclosure vulnerability. \nAn attacker can exploit this issue to perform man-in-the-middle attacks and obtain sensitive information. Successful exploits will lead to other attacks. \nNote : This issue is the result of an incomplete fix for the issue described in 57778 (Multiple TLS And DTLS Implementations CVE-2013-0169 Information Disclosure Vulnerability)\nOpenSSL versions 1.0.2 prior to 1.0.2h are vulnerable. \nOpenSSL versions 1.0.1 prior to 1.0.1t are vulnerable. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03756en_us\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: hpesbhf03756en_us\nVersion: 1\n\nHPESBHF03756 rev.1 - HPE Network Products including Comware 7, iMC, and VCX\nrunning OpenSSL, Remote Denial of Service (DoS), Disclosure of Sensitive\nInformation\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2017-06-05\nLast Updated: 2017-06-05\n\nPotential Security Impact: Remote: Denial of Service (DoS), Disclosure of\nSensitive Information\n\nSource: Hewlett Packard Enterprise, Product Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities with OpenSSL have been addressed for HPE\nnetwork products including Comware 7, iMC, and VCX. The vulnerabilities could\nbe remotely exploited resulting in Denial of Service (DoS) or disclosure of\nsensitive information. \n\nReferences:\n\n - CVE-2016-2105 - Remote Denial of Service (DoS)\n - CVE-2016-2106 - Remote Denial of Service (DoS)\n - CVE-2016-2107 - Remote disclosure of sensitive information\n - CVE-2016-2108 - Remote Denial of Service (DoS)\n - CVE-2016-2109 - Remote Denial of Service (DoS)\n - CVE-2016-2176 - Remote Denial of Service (DoS)\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \n\n - VCX Products All versions - Please refer to the RESOLUTION below for a\nlist of updated products. \n - Comware v7 (CW7) Products All versions - Please refer to the RESOLUTION\nbelow for a list of updated products. \n - HP Intelligent Management Center (iMC) All versions - Please refer to the\nRESOLUTION below for a list of updated products. \n\nBACKGROUND\n\n CVSS Base Metrics\n =================\n Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector\n\n CVE-2016-2105\n 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\n 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n CVE-2016-2106\n 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\n 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n CVE-2016-2107\n 3.7 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N\n 2.6 (AV:N/AC:H/Au:N/C:P/I:N/A:N)\n\n CVE-2016-2108\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2016-2109\n 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\n 7.8 (AV:N/AC:L/Au:N/C:N/I:N/A:C)\n\n CVE-2016-2176\n 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L\n 6.4 (AV:N/AC:L/Au:N/C:P/I:N/A:P)\n\n Information on CVSS is documented in\n HPE Customer Notice HPSN-2008-002 here:\n\nhttps://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499\n\nRESOLUTION\n\nHPE has made the following software updates available to resolve the\nvulnerabilities in the Comware 7, iMC and VCX products running OpenSSL. \n\n**COMWARE 7 Products**\n\n + 12500 (Comware 7) - Version: R7377P02\n * HP Network Products\n - JC072B HP 12500 Main Processing Unit\n - JC085A HP A12518 Switch Chassis\n - JC086A HP A12508 Switch Chassis\n - JC652A HP 12508 DC Switch Chassis\n - JC653A HP 12518 DC Switch Chassis\n - JC654A HP 12504 AC Switch Chassis\n - JC655A HP 12504 DC Switch Chassis\n - JF430A HP A12518 Switch Chassis\n - JF430B HP 12518 Switch Chassis\n - JF430C HP 12518 AC Switch Chassis\n - JF431A HP A12508 Switch Chassis\n - JF431B HP 12508 Switch Chassis\n - JF431C HP 12508 AC Switch Chassis\n - JG497A HP 12500 MPU w/Comware V7 OS\n - JG782A HP FF 12508E AC Switch Chassis\n - JG783A HP FF 12508E DC Switch Chassis\n - JG784A HP FF 12518E AC Switch Chassis\n - JG785A HP FF 12518E DC Switch Chassis\n - JG802A HP FF 12500E MPU\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 10500 (Comware 7) - Version: R7184\n * HP Network Products\n - JC611A HP 10508-V Switch Chassis\n - JC612A HP 10508 Switch Chassis\n - JC613A HP 10504 Switch Chassis\n - JC748A HP 10512 Switch Chassis\n - JG608A HP FlexFabric 11908-V Switch Chassis\n - JG609A HP FlexFabric 11900 Main Processing Unit\n - JG820A HP 10504 TAA Switch Chassis\n - JG821A HP 10508 TAA Switch Chassis\n - JG822A HP 10508-V TAA Switch Chassis\n - JG823A HP 10512 TAA Switch Chassis\n - JG496A HP 10500 Type A MPU w/Comware v7 OS\n - JH198A HP 10500 Type D Main Processing Unit with Comware v7 Operating\nSystem\n - JH206A HP 10500 Type D TAA-compliant with Comware v7 Operating System\nMain Processing Unit\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 5900/5920 (Comware 7) - Version: R2422P02\n * HP Network Products\n - JC772A HP 5900AF-48XG-4QSFP+ Switch\n - JG296A HP 5920AF-24XG Switch\n - JG336A HP 5900AF-48XGT-4QSFP+ Switch\n - JG510A HP 5900AF-48G-4XG-2QSFP+ Switch\n - JG554A HP 5900AF-48XG-4QSFP+ TAA Switch\n - JG555A HP 5920AF-24XG TAA Switch\n - JG838A HP FF 5900CP-48XG-4QSFP+ Switch\n - JH036A HP FlexFabric 5900CP 48XG 4QSFP+ TAA-Compliant\n - JH037A HP 5900AF 48XGT 4QSFP+ TAA-Compliant Switch\n - JH038A HP 5900AF 48G 4XG 2QSFP+ TAA-Compliant\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + MSR1000 (Comware 7) - Version: R0306P52\n * HP Network Products\n - JG875A HP MSR1002-4 AC Router\n - JH060A HP MSR1003-8S AC Router\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + MSR2000 (Comware 7) - Version: R0306P52\n * HP Network Products\n - JG411A HP MSR2003 AC Router\n - JG734A HP MSR2004-24 AC Router\n - JG735A HP MSR2004-48 Router\n - JG866A HP MSR2003 TAA-compliant AC Router\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + MSR3000 (Comware 7) - Version: R0306P52\n * HP Network Products\n - JG404A HP MSR3064 Router\n - JG405A HP MSR3044 Router\n - JG406A HP MSR3024 AC Router\n - JG407A HP MSR3024 DC Router\n - JG408A HP MSR3024 PoE Router\n - JG409A HP MSR3012 AC Router\n - JG410A HP MSR3012 DC Router\n - JG861A HP MSR3024 TAA-compliant AC Router\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + MSR4000 (Comware 7) - Version: R0306P52\n * HP Network Products\n - JG402A HP MSR4080 Router Chassis\n - JG403A HP MSR4060 Router Chassis\n - JG412A HP MSR4000 MPU-100 Main Processing Unit\n - JG869A HP MSR4000 TAA-compliant MPU-100 Main Processing Unit\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + VSR (Comware 7) - Version: E0324\n * HP Network Products\n - JG810AAE HP VSR1001 Virtual Services Router 60 Day Evaluation\nSoftware\n - JG811AAE HP VSR1001 Comware 7 Virtual Services Router\n - JG812AAE HP VSR1004 Comware 7 Virtual Services Router\n - JG813AAE HP VSR1008 Comware 7 Virtual Services Router\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 7900 (Comware 7) - Version: R2152\n * HP Network Products\n - JG682A HP FlexFabric 7904 Switch Chassis\n - JG841A HP FlexFabric 7910 Switch Chassis\n - JG842A HP FlexFabric 7910 7.2Tbps Fabric / Main Processing Unit\n - JH001A HP FlexFabric 7910 2.4Tbps Fabric / Main Processing Unit\n - JH122A HP FlexFabric 7904 TAA-compliant Switch Chassis\n - JH123A HP FlexFabric 7910 TAA-compliant Switch Chassis\n - JH124A HP FlexFabric 7910 7.2Tbps TAA-compliant Fabric/Main\nProcessing Unit\n - JH125A HP FlexFabric 7910 2.4Tbps TAA-compliant Fabric/Main\nProcessing Unit\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 5130 (Comware 7) - Version: R3115\n * HP Network Products\n - JG932A HP 5130-24G-4SFP+ EI Switch\n - JG933A HP 5130-24G-SFP-4SFP+ EI Switch\n - JG934A HP 5130-48G-4SFP+ EI Switch\n - JG936A HP 5130-24G-PoE+-4SFP+ (370W) EI Switch\n - JG937A HP 5130-48G-PoE+-4SFP+ (370W) EI Switch\n - JG938A HP 5130-24G-2SFP+-2XGT EI Switch\n - JG939A HP 5130-48G-2SFP+-2XGT EI Switch\n - JG940A HP 5130-24G-PoE+-2SFP+-2XGT (370W) EI Switch\n - JG941A HP 5130-48G-PoE+-2SFP+-2XGT (370W) EI Switch\n - JG975A HP 5130-24G-4SFP+ EI Brazil Switch\n - JG976A HP 5130-48G-4SFP+ EI Brazil Switch\n - JG977A HP 5130-24G-PoE+-4SFP+ (370W) EI Brazil Switch\n - JG978A HP 5130-48G-PoE+-4SFP+ (370W) EI Brazil Switch\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 6125XLG - Version: R2422P02\n * HP Network Products\n - 711307-B21 HP 6125XLG Blade Switch\n - 737230-B21 HP 6125XLG Blade Switch with TAA\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 6127XLG - Version: R2422P02\n * HP Network Products\n - 787635-B21 HP 6127XLG Blade Switch Opt Kit\n - 787635-B22 HP 6127XLG Blade Switch with TAA\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + Moonshot - Version: R2432\n * HP Network Products\n - 786617-B21 - HP Moonshot-45Gc Switch Module\n - 704654-B21 - HP Moonshot-45XGc Switch Module\n - 786619-B21 - HP Moonshot-180XGc Switch Module\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 5700 (Comware 7) - Version: R2422P02\n * HP Network Products\n - JG894A HP FlexFabric 5700-48G-4XG-2QSFP+ Switch\n - JG895A HP FlexFabric 5700-48G-4XG-2QSFP+ TAA-compliant Switch\n - JG896A HP FlexFabric 5700-40XG-2QSFP+ Switch\n - JG897A HP FlexFabric 5700-40XG-2QSFP+ TAA-compliant Switch\n - JG898A HP FlexFabric 5700-32XGT-8XG-2QSFP+ Switch\n - JG899A HP FlexFabric 5700-32XGT-8XG-2QSFP+ TAA-compliant Switch\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 5930 (Comware 7) - Version: R2422P02\n * HP Network Products\n - JG726A HP FlexFabric 5930 32QSFP+ Switch\n - JG727A HP FlexFabric 5930 32QSFP+ TAA-compliant Switch\n - JH178A HP FlexFabric 5930 2QSFP+ 2-slot Switch\n - JH179A HP FlexFabric 5930 4-slot Switch\n - JH187A HP FlexFabric 5930 2QSFP+ 2-slot TAA-compliant Switch\n - JH188A HP FlexFabric 5930 4-slot TAA-compliant Switch\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 1950 (Comware 7) - Version: R3115\n * HP Network Products\n - JG960A HP 1950-24G-4XG Switch\n - JG961A HP 1950-48G-2SFP+-2XGT Switch\n - JG962A HP 1950-24G-2SFP+-2XGT-PoE+(370W) Switch\n - JG963A HP 1950-48G-2SFP+-2XGT-PoE+(370W) Switch\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 7500 (Comware 7) - Version: R7184\n * HP Network Products\n - JD238C HP 7510 Switch Chassis\n - JD239C HP 7506 Switch Chassis\n - JD240C HP 7503 Switch Chassis\n - JD242C HP 7502 Switch Chassis\n - JH207A HP 7500 1.2Tbps Fabric with 2-port 40GbE QSFP+ for IRF-Only\nMain Processing Unit\n - JH208A HP 7502 Main Processing Unit\n - JH209A HP 7500 2.4Tbps Fabric with 8-port 1/10GbE SFP+ and 2-port\n40GbE QSFP+ Main Processing Unit\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 5510HI (Comware 7) - Version: R1120P10\n * HP Network Products\n - JH145A HPE 5510 24G 4SFP+ HI 1-slot Switch\n - JH146A HPE 5510 48G 4SFP+ HI 1-slot Switch\n - JH147A HPE 5510 24G PoE+ 4SFP+ HI 1-slot Switch\n - JH148A HPE 5510 48G PoE+ 4SFP+ HI 1-slot Switch\n - JH149A HPE 5510 24G SFP 4SFP+ HI 1-slot Switch\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 5130HI (Comware 7) - Version: R1120P10\n * HP Network Products\n - JH323A HPE 5130 24G 4SFP+ 1-slot HI Switch\n - JH324A HPE 5130 48G 4SFP+ 1-slot HI Switch\n - JH325A HPE 5130 24G PoE+ 4SFP+ 1-slot HI Switch\n - JH326A HPE 5130 48G PoE+ 4SFP+ 1-slot HI Switch\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 5940 - Version: R2509\n * HP Network Products\n - JH390A HPE FlexFabric 5940 48SFP+ 6QSFP28 Switch\n - JH391A HPE FlexFabric 5940 48XGT 6QSFP28 Switch\n - JH394A HPE FlexFabric 5940 48XGT 6QSFP+ Switch\n - JH395A HPE FlexFabric 5940 48SFP+ 6QSFP+ Switch\n - JH396A HPE FlexFabric 5940 32QSFP+ Switch\n - JH397A HPE FlexFabric 5940 2-slot Switch\n - JH398A HPE FlexFabric 5940 4-slot Switch\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 5950 - Version: R6123\n * HP Network Products\n - JH321A HPE FlexFabric 5950 32QSFP28 Switch\n - JH402A HPE FlexFabric 5950 48SFP28 8QSFP28 Switch\n - JH404A HPE FlexFabric 5950 4-slot Switch\n + 12900E (Comware 7) - Version: R2609\n * HP Network Products\n - JG619A HP FlexFabric 12910 Switch AC Chassis\n - JG621A HP FlexFabric 12910 Main Processing Unit\n - JG632A HP FlexFabric 12916 Switch AC Chassis\n - JG634A HP FlexFabric 12916 Main Processing Unit\n - JH104A HP FlexFabric 12900E Main Processing Unit\n - JH114A HP FlexFabric 12910 TAA-compliant Main Processing Unit\n - JH263A HP FlexFabric 12904E Main Processing Unit\n - JH255A HP FlexFabric 12908E Switch Chassis\n - JH262A HP FlexFabric 12904E Switch Chassis\n - JH113A HP FlexFabric 12910 TAA-compliant Switch AC Chassis\n - JH103A HP FlexFabric 12916E Switch Chassis\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n\n\n**iMC Products**\n\n + iNode PC 7.2 (E0410) - Version: 7.2 E0410\n * HP Network Products\n - JD144A HP A-IMC User Access Management Software Module with 200-user\nLicense\n - JD147A HP IMC Endpoint Admission Defense Software Module with\n200-user License\n - JD435A HP A-IMC Endpoint Admission Defense Client Software\n - JF388A HP IMC User Authentication Management Software Module with\n200-user License\n - JF388AAE HP IMC User Authentication Management Software Module with\n200-user E-LTU\n - JF391A HP IMC Endpoint Admission Defense Software Module with\n200-user License\n - JF391AAE HP IMC Endpoint Admission Defense Software Module with\n200-user E-LTU\n - JG752AAE HP IMC User Access Manager Software Module with 50-user\nE-LTU\n - JG754AAE) HP IMC Endpoint Admission Defense Software Module with\n50-user E-LTU\n * CVEs\n - CVE-2016-2106\n - CVE-2016-2109\n - CVE-2016-2176\n + iMC UAM_TAM 7.2-E0409 - Version: 7.2 E0409\n * HP Network Products\n - JF388A HP IMC UAM S/W MODULE W/200-USER LICENSE\n - JF388AAE HP IMC UAM S/W MODULE W/200-USER E-LTU\n - JG752AAE HP IMC UAM SW MOD W/ 50-USER E-LTU\n - JG483A HP IMC TAM S/W MODULE W/100-NODE LIC\n - JG483AAE HP IMC TAM S/W MODULE W/100-NODE E-LTU\n - JG764AAE HP IMC TAM SW MOD W/ 50-NODE E-LTU\n * CVEs\n - CVE-2016-2106\n - CVE-2016-2109\n - CVE-2016-2176\n\n\n**VCX Products**\n\n + VCX - Version: 9.8.19\n * HP Network Products\n - J9672A HP VCX V7205 Platform w/ DL360 G7 Srvr\n - J9668A HP VCX IPC V7005 Pltfrm w/ DL120 G6 Srvr\n - JC517A HP VCX V7205 Platform w/DL 360 G6 Server\n - JE355A HP VCX V6000 Branch Platform 9.0\n - JC516A HP VCX V7005 Platform w/DL 120 G6 Server\n - JC518A HP VCX Connect 200 Primry 120 G6 Server\n - J9669A HP VCX IPC V7310 Pltfrm w/ DL360 G7 Srvr\n - JE341A HP VCX Connect 100 Secondary\n - JE252A HP VCX Connect Primary MIM Module\n - JE253A HP VCX Connect Secondary MIM Module\n - JE254A HP VCX Branch MIM Module\n - JE355A HP VCX V6000 Branch Platform 9.0\n - JD028A HP MS30-40 RTR w/VCX + T1/FXO/FXS/Mod\n - JD023A HP MSR30-40 Router with VCX MIM Module\n - JD024A HP MSR30-16 RTR w/VCX Ent Br Com MIM\n - JD025A HP MSR30-16 RTR w/VCX + 4FXO/2FXS Mod\n - JD026A HP MSR30-16 RTR w/VCX + 8FXO/4FXS Mod\n - JD027A HP MSR30-16 RTR w/VCX + 8BRI/4FXS Mod\n - JD029A HP MSR30-16 RTR w/VCX + E1/4BRI/4FXS\n - JE340A HP VCX Connect 100 Pri Server 9.0\n - JE342A HP VCX Connect 100 Sec Server 9.0\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n\n**Note:** Please contact HPE Technical Support if any assistance is needed\nacquiring the software updates. \n\nHISTORY\nVersion:1 (rev.1) - 2 June 2017 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running Hewlett Packard Enterprise (HPE) software\nproducts should be applied in accordance with the customer\u0027s patch management\npolicy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HPE Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hpe.com. \n\nReport: To report a potential security vulnerability for any HPE supported\nproduct:\n Web form: https://www.hpe.com/info/report-security-vulnerability\n Email: security-alert@hpe.com\n\nSubscribe: To initiate a subscription to receive future HPE Security Bulletin\nalerts via Email: http://www.hpe.com/support/Subscriber_Choice\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here: http://www.hpe.com/support/Security_Bulletin_Archive\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HPE General Software\nHF = HPE Hardware and Firmware\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPV = ProCurve\nST = Storage Software\nUX = HP-UX\n\nCopyright 2016 Hewlett Packard Enterprise\n\nHewlett Packard Enterprise shall not be liable for technical or editorial\nerrors or omissions contained herein. The information provided is provided\n\"as is\" without warranty of any kind. To the extent permitted by law, neither\nHP or its affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. Hewlett\nPackard Enterprise and the names of Hewlett Packard Enterprise products\nreferenced herein are trademarks of Hewlett Packard Enterprise in the United\nStates and other countries. Other product and company names mentioned herein\nmay be trademarks of their respective owners. \nCorrected: 2016-05-03 18:54:20 UTC (stable/10, 10.3-STABLE)\n 2016-05-04 15:25:47 UTC (releng/10.3, 10.3-RELEASE-p2)\n 2016-05-04 15:26:23 UTC (releng/10.2, 10.2-RELEASE-p16)\n 2016-05-04 15:27:09 UTC (releng/10.1, 10.1-RELEASE-p33)\n 2016-05-04 06:53:02 UTC (stable/9, 9.3-STABLE)\n 2016-05-04 15:27:09 UTC (releng/9.3, 9.3-RELEASE-p41)\nCVE Name: CVE-2016-2105, CVE-2016-2106, CVE-2016-2107, CVE-2016-2109,\n CVE-2016-2176\n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit \u003cURL:https://security.FreeBSD.org/\u003e. Background\n\nFreeBSD includes software from the OpenSSL Project. \n\nII. [CVE-2016-2176]\nFreeBSD does not run on any EBCDIC systems and therefore is not affected. \n\nIII. \n\nIV. Workaround\n\nNo workaround is available. \n\nV. Solution\n\nPerform one of the following:\n\n1) Upgrade your vulnerable system to a supported FreeBSD stable or\nrelease / security branch (releng) dated after the correction date. \n\nRestart all daemons that use the library, or reboot the system. \n\n2) To update your vulnerable system via a binary patch:\n\nSystems running a RELEASE version of FreeBSD on the i386 or amd64\nplatforms can be updated via the freebsd-update(8) utility:\n\n# freebsd-update fetch\n# freebsd-update install\n\nRestart all daemons that use the library, or reboot the system. \n\n3) To update your vulnerable system via a source code patch:\n\nThe following patches have been verified to apply to the applicable\nFreeBSD release branches. \n\na) Download the relevant patch from the location below, and verify the\ndetached PGP signature using your PGP utility. \n\n[FreeBSD 10.x]\n# fetch https://security.FreeBSD.org/patches/SA-16:17/openssl-10.patch\n# fetch https://security.FreeBSD.org/patches/SA-16:17/openssl-10.patch.asc\n# gpg --verify openssl-10.patch.asc\n\n[FreeBSD 9.3]\n# fetch https://security.FreeBSD.org/patches/SA-16:17/openssl-9.patc\n# fetch https://security.FreeBSD.org/patches/SA-16:17/openssl-9.patch.asc\n# gpg --verify openssl-9.patch.asc\n\nb) Apply the patch. Execute the following commands as root:\n\n# cd /usr/src\n# patch \u003c /path/to/patch\n\nc) Recompile the operating system using buildworld and installworld as\ndescribed in \u003cURL:https://www.FreeBSD.org/handbook/makeworld.html\u003e. \n\nRestart all daemons that use the library, or reboot the system. \n\nVI. Correction details\n\nThe following list contains the correction revision numbers for each\naffected branch. \n\nBranch/path Revision\n- -------------------------------------------------------------------------\nstable/9/ r299053\nreleng/9.3/ r299068\nstable/10/ r298999\nreleng/10.1/ r299068\nreleng/10.2/ r299067\nreleng/10.3/ r299066\n- -------------------------------------------------------------------------\n\nTo see which files were modified by a particular revision, run the\nfollowing command, replacing NNNNNN with the revision number, on a\nmachine with Subversion installed:\n\n# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base\n\nOr visit the following URL, replacing NNNNNN with the revision number:\n\n\u003cURL:https://svnweb.freebsd.org/base?view=revision\u0026revision=NNNNNN\u003e\n\nVII. \n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201612-16\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: OpenSSL: Multiple vulnerabilities\n Date: December 07, 2016\n Bugs: #581234, #585142, #585276, #591454, #592068, #592074,\n #592082, #594500, #595186\n ID: 201612-16\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in OpenSSL, the worst of which\nallows attackers to conduct a time based side-channel attack. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 dev-libs/openssl \u003c 1.0.2j \u003e= 1.0.2j\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in OpenSSL. Please review\nthe CVE identifiers and the International Association for Cryptologic\nResearch\u0027s (IACR) paper, \"Make Sure DSA Signing Exponentiations Really\nare Constant-Time\" for further details. Additionally, a time based side-channel\nattack may allow a local attacker to recover a private DSA key. \n\nResolution\n==========\n\nAll OpenSSL users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-1.0.2j\"\n\nReferences\n==========\n\n[ 1 ] CVE-2016-2105\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2105\n[ 2 ] CVE-2016-2106\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2106\n[ 3 ] CVE-2016-2107\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2107\n[ 4 ] CVE-2016-2108\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2108\n[ 5 ] CVE-2016-2109\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2109\n[ 6 ] CVE-2016-2176\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2176\n[ 7 ] CVE-2016-2177\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2177\n[ 8 ] CVE-2016-2178\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2178\n[ 9 ] CVE-2016-2180\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2180\n[ 10 ] CVE-2016-2183\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2183\n[ 11 ] CVE-2016-6304\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6304\n[ 12 ] CVE-2016-6305\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6305\n[ 13 ] CVE-2016-6306\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6306\n[ 14 ] CVE-2016-7052\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7052\n[ 15 ] Make Sure DSA Signing Exponentiations Really are Constant-Time\n http://eprint.iacr.org/2016/594.pdf\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201612-16\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. \n\nLicense\n=======\n\nCopyright 2016 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: openssl security update\nAdvisory ID: RHSA-2016:0722-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2016-0722.html\nIssue date: 2016-05-09\nCVE Names: CVE-2016-0799 CVE-2016-2105 CVE-2016-2106 \n CVE-2016-2107 CVE-2016-2108 CVE-2016-2109 \n CVE-2016-2842 \n=====================================================================\n\n1. Summary:\n\nAn update for openssl is now available for Red Hat Enterprise Linux 7. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - x86_64\n\n3. Description:\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and\nTransport Layer Security (TLS) protocols, as well as a full-strength\ngeneral-purpose cryptography library. \n\nSecurity Fix(es):\n\n* A flaw was found in the way OpenSSL encoded certain ASN.1 data\nstructures. An attacker could use this flaw to create a specially crafted\ncertificate which, when verified or re-encoded by OpenSSL, could cause it\nto crash, or execute arbitrary code using the permissions of the user\nrunning an application compiled against the OpenSSL library. A remote attacker could use these\nflaws to crash an application using OpenSSL or, possibly, execute arbitrary\ncode with the permissions of the user running that application. \n(CVE-2016-2105, CVE-2016-2106)\n\n* It was discovered that OpenSSL leaked timing information when decrypting\nTLS/SSL and DTLS protocol encrypted records when the connection used the\nAES CBC cipher suite and the server supported AES-NI. A remote attacker\ncould possibly use this flaw to retrieve plain text from encrypted packets\nby using a TLS/SSL or DTLS server as a padding oracle. \n(CVE-2016-0799, CVE-2016-2842)\n\n* A denial of service flaw was found in the way OpenSSL parsed certain\nASN.1-encoded data from BIO (OpenSSL\u0027s I/O abstraction) inputs. (CVE-2016-2109)\n\nRed Hat would like to thank the OpenSSL project for reporting\nCVE-2016-2108, CVE-2016-2842, CVE-2016-2105, CVE-2016-2106, CVE-2016-2107,\nand CVE-2016-0799. Upstream acknowledges Huzaifa Sidhpurwala (Red Hat),\nHanno B\u00f6ck, and David Benjamin (Google) as the original reporters of\nCVE-2016-2108; Guido Vranken as the original reporter of CVE-2016-2842,\nCVE-2016-2105, CVE-2016-2106, and CVE-2016-0799; and Juraj Somorovsky as\nthe original reporter of CVE-2016-2107. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library\nmust be restarted, or the system rebooted. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1312219 - CVE-2016-0799 OpenSSL: Fix memory issues in BIO_*printf functions\n1314757 - CVE-2016-2842 openssl: doapr_outch function does not verify that certain memory allocation succeeds\n1330101 - CVE-2016-2109 openssl: ASN.1 BIO handling of large amounts of data\n1331402 - CVE-2016-2108 openssl: Memory corruption in the ASN.1 encoder\n1331426 - CVE-2016-2107 openssl: Padding oracle in AES-NI CBC MAC check\n1331441 - CVE-2016-2105 openssl: EVP_EncodeUpdate overflow\n1331536 - CVE-2016-2106 openssl: EVP_EncryptUpdate overflow\n\n6. Package List:\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nopenssl-1.0.1e-51.el7_2.5.src.rpm\n\nx86_64:\nopenssl-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-libs-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-libs-1.0.1e-51.el7_2.5.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-devel-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-devel-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-perl-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-static-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-static-1.0.1e-51.el7_2.5.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nopenssl-1.0.1e-51.el7_2.5.src.rpm\n\nx86_64:\nopenssl-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-libs-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-libs-1.0.1e-51.el7_2.5.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-devel-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-devel-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-perl-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-static-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-static-1.0.1e-51.el7_2.5.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nopenssl-1.0.1e-51.el7_2.5.src.rpm\n\nppc64:\nopenssl-1.0.1e-51.el7_2.5.ppc64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.ppc.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.ppc64.rpm\nopenssl-devel-1.0.1e-51.el7_2.5.ppc.rpm\nopenssl-devel-1.0.1e-51.el7_2.5.ppc64.rpm\nopenssl-libs-1.0.1e-51.el7_2.5.ppc.rpm\nopenssl-libs-1.0.1e-51.el7_2.5.ppc64.rpm\n\nppc64le:\nopenssl-1.0.1e-51.el7_2.5.ppc64le.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.ppc64le.rpm\nopenssl-devel-1.0.1e-51.el7_2.5.ppc64le.rpm\nopenssl-libs-1.0.1e-51.el7_2.5.ppc64le.rpm\n\ns390x:\nopenssl-1.0.1e-51.el7_2.5.s390x.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.s390.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.s390x.rpm\nopenssl-devel-1.0.1e-51.el7_2.5.s390.rpm\nopenssl-devel-1.0.1e-51.el7_2.5.s390x.rpm\nopenssl-libs-1.0.1e-51.el7_2.5.s390.rpm\nopenssl-libs-1.0.1e-51.el7_2.5.s390x.rpm\n\nx86_64:\nopenssl-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-devel-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-devel-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-libs-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-libs-1.0.1e-51.el7_2.5.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64:\nopenssl-debuginfo-1.0.1e-51.el7_2.5.ppc.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.ppc64.rpm\nopenssl-perl-1.0.1e-51.el7_2.5.ppc64.rpm\nopenssl-static-1.0.1e-51.el7_2.5.ppc.rpm\nopenssl-static-1.0.1e-51.el7_2.5.ppc64.rpm\n\nppc64le:\nopenssl-debuginfo-1.0.1e-51.el7_2.5.ppc64le.rpm\nopenssl-perl-1.0.1e-51.el7_2.5.ppc64le.rpm\nopenssl-static-1.0.1e-51.el7_2.5.ppc64le.rpm\n\ns390x:\nopenssl-debuginfo-1.0.1e-51.el7_2.5.s390.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.s390x.rpm\nopenssl-perl-1.0.1e-51.el7_2.5.s390x.rpm\nopenssl-static-1.0.1e-51.el7_2.5.s390.rpm\nopenssl-static-1.0.1e-51.el7_2.5.s390x.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-perl-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-static-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-static-1.0.1e-51.el7_2.5.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nopenssl-1.0.1e-51.el7_2.5.src.rpm\n\nx86_64:\nopenssl-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-devel-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-devel-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-libs-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-libs-1.0.1e-51.el7_2.5.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-perl-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-static-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-static-1.0.1e-51.el7_2.5.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2016-0799\nhttps://access.redhat.com/security/cve/CVE-2016-2105\nhttps://access.redhat.com/security/cve/CVE-2016-2106\nhttps://access.redhat.com/security/cve/CVE-2016-2107\nhttps://access.redhat.com/security/cve/CVE-2016-2108\nhttps://access.redhat.com/security/cve/CVE-2016-2109\nhttps://access.redhat.com/security/cve/CVE-2016-2842\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFXMFlTXlSAg2UNWIIRAhYAAJ0T9Ib2vXUa5te34i6fphHrbe0HlwCfePy5\nWjaK8x9OaI0FgbWyfxvwq6o=\n=jHjh\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce. This could lead to a heap corruption. \n This could lead to a heap corruption. \n\nCVE-2016-2108\n\n David Benjamin from Google discovered that two separate bugs in the\n ASN.1 encoder, related to handling of negative zero integer values\n and large universal tags, could lead to an out-of-bounds write. \n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.0.2h-1. \n\nA security vulnerability in QEMU was addressed by HPE Helion OpenStack. The\nvulnerability could be exploited resulting in local unauthorized data access. \n\nReferences:\n\nCVE-2016-2108\nCVE-2016-2107\nCVE-2016-3710\nPSRT110142\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\nAPPLE-SA-2016-07-18-1 OS X El Capitan v10.11.6 and Security Update\n2016-004\n\nOS X El Capitan v10.11.6 and Security Update 2016-004 is now\navailable and addresses the following:\n\napache_mod_php\nAvailable for: \nOS X Yosemite v10.10.5 and OS X El Capitan v10.11 and later\nImpact: A remote attacker may be able to execute arbitrary code\nDescription: Multiple issues existed in PHP versions prior to\n5.5.36. These were addressed by updating PHP to version 5.5.36. \nCVE-2016-4650\n\nAudio\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed through\nimproved memory handling. \nCVE-2016-4647 : Juwei Lin (@fuzzerDOTcn) of Trend Micro\n\nAudio\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to determine kernel memory layout\nDescription: An out-of-bounds read was addressed through improved\ninput validation. \nCVE-2016-4648 : Juwei Lin(@fuzzerDOTcn) of Trend Micro\n\nAudio\nAvailable for: OS X El Capitan v10.11 and later\nImpact: Parsing a maliciously crafted audio file may lead to the\ndisclosure of user information\nDescription: An out-of-bounds read was addressed through improved\nbounds checking. \nCVE-2016-4646 : Steven Seeley of Source Incite working with Trend\nMicro\u0027s Zero Day Initiative\n\nAudio\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to cause a system denial of service\nDescription: A null pointer dereference was addressed through\nimproved input validation. \nCVE-2016-4649 : Juwei Lin(@fuzzerDOTcn) of Trend Micro\n\nbsdiff\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local attacker may be able to cause unexpected application\ntermination or arbitrary code execution\nDescription: An integer overflow existed in bspatch. This issue was\naddressed through improved bounds checking. \nCVE-2014-9862 : an anonymous researcher\n\nCFNetwork\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to view sensitive user information\nDescription: A permissions issue existed in the handling of web\nbrowser cookies. This issue was addressed through improved\nrestrictions. \nCVE-2016-4645 : Abhinav Bansal of Zscaler Inc. \n\nCoreGraphics\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nand OS X El Capitan v10.11 and later\nImpact: A remote attacker may be able to execute arbitrary code\nDescription: A memory corruption issue was addressed through\nimproved memory handling. \nCVE-2016-4637 : Tyler Bohan of Cisco Talos (talosintel.com\n/vulnerability-reports)\n\nCoreGraphics\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to elevate privileges\nDescription: An out-of-bounds read issue existed that led to the\ndisclosure of kernel memory. This was addressed through improved\ninput validation. \nCVE-2016-4652 : Yubin Fu of Tencent KeenLab working with Trend\nMicro\u0027s Zero Day Initiative\n\nFaceTime\nAvailable for: OS X El Capitan v10.11 and later\nImpact: An attacker in a privileged network position may be able to\ncause a relayed call to continue transmitting audio while appearing\nas if the call terminated\nDescription: User interface inconsistencies existed in the handling\nof relayed calls. These issues were addressed through improved\nFaceTime display logic. \nCVE-2016-4635 : Martin Vigo\n\nGraphics Drivers\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed through\nimproved input validation. \nCVE-2016-4634 : Stefan Esser of SektionEins\n\nImageIO\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A remote attacker may be able to cause a denial of service\nDescription: A memory consumption issue was addressed through\nimproved memory handling. \nCVE-2016-4632 : Evgeny Sidorov of Yandex\n\nImageIO\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A remote attacker may be able to execute arbitrary code\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-4631 : Tyler Bohan of Cisco Talos (talosintel.com\n/vulnerability-reports)\n\nImageIO\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nand OS X El Capitan v10.11 and later\nImpact: A remote attacker may be able to execute arbitrary code\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-4629 : Tyler Bohan of Cisco Talos (talosintel.com\n/vulnerability-reports)\nCVE-2016-4630 : Tyler Bohan of Cisco Talos (talosintel.com\n/vulnerability-reports)\n\nIntel Graphics Driver\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A malicious application may be able to execute arbitrary\ncode with kernel privileges\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-4633 : an anonymous researcher\n\nIOHIDFamily\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: A null pointer dereference was addressed through\nimproved input validation. \nCVE-2016-4626 : Stefan Esser of SektionEins\n\nIOSurface\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: A use-after-free was addressed through improved memory\nmanagement. \nCVE-2016-4625 : Ian Beer of Google Project Zero\n\nKernel\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-1863 : Ian Beer of Google Project Zero\nCVE-2016-1864 : Ju Zhu of Trend Micro\nCVE-2016-4582 : Shrek_wzw and Proteas of Qihoo 360 Nirvan Team\n\nKernel\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to cause a system denial of service\nDescription: A null pointer dereference was addressed through\nimproved input validation. \nCVE-2016-1865 : CESG, Marco Grassi (@marcograss) of KeenLab\n(@keen_lab), Tencent\n\nlibc++abi\nAvailable for: OS X El Capitan v10.11 and later\nImpact: An application may be able to execute arbitrary code with\nroot privileges\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-4621 : an anonymous researcher\n\nlibexpat\nAvailable for: OS X El Capitan v10.11 and later\nImpact: Processing maliciously crafted XML may lead to unexpected\napplication termination or arbitrary code execution\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-0718 : Gustavo Grieco\n\nLibreSSL\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A remote attacker may be able to execute arbitrary code\nDescription: Multiple issues existed in LibreSSL before 2.2.7. These\nwere addressed by updating LibreSSL to version 2.2.7. \nCVE-2016-2108 : Huzaifa Sidhpurwala (Red Hat), Hanno Boeck, David Benjamin (Google) Mark Brand,\nIan Beer of Google Project Zero\nCVE-2016-2109 : Brian Carpenter\n\nlibxml2\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nand OS X El Capitan v10.11 and later\nImpact: Parsing a maliciously crafted XML document may lead to\ndisclosure of user information\nDescription: An access issue existed in the parsing of maliciously\ncrafted XML files. This issue was addressed through improved input\nvalidation. \nCVE-2016-4449 : Kostya Serebryany\n\nlibxml2\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nand OS X El Capitan v10.11 and later\nImpact: Multiple vulnerabilities in libxml2\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-1836 : Wei Lei and Liu Yang of Nanyang Technological\nUniversity\nCVE-2016-4447 : Wei Lei and Liu Yang of Nanyang Technological\nUniversity\nCVE-2016-4448 : Apple\nCVE-2016-4483 : Gustavo Grieco\nCVE-2016-4614 : Nick Wellnhofe\nCVE-2016-4615 : Nick Wellnhofer\nCVE-2016-4616 : Michael Paddon\nCVE-2016-4619 : Hanno Boeck\n\nlibxslt\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nand OS X El Capitan v10.11 and later\nImpact: Multiple vulnerabilities in libxslt\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-1684 : Nicolas GrA(c)goire\nCVE-2016-4607 : Nick Wellnhofer\nCVE-2016-4608 : Nicolas GrA(c)goire\nCVE-2016-4609 : Nick Wellnhofer\nCVE-2016-4610 : Nick Wellnhofer\nCVE-2016-4612 : Nicolas GrA(c)goire\n\nLogin Window\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A malicious application may be able to execute arbitrary\ncode leading to compromise of user information\nDescription: A memory corruption issue was addressed through\nimproved input validation. \nCVE-2016-4640 : Yubin Fu of Tencent KeenLab working with Trend\nMicro\u0027s Zero Day Initiative\n\nLogin Window\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A malicious application may be able to execute arbitrary\ncode leading to the compromise of user information\nDescription: A type confusion issue was addressed through improved\nmemory handling. \nCVE-2016-4641 : Yubin Fu of Tencent KeenLab working with Trend\nMicro\u0027s Zero Day Initiative\n\nLogin Window\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to cause a denial of service\nDescription: A memory initialization issue was addressed through\nimproved memory handling. \nCVE-2016-4639 : Yubin Fu of Tencent KeenLab working with Trend\nMicro\u0027s Zero Day Initiative\n\nLogin Window\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A malicious application may be able to gain root privileges\nDescription: A type confusion issue was addressed through improved\nmemory handling. \nCVE-2016-4638 : Yubin Fu of Tencent KeenLab working with Trend\nMicro\u0027s Zero Day Initiative\n\nOpenSSL\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A remote attacker may be able to execute arbitrary code\nDescription: Multiple issues existed in OpenSSL. \nCVE-2016-2105 : Guido Vranken\nCVE-2016-2106 : Guido Vranken\nCVE-2016-2107 : Juraj Somorovsky\nCVE-2016-2108 : Huzaifa Sidhpurwala (Red Hat), Hanno Boeck, David Benjamin (Google), Mark Brand and Ian Beer of Google Project Zero\nCVE-2016-2109 : Brian Carpenter\nCVE-2016-2176 : Guido Vranken\n\nQuickTime\nAvailable for: OS X El Capitan v10.11 and later\nImpact: Processing a maliciously crafted FlashPix Bitmap Image may\nlead to unexpected application termination or arbitrary code\nexecution\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-4596 : Ke Liu of Tencent\u0027s Xuanwu Lab\nCVE-2016-4597 : Ke Liu of Tencent\u0027s Xuanwu Lab\nCVE-2016-4600 : Ke Liu of Tencent\u0027s Xuanwu Lab\nCVE-2016-4602 : Ke Liu of Tencent\u0027s Xuanwu Lab\n\nQuickTime\nAvailable for: OS X El Capitan v10.11 and later\nImpact: Processing a maliciously crafted image may lead to arbitrary\ncode execution\nDescription: A memory corruption issue was addressed through\nimproved input validation. \nCVE-2016-4598 : Ke Liu of Tencent\u0027s Xuanwu Lab\n\nQuickTime\nAvailable for: OS X El Capitan v10.11 and later\nImpact: Processing a maliciously crafted SGI file may lead to\narbitrary code execution\nDescription: A memory corruption issue was addressed through\nimproved input validation. \nCVE-2016-4601 : Ke Liu of Tencent\u0027s Xuanwu Lab\n\nQuickTime\nAvailable for: OS X El Capitan v10.11 and later\nImpact: Processing a maliciously crafted Photoshop document may lead\nto unexpected application termination or arbitrary code execution\nDescription: A memory corruption issue was addressed through\nimproved input validation. \nCVE-2016-4599 : Ke Liu of Tencent\u0027s Xuanwu Lab\n\nSafari Login AutoFill\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A user\u0027s password may be visible on screen\nDescription: An issue existed in Safari\u0027s password auto-fill. This\nissue was addressed through improved matching of form fields. \nCVE-2016-4595 : Jonathan Lewis from DeARX Services (PTY) LTD\n\nSandbox Profiles\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local application may be able to access the process list\nDescription: An access issue existed with privileged API calls. This\nissue was addressed through additional restrictions. \nCVE-2016-4594 : Stefan Esser of SektionEins\n\nNote: OS X El Capitan 10.11.6 includes the security content of Safari\n9.1.2. For further details see https://support.apple.com/kb/HT206900\n\n\nOS X El Capitan v10.11.6 and Security Update 2016-004 may be obtained\nfrom the Mac App Store or Apple\u0027s Software Downloads web site:\nhttp://www.apple.com/support/downloads/\n\nInformation will also be posted to the Apple Security Updates\nweb site: http://support.apple.com/kb/HT201222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n-----BEGIN PGP SIGNATURE-----\nComment: GPGTools - https://gpgtools.org\n\niQIcBAEBCgAGBQJXjXAvAAoJEIOj74w0bLRG/5EP/2v9SJTrO+/4b3A1gqC1ch8y\n+cJ04tXRsO7rvjKT5nCylo30U0Sanz/bUbDx4559YS7/P/IyeyZVheaTJwK8wzEy\npSOPpy35hUuVIw0/p4YsuHDThSBPFMmDljTxH7elkfuBV1lPSrCkyDXc0re2HxWV\nxj68zAxtM0jkkhgcxb2ApZSZVXhrjUZtbY0xEVOoWKKFwbMvKfx+4xSqunwQeS1u\nwevs1EbxfvsZbc3pG+xYcOonbegBzOy9aCvNO1Yv1zG+AYXC5ERMq1vk3PsWOTQN\nZVY1I7mvCaEfvmjq2isRw8XYapAIKISDLwMKBSYrZDQFwPQLRi1VXxQZ67Kq1M3k\nah04/lr0RIcoosIcBqxD2+1UAFjUzEUNFkYivjhuaeegN2QdL7Ujegf1QjdAt8lk\nmmKduxYUDOaRX50Kw7n14ZveJqzE1D5I6QSItaZ9M1vR60a7u91DSj9D87vbt1YC\nJM/Rvf/4vonp1NjwA2JQwCiZfYliBDdn9iiCl8mzxdsSRD/wXcZCs05nnKmKsCfc\n55ET7IwdG3622lVheOJGQZuucwJiTn36zC11XVzZysQd/hLD5rUKUQNX1WOgZdzs\nxPsslXF5MWx9jcdyWVSWxDrN0sFk+GpQFQDuVozP60xuxqR3qQ0TXir2NP39uIF5\nYozOGPQFmX0OviWCQsX6\n=ng+m\n-----END PGP SIGNATURE-----\n. Description:\n\nThis release of Red Hat JBoss Core Services httpd 2.4.23 serves as a\nreplacement for JBoss Core Services Apache HTTP Server 2.4.6. (CVE-2014-8176,\nCVE-2015-0209, CVE-2015-0286, CVE-2015-3194, CVE-2015-3195, CVE-2015-3196,\nCVE-2015-3216, CVE-2016-0702, CVE-2016-0705, CVE-2016-0797, CVE-2016-0799,\nCVE-2016-2105, CVE-2016-2106, CVE-2016-2107, CVE-2016-2108, CVE-2016-2109,\nCVE-2016-2177, CVE-2016-2178, CVE-2016-2842)\n\n* This update fixes several flaws in libxml2. (CVE-2016-1762,\nCVE-2016-1833, CVE-2016-1834, CVE-2016-1835, CVE-2016-1836, CVE-2016-1837,\nCVE-2016-1838, CVE-2016-1839, CVE-2016-1840, CVE-2016-3627, CVE-2016-3705,\nCVE-2016-4447, CVE-2016-4448, CVE-2016-4449, CVE-2016-4483)\n\n* This update fixes three flaws in curl. (CVE-2016-5419, CVE-2016-5420,\nCVE-2016-7141)\n\n* This update fixes two flaws in httpd. (CVE-2014-3523, CVE-2015-3185)\n\n* This update fixes two flaws in mod_cluster. (CVE-2016-4459,\nCVE-2016-8612)\n\n* A buffer overflow flaw when concatenating virtual host names and URIs was\nfixed in mod_jk. (CVE-2016-6808)\n\n* A memory leak flaw was fixed in expat. \n\nSee the corresponding CVE pages linked to in the References section for\nmore information about each of the flaws listed in this advisory. Solution:\n\nThe References section of this erratum contains a download link (you must\nlog in to download the update). Before applying the update, back up your\nexisting Red Hat JBoss Web Server installation (including all applications\nand configuration files). \n\nAfter installing the updated packages, the httpd daemon will be restarted\nautomatically. JIRA issues fixed (https://issues.jboss.org/):\n\nJBCS-50 - CVE-2012-1148 CVE-2012-0876 expat: various flaws [jbews-3.0.0]\nJBCS-95 - CVE-2014-3523 httpd: WinNT MPM denial of service\n\n6. OpenSSL Security Advisory [3rd May 2016]\n========================================\n\nMemory corruption in the ASN.1 encoder (CVE-2016-2108)\n======================================================\n\nSeverity: High\n\nThis issue affected versions of OpenSSL prior to April 2015. The bug\ncausing the vulnerability was fixed on April 18th 2015, and released\nas part of the June 11th 2015 security releases. The security impact\nof the bug was not known at the time. \n\nIn previous versions of OpenSSL, ASN.1 encoding the value zero\nrepresented as a negative integer can cause a buffer underflow\nwith an out-of-bounds write in i2c_ASN1_INTEGER. The ASN.1 parser does\nnot normally create \"negative zeroes\" when parsing ASN.1 input, and\ntherefore, an attacker cannot trigger this bug. \n\nHowever, a second, independent bug revealed that the ASN.1 parser\n(specifically, d2i_ASN1_TYPE) can misinterpret a large universal tag\nas a negative zero value. Large universal tags are not present in any\ncommon ASN.1 structures (such as X509) but are accepted as part of ANY\nstructures. \n\nTherefore, if an application deserializes untrusted ASN.1 structures\ncontaining an ANY field, and later reserializes them, an attacker may\nbe able to trigger an out-of-bounds write. This has been shown to\ncause memory corruption that is potentially exploitable with some\nmalloc implementations. \n\nApplications that parse and re-encode X509 certificates are known to\nbe vulnerable. Applications that verify RSA signatures on X509\ncertificates may also be vulnerable; however, only certificates with\nvalid signatures trigger ASN.1 re-encoding and hence the\nbug. Specifically, since OpenSSL\u0027s default TLS X509 chain verification\ncode verifies the certificate chain from root to leaf, TLS handshakes\ncould only be targeted with valid certificates issued by trusted\nCertification Authorities. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2c\nOpenSSL 1.0.1 users should upgrade to 1.0.1o\n\nThis vulnerability is a combination of two bugs, neither of which\nindividually has security impact. The first bug (mishandling of\nnegative zero integers) was reported to OpenSSL by Huzaifa Sidhpurwala\n(Red Hat) and independently by Hanno B\u00f6ck in April 2015. The second\nissue (mishandling of large universal tags) was found using libFuzzer,\nand reported on the public issue tracker on March 1st 2016. The fact\nthat these two issues combined present a security vulnerability was\nreported by David Benjamin (Google) on March 31st 2016. The fixes were\ndeveloped by Steve Henson of the OpenSSL development team, and David\nBenjamin. The OpenSSL team would also like to thank Mark Brand and\nIan Beer from the Google Project Zero team for their careful analysis\nof the impact. \n\nThe fix for the \"negative zero\" memory corruption bug can be\nidentified by commits\n\n3661bb4e7934668bd99ca777ea8b30eedfafa871 (1.0.2)\nand\n32d3b0f52f77ce86d53f38685336668d47c5bdfe (1.0.1)\n\nPadding oracle in AES-NI CBC MAC check (CVE-2016-2107)\n======================================================\n\nSeverity: High\n\nA MITM attacker can use a padding oracle attack to decrypt traffic\nwhen the connection uses an AES CBC cipher and the server support\nAES-NI. \n\nThis issue was introduced as part of the fix for Lucky 13 padding\nattack (CVE-2013-0169). The padding check was rewritten to be in\nconstant time by making sure that always the same bytes are read and\ncompared against either the MAC or padding bytes. But it no longer\nchecked that there was enough data to have both the MAC and padding\nbytes. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2h\nOpenSSL 1.0.1 users should upgrade to 1.0.1t\n\nThis issue was reported to OpenSSL on 13th of April 2016 by Juraj\nSomorovsky using TLS-Attacker. The fix was developed by Kurt Roeckx\nof the OpenSSL development team. \n\nEVP_EncodeUpdate overflow (CVE-2016-2105)\n=========================================\n\nSeverity: Low\n\nAn overflow can occur in the EVP_EncodeUpdate() function which is used for\nBase64 encoding of binary data. If an attacker is able to supply very large\namounts of input data then a length check can overflow resulting in a heap\ncorruption. \n\nInternally to OpenSSL the EVP_EncodeUpdate() function is primarly used by the\nPEM_write_bio* family of functions. These are mainly used within the OpenSSL\ncommand line applications. These internal uses are not considered vulnerable\nbecause all calls are bounded with length checks so no overflow is possible. \nUser applications that call these APIs directly with large amounts of untrusted\ndata may be vulnerable. (Note: Initial analysis suggested that the\nPEM_write_bio* were vulnerable, and this is reflected in the patch commit\nmessage. This is no longer believed to be the case). \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2h\nOpenSSL 1.0.1 users should upgrade to 1.0.1t\n\nThis issue was reported to OpenSSL on 3rd March 2016 by Guido Vranken. The\nfix was developed by Matt Caswell of the OpenSSL development team. \n\nEVP_EncryptUpdate overflow (CVE-2016-2106)\n==========================================\n\nSeverity: Low\n\nAn overflow can occur in the EVP_EncryptUpdate() function. If an attacker is\nable to supply very large amounts of input data after a previous call to\nEVP_EncryptUpdate() with a partial block then a length check can overflow\nresulting in a heap corruption. Following an analysis of all OpenSSL internal\nusage of the EVP_EncryptUpdate() function all usage is one of two forms. \nThe first form is where the EVP_EncryptUpdate() call is known to be the first\ncalled function after an EVP_EncryptInit(), and therefore that specific call\nmust be safe. The second form is where the length passed to EVP_EncryptUpdate()\ncan be seen from the code to be some small value and therefore there is no\npossibility of an overflow. Since all instances are one of these two forms, it\nis believed that there can be no overflows in internal code due to this problem. \nIt should be noted that EVP_DecryptUpdate() can call EVP_EncryptUpdate() in\ncertain code paths. Also EVP_CipherUpdate() is a synonym for\nEVP_EncryptUpdate(). All instances of these calls have also been analysed too\nand it is believed there are no instances in internal usage where an overflow\ncould occur. \n\nThis could still represent a security issue for end user code that calls this\nfunction directly. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2h\nOpenSSL 1.0.1 users should upgrade to 1.0.1t\n\nThis issue was reported to OpenSSL on 3rd March 2016 by Guido Vranken. The\nfix was developed by Matt Caswell of the OpenSSL development team. \n\nASN.1 BIO excessive memory allocation (CVE-2016-2109)\n=====================================================\n\nSeverity: Low\n\nWhen ASN.1 data is read from a BIO using functions such as d2i_CMS_bio()\na short invalid encoding can casuse allocation of large amounts of memory\npotentially consuming excessive resources or exhausting memory. \n\nAny application parsing untrusted data through d2i BIO functions is affected. \nThe memory based functions such as d2i_X509() are *not* affected. Since the\nmemory based functions are used by the TLS library, TLS applications are not\naffected. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2h\nOpenSSL 1.0.1 users should upgrade to 1.0.1t\n\nThis issue was reported to OpenSSL on 4th April 2016 by Brian Carpenter. \nThe fix was developed by Stephen Henson of the OpenSSL development team. \n\nEBCDIC overread (CVE-2016-2176)\n===============================\n\nSeverity: Low\n\nASN1 Strings that are over 1024 bytes can cause an overread in applications\nusing the X509_NAME_oneline() function on EBCDIC systems. This could result in\narbitrary stack data being returned in the buffer. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2h\nOpenSSL 1.0.1 users should upgrade to 1.0.1t\n\nThis issue was reported to OpenSSL on 5th March 2016 by Guido Vranken. The\nfix was developed by Matt Caswell of the OpenSSL development team. \n\nNote\n====\n\nAs per our previous announcements and our Release Strategy\n(https://www.openssl.org/policies/releasestrat.html), support for OpenSSL\nversion 1.0.1 will cease on 31st December 2016. No security updates for that\nversion will be provided after that date. Users of 1.0.1 are advised to\nupgrade. \n\nSupport for versions 0.9.8 and 1.0.0 ended on 31st December 2015. Those\nversions are no longer receiving security updates. \n\nReferences\n==========\n\nURL for this Security Advisory:\nhttps://www.openssl.org/news/secadv/20160503.txt\n\nNote: the online version of the advisory may be updated with additional details\nover time. \n\nFor details of OpenSSL severity classifications please see:\nhttps://www.openssl.org/policies/secpolicy.html\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-2107"
},
{
"db": "BID",
"id": "89760"
},
{
"db": "VULMON",
"id": "CVE-2016-2107"
},
{
"db": "PACKETSTORM",
"id": "142803"
},
{
"db": "PACKETSTORM",
"id": "136919"
},
{
"db": "PACKETSTORM",
"id": "140056"
},
{
"db": "PACKETSTORM",
"id": "136937"
},
{
"db": "PACKETSTORM",
"id": "136893"
},
{
"db": "PACKETSTORM",
"id": "137353"
},
{
"db": "PACKETSTORM",
"id": "137958"
},
{
"db": "PACKETSTORM",
"id": "140182"
},
{
"db": "PACKETSTORM",
"id": "169652"
}
],
"trust": 2.07
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=39768",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-2107"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-2107",
"trust": 2.9
},
{
"db": "BID",
"id": "89760",
"trust": 1.9
},
{
"db": "PACKETSTORM",
"id": "136912",
"trust": 1.6
},
{
"db": "SIEMENS",
"id": "SSA-412672",
"trust": 1.6
},
{
"db": "JUNIPER",
"id": "JSA10759",
"trust": 1.6
},
{
"db": "EXPLOIT-DB",
"id": "39768",
"trust": 1.6
},
{
"db": "BID",
"id": "91787",
"trust": 1.6
},
{
"db": "TENABLE",
"id": "TNS-2016-18",
"trust": 1.6
},
{
"db": "MCAFEE",
"id": "SB10160",
"trust": 1.6
},
{
"db": "SECTRACK",
"id": "1035721",
"trust": 1.6
},
{
"db": "PULSESECURE",
"id": "SA40202",
"trust": 1.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.0696",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.2148",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201605-080",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2016-2107",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "142803",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136919",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "140056",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136937",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136893",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "137353",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "137958",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "140182",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169652",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-2107"
},
{
"db": "BID",
"id": "89760"
},
{
"db": "PACKETSTORM",
"id": "142803"
},
{
"db": "PACKETSTORM",
"id": "136919"
},
{
"db": "PACKETSTORM",
"id": "140056"
},
{
"db": "PACKETSTORM",
"id": "136937"
},
{
"db": "PACKETSTORM",
"id": "136893"
},
{
"db": "PACKETSTORM",
"id": "137353"
},
{
"db": "PACKETSTORM",
"id": "137958"
},
{
"db": "PACKETSTORM",
"id": "140182"
},
{
"db": "PACKETSTORM",
"id": "169652"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-080"
},
{
"db": "NVD",
"id": "CVE-2016-2107"
}
]
},
"id": "VAR-201605-0077",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.43052093714285716
},
"last_update_date": "2024-07-22T22:40:18.127000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "OpenSSL AES-NI Remedial measures to achieve security vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=61405"
},
{
"title": "Red Hat: Important: openssl security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20162073 - security advisory"
},
{
"title": "Red Hat: CVE-2016-2107",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2016-2107"
},
{
"title": "Ubuntu Security Notice: openssl vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-2959-1"
},
{
"title": "Debian Security Advisories: DSA-3566-1 openssl -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=055972eb84483959232c972f757685e0"
},
{
"title": "Amazon Linux AMI: ALAS-2016-695",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2016-695"
},
{
"title": "Citrix Security Bulletins: Citrix XenServer 7.2 Multiple Security Updates",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins\u0026qid=b7259bee9307e075caf863b54947ad7b"
},
{
"title": "Citrix Security Bulletins: Citrix XenServer Multiple Security Updates",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins\u0026qid=c11f24ab4065121676cfe8313127856c"
},
{
"title": "Tenable Security Advisories: [R5] OpenSSL \u002720160503\u0027 Advisory Affects Tenable Products",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=tns-2016-10"
},
{
"title": "Red Hat: Important: Red Hat JBoss Core Services Apache HTTP 2.4.23 Release",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20162957 - security advisory"
},
{
"title": "Tenable Security Advisories: [R3] PVS 5.1.0 Fixes Multiple Third-party Library Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=tns-2016-13"
},
{
"title": "Tenable Security Advisories: [R7] LCE 4.8.1 Fixes Multiple Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=tns-2016-18"
},
{
"title": "docker-cve-2016-2107",
"trust": 0.1,
"url": "https://github.com/tmiklas/docker-cve-2016-2107 "
},
{
"title": "SSLtest\nUsage:",
"trust": 0.1,
"url": "https://github.com/psc4re/ssltest "
},
{
"title": "CVE-2016-2107",
"trust": 0.1,
"url": "https://github.com/filosottile/cve-2016-2107 "
},
{
"title": "WS-TLS-Scanner\nCompiling\nRunning\nResults\nDocker",
"trust": 0.1,
"url": "https://github.com/rub-nds/ws-tls-scanner "
},
{
"title": "TLS - what can go wrong?",
"trust": 0.1,
"url": "https://github.com/hannob/tls-what-can-go-wrong "
},
{
"title": "OpenBSD httpd TLS Let\u0027s Encrypt configuration for perfect A+ SSLLabs score\nLicense\nAuthor",
"trust": 0.1,
"url": "https://github.com/krabelize/openbsd-httpd-tls-config "
},
{
"title": "OpenBSD httpd TLS Let\u0027s Encrypt configuration for perfect A+ SSLLabs score\nLicense\nAuthor",
"trust": 0.1,
"url": "https://github.com/krabelize/openbsd-httpd-tls-perfect-ssllabs-score "
},
{
"title": "Donate if you want\nHow it looks\nUsage\nWhat it can test\nWhat it won\u0027t test for you",
"trust": 0.1,
"url": "https://github.com/compilenix/tls-tester "
},
{
"title": "OpenBSD httpd TLS Let\u0027s Encrypt configuration for perfect A+ SSLLabs score\nLicense\nAuthor",
"trust": 0.1,
"url": "https://github.com/krabelize/openbsd-httpd-tls-config-ssllabs "
},
{
"title": "https://github.com/githuberxu/Project",
"trust": 0.1,
"url": "https://github.com/githuberxu/project "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-2107"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-080"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.0
},
{
"problemtype": "CWE-310",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-2107"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "https://www.openssl.org/news/secadv/20160503.txt"
},
{
"trust": 2.0,
"url": "http://rhn.redhat.com/errata/rhsa-2016-0722.html"
},
{
"trust": 1.9,
"url": "http://source.android.com/security/bulletin/2016-07-01.html"
},
{
"trust": 1.9,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160504-openssl"
},
{
"trust": 1.9,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"trust": 1.9,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"trust": 1.9,
"url": "http://support.citrix.com/article/ctx212736"
},
{
"trust": 1.9,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"trust": 1.9,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"trust": 1.9,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"trust": 1.9,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"trust": 1.7,
"url": "https://security.gentoo.org/glsa/201612-16"
},
{
"trust": 1.7,
"url": "http://rhn.redhat.com/errata/rhsa-2016-2957.html"
},
{
"trust": 1.6,
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbgn03728en_us"
},
{
"trust": 1.6,
"url": "https://security.netapp.com/advisory/ntap-20160504-0001/"
},
{
"trust": 1.6,
"url": "https://blog.cloudflare.com/yet-another-padding-oracle-in-openssl-cbc-ciphersuites/"
},
{
"trust": 1.6,
"url": "http://www.debian.org/security/2016/dsa-3566"
},
{
"trust": 1.6,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00011.html"
},
{
"trust": 1.6,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05320149"
},
{
"trust": 1.6,
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03756en_us"
},
{
"trust": 1.6,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"trust": 1.6,
"url": "https://bto.bluecoat.com/security-advisory/sa123"
},
{
"trust": 1.6,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00008.html"
},
{
"trust": 1.6,
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03765en_us"
},
{
"trust": 1.6,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05164862"
},
{
"trust": 1.6,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10160"
},
{
"trust": 1.6,
"url": "http://lists.apple.com/archives/security-announce/2016/jul/msg00000.html"
},
{
"trust": 1.6,
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
},
{
"trust": 1.6,
"url": "http://www.securitytracker.com/id/1035721"
},
{
"trust": 1.6,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00016.html"
},
{
"trust": 1.6,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-may/183457.html"
},
{
"trust": 1.6,
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2016\u0026m=slackware-security.542103"
},
{
"trust": 1.6,
"url": "https://kb.pulsesecure.net/articles/pulse_security_advisories/sa40202"
},
{
"trust": 1.6,
"url": "http://web-in-security.blogspot.ca/2016/05/curious-padding-oracle-in-openssl-cve.html"
},
{
"trust": 1.6,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00013.html"
},
{
"trust": 1.6,
"url": "http://packetstormsecurity.com/files/136912/slackware-security-advisory-openssl-updates.html"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/91787"
},
{
"trust": 1.6,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10759"
},
{
"trust": 1.6,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00019.html"
},
{
"trust": 1.6,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05390722"
},
{
"trust": 1.6,
"url": "https://support.apple.com/ht206903"
},
{
"trust": 1.6,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
},
{
"trust": 1.6,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00014.html"
},
{
"trust": 1.6,
"url": "https://www.tenable.com/security/tns-2016-18"
},
{
"trust": 1.6,
"url": "http://rhn.redhat.com/errata/rhsa-2016-0996.html"
},
{
"trust": 1.6,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-may/183607.html"
},
{
"trust": 1.6,
"url": "http://www.ubuntu.com/usn/usn-2959-1"
},
{
"trust": 1.6,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05386804"
},
{
"trust": 1.6,
"url": "http://rhn.redhat.com/errata/rhsa-2016-2073.html"
},
{
"trust": 1.6,
"url": "https://www.freebsd.org/security/advisories/freebsd-sa-16:17.openssl.asc"
},
{
"trust": 1.6,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00019.html"
},
{
"trust": 1.6,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-may/184605.html"
},
{
"trust": 1.6,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00001.html"
},
{
"trust": 1.6,
"url": "https://www.exploit-db.com/exploits/39768/"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/89760"
},
{
"trust": 1.6,
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbgn03726en_us"
},
{
"trust": 1.6,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"trust": 1.0,
"url": "https://git.openssl.org/?p=openssl.git%3ba=commit%3bh=68595c0c2886e7942a14f98c17a55a88afb6c292"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2107"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2108"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2109"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2106"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2105"
},
{
"trust": 0.6,
"url": "https://git.openssl.org/?p=openssl.git;a=commit;h=68595c0c2886e7942a14f98c17a55a88afb6c292"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
},
{
"trust": 0.6,
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10887855"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.2148/"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2176"
},
{
"trust": 0.3,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1331426"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2016/may/25"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-hpesbgn03728en_us"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05164862"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05320149"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1023779"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1023814"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1024319"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1024507"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5099429"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg2c1000158"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1021361"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1021376"
},
{
"trust": 0.3,
"url": "https://www.openssl.org"
},
{
"trust": 0.3,
"url": "https://www.openssl.org/news/vulnerabilities.html"
},
{
"trust": 0.3,
"url": "https://securityadvisories.paloaltonetworks.com/home/detail/56?aspxautodetectcookiesupport=1"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21987903"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21984111"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1024066"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21988007"
},
{
"trust": 0.3,
"url": "http://www.splunk.com/view/sp-caaapqm"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1009105"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1009106"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1009147"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1009281"
},
{
"trust": 0.3,
"url": "https://www-01.ibm.com/support/docview.wss?uid=swg21982823"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21982949"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21983158"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21983514"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21983555"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21983909"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21984323"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21984446"
},
{
"trust": 0.3,
"url": "https://www-01.ibm.com/support/docview.wss?uid=swg21984483"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21984583"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21984609"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21984794"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21984920"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21984977"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21985736"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21985981"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986054"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986123"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986152"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986260"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986460"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986473"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986506"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986563"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986564"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986669"
},
{
"trust": 0.3,
"url": "https://www-01.ibm.com/support/docview.wss?uid=swg21987174"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21987175"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21987671"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21987707"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21987779"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21988055"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21988071"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21988081"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21988189"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21988350"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21988383"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21988976"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21989046"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21989958"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21989964"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21990141"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21992493"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21992894"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21982814"
},
{
"trust": 0.2,
"url": "http://www.hpe.com/support/security_bulletin_archive"
},
{
"trust": 0.2,
"url": "http://www.hpe.com/support/subscriber_choice"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-2109"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-2107"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0799"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-2106"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-2105"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.2,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-2842"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-0799"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-2108"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1836"
},
{
"trust": 0.1,
"url": "https://www.hpe.com/info/report-security-vulnerability"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-hpesbhf03756en_us"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c01345499"
},
{
"trust": 0.1,
"url": "https://www.freebsd.org/handbook/makeworld.html\u003e."
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-16:17/openssl-9.patch.asc"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/\u003e."
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-16:17/openssl-9.patc"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-16:17/openssl-10.patch"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2105\u003e"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2106\u003e"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2176\u003e"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/news/secadv/20160503.txt\u003e"
},
{
"trust": 0.1,
"url": "https://svnweb.freebsd.org/base?view=revision\u0026revision=nnnnnn\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/advisories/freebsd-sa-16:17.openssl.asc\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-16:17/openssl-10.patch.asc"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2109\u003e"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2107\u003e"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2180"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2105"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2178"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2183"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2107"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2178"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2176"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2177"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-7052"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-6304"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-6305"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2106"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2108"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7052"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6306"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2109"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6304"
},
{
"trust": 0.1,
"url": "http://eprint.iacr.org/2016/594.pdf"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6305"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2180"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2177"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2183"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-6306"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2842"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_n"
},
{
"trust": 0.1,
"url": "https://helion.hpwsportal.com"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-3710"
},
{
"trust": 0.1,
"url": "http://docs.hpcloud.com/#helion/releasenotes215.html"
},
{
"trust": 0.1,
"url": "http://docs.hpcloud.com/#helion/installation/upgrade2x_to_215.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0718"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4599"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4601"
},
{
"trust": 0.1,
"url": "https://gpgtools.org"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4449"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4483"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4600"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1865"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4597"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4596"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4447"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1863"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4582"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4595"
},
{
"trust": 0.1,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1864"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-9862"
},
{
"trust": 0.1,
"url": "http://support.apple.com/kb/ht201222"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4607"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4448"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4598"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1684"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4602"
},
{
"trust": 0.1,
"url": "https://support.apple.com/kb/ht206900"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4594"
},
{
"trust": 0.1,
"url": "https://issues.jboss.org/):"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0705"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-3196"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-4448"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3216"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0702"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0797"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-8176"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-6808"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1835"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en/red-hat-jboss-core-services-apache-http-server/version-2.4.23/apache-http-server-2423-release-notes/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-3705"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1838"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3196"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1839"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3523"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2177"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-4483"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-3523"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-8612"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1148"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1840"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0797"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3185"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0705"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-3185"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-3194"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1833"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?product=core.service.apachehttp\u0026downloadtype=distributions\u0026version=2.4.23"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8176"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1840"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1836"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1762"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1835"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-4449"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-0286"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1762"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-5420"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2178"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0286"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-3627"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2012-1148"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1837"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1834"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3195"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0209"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1837"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1839"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-5419"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-4459"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-0209"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-3195"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0702"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-3216"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1838"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1833"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1834"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-4447"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-7141"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0169"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/policies/secpolicy.html"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/policies/releasestrat.html),"
}
],
"sources": [
{
"db": "BID",
"id": "89760"
},
{
"db": "PACKETSTORM",
"id": "142803"
},
{
"db": "PACKETSTORM",
"id": "136919"
},
{
"db": "PACKETSTORM",
"id": "140056"
},
{
"db": "PACKETSTORM",
"id": "136937"
},
{
"db": "PACKETSTORM",
"id": "136893"
},
{
"db": "PACKETSTORM",
"id": "137353"
},
{
"db": "PACKETSTORM",
"id": "137958"
},
{
"db": "PACKETSTORM",
"id": "140182"
},
{
"db": "PACKETSTORM",
"id": "169652"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-080"
},
{
"db": "NVD",
"id": "CVE-2016-2107"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2016-2107"
},
{
"db": "BID",
"id": "89760"
},
{
"db": "PACKETSTORM",
"id": "142803"
},
{
"db": "PACKETSTORM",
"id": "136919"
},
{
"db": "PACKETSTORM",
"id": "140056"
},
{
"db": "PACKETSTORM",
"id": "136937"
},
{
"db": "PACKETSTORM",
"id": "136893"
},
{
"db": "PACKETSTORM",
"id": "137353"
},
{
"db": "PACKETSTORM",
"id": "137958"
},
{
"db": "PACKETSTORM",
"id": "140182"
},
{
"db": "PACKETSTORM",
"id": "169652"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-080"
},
{
"db": "NVD",
"id": "CVE-2016-2107"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-05-05T00:00:00",
"db": "VULMON",
"id": "CVE-2016-2107"
},
{
"date": "2016-05-03T00:00:00",
"db": "BID",
"id": "89760"
},
{
"date": "2017-06-05T18:18:00",
"db": "PACKETSTORM",
"id": "142803"
},
{
"date": "2016-05-05T16:11:49",
"db": "PACKETSTORM",
"id": "136919"
},
{
"date": "2016-12-07T16:37:31",
"db": "PACKETSTORM",
"id": "140056"
},
{
"date": "2016-05-09T14:05:44",
"db": "PACKETSTORM",
"id": "136937"
},
{
"date": "2016-05-03T22:55:47",
"db": "PACKETSTORM",
"id": "136893"
},
{
"date": "2016-06-08T13:16:00",
"db": "PACKETSTORM",
"id": "137353"
},
{
"date": "2016-07-19T19:45:20",
"db": "PACKETSTORM",
"id": "137958"
},
{
"date": "2016-12-16T16:34:49",
"db": "PACKETSTORM",
"id": "140182"
},
{
"date": "2016-05-03T12:12:12",
"db": "PACKETSTORM",
"id": "169652"
},
{
"date": "2016-05-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201605-080"
},
{
"date": "2016-05-05T01:59:03.200000",
"db": "NVD",
"id": "CVE-2016-2107"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2024-02-16T00:00:00",
"db": "VULMON",
"id": "CVE-2016-2107"
},
{
"date": "2018-10-17T07:00:00",
"db": "BID",
"id": "89760"
},
{
"date": "2022-12-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201605-080"
},
{
"date": "2024-02-16T19:19:33.320000",
"db": "NVD",
"id": "CVE-2016-2107"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201605-080"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL AES-NI Implement security vulnerabilities",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201605-080"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201605-080"
}
],
"trust": 0.6
}
}
VAR-201606-0478
Vulnerability from variot - Updated: 2024-07-22 21:45OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap-buffer boundary checks, which might allow remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact by leveraging unexpected malloc behavior, related to s3_srvr.c, ssl_sess.c, and t1_lib.c. Supplementary information : CWE Vulnerability type by CWE-190: Integer Overflow or Wraparound ( Integer overflow or wraparound ) Has been identified. OpenSSL is prone to an integer-overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it into an insufficiently sized buffer. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions. OpenSSL 1.0.2h and prior versions are vulnerable. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Release on RHEL 7 Advisory ID: RHSA-2017:0194-01 Product: Red Hat JBoss Core Services Advisory URL: https://access.redhat.com/errata/RHSA-2017:0194 Issue date: 2017-01-25 CVE Names: CVE-2016-2108 CVE-2016-2177 CVE-2016-2178 CVE-2016-4459 CVE-2016-6808 CVE-2016-8612 =====================================================================
- Summary:
An update is now available for JBoss Core Services on RHEL 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat JBoss Core Services on RHEL 7 Server - noarch, ppc64, x86_64
- Description:
This release adds the new Apache HTTP Server 2.4.23 packages that are part of the JBoss Core Services offering.
This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.6 and includes bug fixes and enhancements. Refer to the Release Notes for information on the most significant bug fixes and enhancements included in this release. (CVE-2016-2108)
-
It was found that the length checks prior to writing to the target buffer for creating a virtual host mapping rule did not take account of the length of the virtual host name, creating the potential for a buffer overflow. (CVE-2016-2178)
-
Multiple integer overflow flaws were found in the way OpenSSL performed pointer arithmetic. A remote attacker could possibly use these flaws to cause a TLS/SSL server or client using OpenSSL to crash. (CVE-2016-2177)
-
It was discovered that specifying configuration with a JVMRoute path longer than 80 characters will cause segmentation fault leading to a server crash. (CVE-2016-4459)
-
An error was found in protocol parsing logic of mod_cluster load balancer Apache HTTP Server modules. An attacker could use this flaw to cause a Segmentation Fault in the serving httpd process. (CVE-2016-8612)
Red Hat would like to thank the OpenSSL project for reporting CVE-2016-2108. The CVE-2016-4459 issue was discovered by Robert Bost (Red Hat). Upstream acknowledges Huzaifa Sidhpurwala (Red Hat), Hanno Bock, and David Benjamin (Google) as the original reporters of CVE-2016-2108.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. After installing the updated packages, the httpd daemon will be restarted automatically.
- Package List:
Red Hat JBoss Core Services on RHEL 7 Server:
Source: jbcs-httpd24-httpd-2.4.23-102.jbcs.el7.src.rpm jbcs-httpd24-mod_auth_kerb-5.4-35.jbcs.el7.src.rpm jbcs-httpd24-mod_bmx-0.9.6-14.GA.jbcs.el7.src.rpm jbcs-httpd24-mod_cluster-native-1.3.5-13.Final_redhat_1.jbcs.el7.src.rpm jbcs-httpd24-mod_jk-1.2.41-14.redhat_1.jbcs.el7.src.rpm jbcs-httpd24-mod_rt-2.4.1-16.GA.jbcs.el7.src.rpm jbcs-httpd24-mod_security-2.9.1-18.GA.jbcs.el7.src.rpm jbcs-httpd24-nghttp2-1.12.0-9.jbcs.el7.src.rpm jbcs-httpd24-openssl-1.0.2h-12.jbcs.el7.src.rpm
noarch: jbcs-httpd24-httpd-manual-2.4.23-102.jbcs.el7.noarch.rpm
ppc64: jbcs-httpd24-httpd-2.4.23-102.jbcs.el7.ppc64.rpm jbcs-httpd24-httpd-debuginfo-2.4.23-102.jbcs.el7.ppc64.rpm jbcs-httpd24-httpd-devel-2.4.23-102.jbcs.el7.ppc64.rpm jbcs-httpd24-httpd-selinux-2.4.23-102.jbcs.el7.ppc64.rpm jbcs-httpd24-httpd-src-zip-2.4.23-102.jbcs.el7.ppc64.rpm jbcs-httpd24-httpd-tools-2.4.23-102.jbcs.el7.ppc64.rpm jbcs-httpd24-httpd-zip-2.4.23-102.jbcs.el7.ppc64.rpm jbcs-httpd24-mod_auth_kerb-5.4-35.jbcs.el7.ppc64.rpm jbcs-httpd24-mod_auth_kerb-debuginfo-5.4-35.jbcs.el7.ppc64.rpm jbcs-httpd24-mod_bmx-0.9.6-14.GA.jbcs.el7.ppc64.rpm jbcs-httpd24-mod_bmx-debuginfo-0.9.6-14.GA.jbcs.el7.ppc64.rpm jbcs-httpd24-mod_bmx-src-zip-0.9.6-14.GA.jbcs.el7.ppc64.rpm jbcs-httpd24-mod_cluster-native-1.3.5-13.Final_redhat_1.jbcs.el7.ppc64.rpm jbcs-httpd24-mod_cluster-native-debuginfo-1.3.5-13.Final_redhat_1.jbcs.el7.ppc64.rpm jbcs-httpd24-mod_jk-ap24-1.2.41-14.redhat_1.jbcs.el7.ppc64.rpm jbcs-httpd24-mod_jk-debuginfo-1.2.41-14.redhat_1.jbcs.el7.ppc64.rpm jbcs-httpd24-mod_jk-manual-1.2.41-14.redhat_1.jbcs.el7.ppc64.rpm jbcs-httpd24-mod_ldap-2.4.23-102.jbcs.el7.ppc64.rpm jbcs-httpd24-mod_proxy_html-2.4.23-102.jbcs.el7.ppc64.rpm jbcs-httpd24-mod_rt-2.4.1-16.GA.jbcs.el7.ppc64.rpm jbcs-httpd24-mod_rt-debuginfo-2.4.1-16.GA.jbcs.el7.ppc64.rpm jbcs-httpd24-mod_rt-src-zip-2.4.1-16.GA.jbcs.el7.ppc64.rpm jbcs-httpd24-mod_security-2.9.1-18.GA.jbcs.el7.ppc64.rpm jbcs-httpd24-mod_security-debuginfo-2.9.1-18.GA.jbcs.el7.ppc64.rpm jbcs-httpd24-mod_security-src-zip-2.9.1-18.GA.jbcs.el7.ppc64.rpm jbcs-httpd24-mod_session-2.4.23-102.jbcs.el7.ppc64.rpm jbcs-httpd24-mod_ssl-2.4.23-102.jbcs.el7.ppc64.rpm jbcs-httpd24-nghttp2-1.12.0-9.jbcs.el7.ppc64.rpm jbcs-httpd24-nghttp2-debuginfo-1.12.0-9.jbcs.el7.ppc64.rpm jbcs-httpd24-openssl-1.0.2h-12.jbcs.el7.ppc64.rpm jbcs-httpd24-openssl-debuginfo-1.0.2h-12.jbcs.el7.ppc64.rpm jbcs-httpd24-openssl-devel-1.0.2h-12.jbcs.el7.ppc64.rpm jbcs-httpd24-openssl-libs-1.0.2h-12.jbcs.el7.ppc64.rpm jbcs-httpd24-openssl-perl-1.0.2h-12.jbcs.el7.ppc64.rpm jbcs-httpd24-openssl-static-1.0.2h-12.jbcs.el7.ppc64.rpm
x86_64: jbcs-httpd24-httpd-2.4.23-102.jbcs.el7.x86_64.rpm jbcs-httpd24-httpd-debuginfo-2.4.23-102.jbcs.el7.x86_64.rpm jbcs-httpd24-httpd-devel-2.4.23-102.jbcs.el7.x86_64.rpm jbcs-httpd24-httpd-selinux-2.4.23-102.jbcs.el7.x86_64.rpm jbcs-httpd24-httpd-src-zip-2.4.23-102.jbcs.el7.x86_64.rpm jbcs-httpd24-httpd-tools-2.4.23-102.jbcs.el7.x86_64.rpm jbcs-httpd24-httpd-zip-2.4.23-102.jbcs.el7.x86_64.rpm jbcs-httpd24-mod_auth_kerb-5.4-35.jbcs.el7.x86_64.rpm jbcs-httpd24-mod_auth_kerb-debuginfo-5.4-35.jbcs.el7.x86_64.rpm jbcs-httpd24-mod_bmx-0.9.6-14.GA.jbcs.el7.x86_64.rpm jbcs-httpd24-mod_bmx-debuginfo-0.9.6-14.GA.jbcs.el7.x86_64.rpm jbcs-httpd24-mod_bmx-src-zip-0.9.6-14.GA.jbcs.el7.x86_64.rpm jbcs-httpd24-mod_cluster-native-1.3.5-13.Final_redhat_1.jbcs.el7.x86_64.rpm jbcs-httpd24-mod_cluster-native-debuginfo-1.3.5-13.Final_redhat_1.jbcs.el7.x86_64.rpm jbcs-httpd24-mod_jk-ap24-1.2.41-14.redhat_1.jbcs.el7.x86_64.rpm jbcs-httpd24-mod_jk-debuginfo-1.2.41-14.redhat_1.jbcs.el7.x86_64.rpm jbcs-httpd24-mod_jk-manual-1.2.41-14.redhat_1.jbcs.el7.x86_64.rpm jbcs-httpd24-mod_ldap-2.4.23-102.jbcs.el7.x86_64.rpm jbcs-httpd24-mod_proxy_html-2.4.23-102.jbcs.el7.x86_64.rpm jbcs-httpd24-mod_rt-2.4.1-16.GA.jbcs.el7.x86_64.rpm jbcs-httpd24-mod_rt-debuginfo-2.4.1-16.GA.jbcs.el7.x86_64.rpm jbcs-httpd24-mod_rt-src-zip-2.4.1-16.GA.jbcs.el7.x86_64.rpm jbcs-httpd24-mod_security-2.9.1-18.GA.jbcs.el7.x86_64.rpm jbcs-httpd24-mod_security-debuginfo-2.9.1-18.GA.jbcs.el7.x86_64.rpm jbcs-httpd24-mod_security-src-zip-2.9.1-18.GA.jbcs.el7.x86_64.rpm jbcs-httpd24-mod_session-2.4.23-102.jbcs.el7.x86_64.rpm jbcs-httpd24-mod_ssl-2.4.23-102.jbcs.el7.x86_64.rpm jbcs-httpd24-nghttp2-1.12.0-9.jbcs.el7.x86_64.rpm jbcs-httpd24-nghttp2-debuginfo-1.12.0-9.jbcs.el7.x86_64.rpm jbcs-httpd24-openssl-1.0.2h-12.jbcs.el7.x86_64.rpm jbcs-httpd24-openssl-debuginfo-1.0.2h-12.jbcs.el7.x86_64.rpm jbcs-httpd24-openssl-devel-1.0.2h-12.jbcs.el7.x86_64.rpm jbcs-httpd24-openssl-libs-1.0.2h-12.jbcs.el7.x86_64.rpm jbcs-httpd24-openssl-perl-1.0.2h-12.jbcs.el7.x86_64.rpm jbcs-httpd24-openssl-static-1.0.2h-12.jbcs.el7.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2016-2108 https://access.redhat.com/security/cve/CVE-2016-2177 https://access.redhat.com/security/cve/CVE-2016-2178 https://access.redhat.com/security/cve/CVE-2016-4459 https://access.redhat.com/security/cve/CVE-2016-6808 https://access.redhat.com/security/cve/CVE-2016-8612 https://access.redhat.com/security/updates/classification/#important
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFYiQWBXlSAg2UNWIIRArWdAJwO4BE3aBxonVdBzdTUsNa+5ZKLmwCfSRUf 2AmaztKx6GqFZTJkumoOcS8= =0wxz -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Description:
Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. For further information, see the knowledge base article linked to in the References section. The JBoss server process must be restarted for the update to take effect. Solution:
Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications. ========================================================================== Ubuntu Security Notice USN-3087-2 September 23, 2016
openssl regression
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary:
USN-3087-1 introduced a regression in OpenSSL.
Software Description: - openssl: Secure Socket Layer (SSL) cryptographic library and tools
Details:
USN-3087-1 fixed vulnerabilities in OpenSSL. The fix for CVE-2016-2182 was incomplete and caused a regression when parsing certificates. This update fixes the problem.
We apologize for the inconvenience. This issue has only been addressed in Ubuntu 16.04 LTS in this update. (CVE-2016-2178) Quan Luo discovered that OpenSSL did not properly restrict the lifetime of queue entries in the DTLS implementation. (CVE-2016-2179) Shi Lei discovered that OpenSSL incorrectly handled memory in the TS_OBJ_print_bio() function. (CVE-2016-2180) It was discovered that the OpenSSL incorrectly handled the DTLS anti-replay feature. (CVE-2016-2181) Shi Lei discovered that OpenSSL incorrectly validated division results. (CVE-2016-2182) Karthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES ciphers were vulnerable to birthday attacks. This update moves DES from the HIGH cipher list to MEDIUM. (CVE-2016-2183) Shi Lei discovered that OpenSSL incorrectly handled certain ticket lengths. (CVE-2016-6302) Shi Lei discovered that OpenSSL incorrectly handled memory in the MDC2_Update() function. (CVE-2016-6303) Shi Lei discovered that OpenSSL incorrectly performed certain message length checks. (CVE-2016-6306)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 16.04 LTS: libssl1.0.0 1.0.2g-1ubuntu4.5
Ubuntu 14.04 LTS: libssl1.0.0 1.0.1f-1ubuntu2.21
Ubuntu 12.04 LTS: libssl1.0.0 1.0.1-4ubuntu5.38
After a standard system update you need to reboot your computer to make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03763en_us
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: hpesbhf03763en_us Version: 1
HPESBHF03763 rev.1 - HPE Comware 7, IMC, VCX products using OpenSSL, Remote Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2017-08-01 Last Updated: 2017-08-01
Potential Security Impact: Remote: Denial of Service (DoS)
Source: Hewlett Packard Enterprise, Product Security Response Team
VULNERABILITY SUMMARY A potential security vulnerability has been identified in Comware 7, IMC, VCX products using OpenSSL.
- Comware v7 (CW7) Products See resolution section for impacted versions
- HP Intelligent Management Center (iMC) See resolution section for impacted versions
- VCX Products 9.8.19
BACKGROUND
CVSS Base Metrics ================= Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector
CVE-2016-2177
7.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Information on CVSS is documented in
HPE Customer Notice HPSN-2008-002 here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499
RESOLUTION
HPE has provided the following software updates to resolve the vulnerability in Comware 7, IMC PLAT, and VCX.
Note: The following products are impacted by this issue
COMWARE 7 Products
-
12500 (Comware 7) - Version: R7377P02
- HPE Branded Products Impacted
- JC072B HP 12500 Main Processing Unit
- JC085A HP A12518 Switch Chassis
- JC086A HP A12508 Switch Chassis
- JC652A HP 12508 DC Switch Chassis
- JC653A HP 12518 DC Switch Chassis
- JC654A HP 12504 AC Switch Chassis
- JC655A HP 12504 DC Switch Chassis
- JF430A HP A12518 Switch Chassis
- JF430B HP 12518 Switch Chassis
- JF430C HP 12518 AC Switch Chassis
- JF431A HP A12508 Switch Chassis
- JF431B HP 12508 Switch Chassis
- JF431C HP 12508 AC Switch Chassis
- JG497A HP 12500 MPU w/Comware V7 OS
- JG782A HP FF 12508E AC Switch Chassis
- JG783A HP FF 12508E DC Switch Chassis
- JG784A HP FF 12518E AC Switch Chassis
- JG785A HP FF 12518E DC Switch Chassis
- JG802A HP FF 12500E MPU
-
10500 (Comware 7) - Version: R7184
- HPE Branded Products Impacted
- JC611A HP 10508-V Switch Chassis
- JC612A HP 10508 Switch Chassis
- JC613A HP 10504 Switch Chassis
- JC748A HP 10512 Switch Chassis
- JG608A HP FlexFabric 11908-V Switch Chassis
- JG609A HP FlexFabric 11900 Main Processing Unit
- JG820A HP 10504 TAA Switch Chassis
- JG821A HP 10508 TAA Switch Chassis
- JG822A HP 10508-V TAA Switch Chassis
- JG823A HP 10512 TAA Switch Chassis
- JG496A HP 10500 Type A MPU w/Comware v7 OS
- JH198A HP 10500 Type D Main Processing Unit with Comware v7 Operating System
- JH206A HP 10500 Type D TAA-compliant with Comware v7 Operating System Main Processing Unit
-
5900/5920 (Comware 7) - Version: R2432
- HPE Branded Products Impacted
- JC772A HP 5900AF-48XG-4QSFP+ Switch
- JG296A HP 5920AF-24XG Switch
- JG336A HP 5900AF-48XGT-4QSFP+ Switch
- JG510A HP 5900AF-48G-4XG-2QSFP+ Switch
- JG554A HP 5900AF-48XG-4QSFP+ TAA Switch
- JG555A HP 5920AF-24XG TAA Switch
- JG838A HP FF 5900CP-48XG-4QSFP+ Switch
- JH036A HP FlexFabric 5900CP 48XG 4QSFP+ TAA-Compliant
- JH037A HP 5900AF 48XGT 4QSFP+ TAA-Compliant Switch
- JH038A HP 5900AF 48G 4XG 2QSFP+ TAA-Compliant
-
MSR1000 (Comware 7) - Version: R0306P80
- HPE Branded Products Impacted
- JG875A HP MSR1002-4 AC Router
- JH060A HP MSR1003-8S AC Router
-
MSR2000 (Comware 7) - Version: R0306P80
- HPE Branded Products Impacted
- JG411A HP MSR2003 AC Router
- JG734A HP MSR2004-24 AC Router
- JG735A HP MSR2004-48 Router
- JG866A HP MSR2003 TAA-compliant AC Router
-
MSR3000 (Comware 7) - Version: R0306P80
- HPE Branded Products Impacted
- JG404A HP MSR3064 Router
- JG405A HP MSR3044 Router
- JG406A HP MSR3024 AC Router
- JG407A HP MSR3024 DC Router
- JG408A HP MSR3024 PoE Router
- JG409A HP MSR3012 AC Router
- JG410A HP MSR3012 DC Router
- JG861A HP MSR3024 TAA-compliant AC Router
-
MSR4000 (Comware 7) - Version: R0306P80
- HPE Branded Products Impacted
- JG402A HP MSR4080 Router Chassis
- JG403A HP MSR4060 Router Chassis
- JG412A HP MSR4000 MPU-100 Main Processing Unit
- JG869A HP MSR4000 TAA-compliant MPU-100 Main Processing Unit
-
VSR (Comware 7) - Version: E0324
- HPE Branded Products Impacted
- JG810AAE HP VSR1001 Virtual Services Router 60 Day Evaluation Software
- JG811AAE HP VSR1001 Comware 7 Virtual Services Router
- JG812AAE HP VSR1004 Comware 7 Virtual Services Router
- JG813AAE HP VSR1008 Comware 7 Virtual Services Router
-
7900 (Comware 7) - Version: R2152
- HPE Branded Products Impacted
- JG682A HP FlexFabric 7904 Switch Chassis
- JG841A HP FlexFabric 7910 Switch Chassis
- JG842A HP FlexFabric 7910 7.2Tbps Fabric / Main Processing Unit
- JH001A HP FlexFabric 7910 2.4Tbps Fabric / Main Processing Unit
- JH122A HP FlexFabric 7904 TAA-compliant Switch Chassis
- JH123A HP FlexFabric 7910 TAA-compliant Switch Chassis
- JH124A HP FlexFabric 7910 7.2Tbps TAA-compliant Fabric/Main Processing Unit
- JH125A HP FlexFabric 7910 2.4Tbps TAA-compliant Fabric/Main Processing Unit
-
5130EI (Comware 7) - Version: R3115P05
- HPE Branded Products Impacted
- JG932A HP 5130-24G-4SFP+ EI Switch
- JG933A HP 5130-24G-SFP-4SFP+ EI Switch
- JG934A HP 5130-48G-4SFP+ EI Switch
- JG936A HP 5130-24G-PoE+-4SFP+ (370W) EI Switch
- JG937A HP 5130-48G-PoE+-4SFP+ (370W) EI Switch
- JG938A HP 5130-24G-2SFP+-2XGT EI Switch
- JG939A HP 5130-48G-2SFP+-2XGT EI Switch
- JG940A HP 5130-24G-PoE+-2SFP+-2XGT (370W) EI Switch
- JG941A HP 5130-48G-PoE+-2SFP+-2XGT (370W) EI Switch
- JG975A HP 5130-24G-4SFP+ EI Brazil Switch
- JG976A HP 5130-48G-4SFP+ EI Brazil Switch
- JG977A HP 5130-24G-PoE+-4SFP+ (370W) EI Brazil Switch
- JG978A HP 5130-48G-PoE+-4SFP+ (370W) EI Brazil Switch
-
6125XLG - Version: R2432
- HPE Branded Products Impacted
- 711307-B21 HP 6125XLG Blade Switch
- 737230-B21 HP 6125XLG Blade Switch with TAA
-
6127XLG - Version: R2432
- HPE Branded Products Impacted
- 787635-B21 HP 6127XLG Blade Switch Opt Kit
- 787635-B22 HP 6127XLG Blade Switch with TAA
-
Moonshot - Version: R2432
- HPE Branded Products Impacted
- 786617-B21 - HP Moonshot-45Gc Switch Module
- 704654-B21 - HP Moonshot-45XGc Switch Module
- 786619-B21 - HP Moonshot-180XGc Switch Module
-
5700 (Comware 7) - Version: R2432
- HPE Branded Products Impacted
- JG894A HP FlexFabric 5700-48G-4XG-2QSFP+ Switch
- JG895A HP FlexFabric 5700-48G-4XG-2QSFP+ TAA-compliant Switch
- JG896A HP FlexFabric 5700-40XG-2QSFP+ Switch
- JG897A HP FlexFabric 5700-40XG-2QSFP+ TAA-compliant Switch
- JG898A HP FlexFabric 5700-32XGT-8XG-2QSFP+ Switch
- JG899A HP FlexFabric 5700-32XGT-8XG-2QSFP+ TAA-compliant Switch
-
5930 (Comware 7) - Version: R2432
- HPE Branded Products Impacted
- JG726A HP FlexFabric 5930 32QSFP+ Switch
- JG727A HP FlexFabric 5930 32QSFP+ TAA-compliant Switch
- JH178A HP FlexFabric 5930 2QSFP+ 2-slot Switch
- JH179A HP FlexFabric 5930 4-slot Switch
- JH187A HP FlexFabric 5930 2QSFP+ 2-slot TAA-compliant Switch
- JH188A HP FlexFabric 5930 4-slot TAA-compliant Switch
-
1950 (Comware 7) - Version: R3115P06
- HPE Branded Products Impacted
- JG960A HP 1950-24G-4XG Switch
- JG961A HP 1950-48G-2SFP+-2XGT Switch
- JG962A HP 1950-24G-2SFP+-2XGT-PoE+(370W) Switch
- JG963A HP 1950-48G-2SFP+-2XGT-PoE+(370W) Switch
-
7500 (Comware 7) - Version: R7184
- HPE Branded Products Impacted
- JD238C HP 7510 Switch Chassis
- JD239C HP 7506 Switch Chassis
- JD240C HP 7503 Switch Chassis
- JD242C HP 7502 Switch Chassis
- JH207A HP 7500 1.2Tbps Fabric with 2-port 40GbE QSFP+ for IRF-Only Main Processing Unit
- JH208A HP 7502 Main Processing Unit
- JH209A HP 7500 2.4Tbps Fabric with 8-port 1/10GbE SFP+ and 2-port 40GbE QSFP+ Main Processing Unit
-
5510HI (Comware 7) - Version: R1121P01
- HPE Branded Products Impacted
- JH145A HPE 5510 24G 4SFP+ HI 1-slot Switch
- JH146A HPE 5510 48G 4SFP+ HI 1-slot Switch
- JH147A HPE 5510 24G PoE+ 4SFP+ HI 1-slot Switch
- JH148A HPE 5510 48G PoE+ 4SFP+ HI 1-slot Switch
- JH149A HPE 5510 24G SFP 4SFP+ HI 1-slot Switch
-
5130HI (Comware 7) - Version: R1121P02
- HPE Branded Products Impacted
- JH323A HPE 5130 24G 4SFP+ 1-slot HI Switch
- JH324A HPE 5130 48G 4SFP+ 1-slot HI Switch
- JH325A HPE 5130 24G PoE+ 4SFP+ 1-slot HI Switch
- JH326A HPE 5130 48G PoE+ 4SFP+ 1-slot HI Switch
-
5940 (Comware 7) - Version: R2509P02
- HPE Branded Products Impacted
- JH390A HPE FlexFabric 5940 48SFP+ 6QSFP28 Switch
- JH391A HPE FlexFabric 5940 48XGT 6QSFP28 Switch
- JH394A HPE FlexFabric 5940 48XGT 6QSFP+ Switch
- JH395A HPE FlexFabric 5940 48SFP+ 6QSFP+ Switch
- JH396A HPE FlexFabric 5940 32QSFP+ Switch
- JH397A HPE FlexFabric 5940 2-slot Switch
- JH398A HPE FlexFabric 5940 4-slot Switch
-
5950 (Comware 7) - Version: R6123
- HPE Branded Products Impacted
- JH321A HPE FlexFabric 5950 32QSFP28 Switch
- JH402A HPE FlexFabric 5950 48SFP28 8QSFP28 Switch
- JH404A HPE FlexFabric 5950 4-slot Switch
-
12900E (Comware 7) - Version: R2609
- HPE Branded Products Impacted
- JG619A HP FlexFabric 12910 Switch AC Chassis
- JG621A HP FlexFabric 12910 Main Processing Unit
- JG632A HP FlexFabric 12916 Switch AC Chassis
- JG634A HP FlexFabric 12916 Main Processing Unit
- JH104A HP FlexFabric 12900E Main Processing Unit
- JH114A HP FlexFabric 12910 TAA-compliant Main Processing Unit
- JH263A HP FlexFabric 12904E Main Processing Unit
- JH255A HP FlexFabric 12908E Switch Chassis
- JH262A HP FlexFabric 12904E Switch Chassis
- JH113A HP FlexFabric 12910 TAA-compliant Switch AC Chassis
- JH103A HP FlexFabric 12916E Switch Chassis
-
iNode PC 7.2 (E0410) - Version: 7.2 E0410
- HPE Branded Products Impacted
- JD144A HP A-IMC User Access Management Software Module with 200-user License
- JD147A HP IMC Endpoint Admission Defense Software Module with 200-user License
- JD435A HP A-IMC Endpoint Admission Defense Client Software
- JF388A HP IMC User Authentication Management Software Module with 200-user License
- JF388AAE HP IMC User Authentication Management Software Module with 200-user E-LTU
- JF391A HP IMC Endpoint Admission Defense Software Module with 200-user License
- JF391AAE HP IMC Endpoint Admission Defense Software Module with 200-user E-LTU
- JG752AAE HP IMC User Access Manager Software Module with 50-user E-LTU
- JG754AAE) HP IMC Endpoint Admission Defense Software Module with 50-user E-LTU
-
iMC UAM_TAM 7.2-E0409 - Version: 7.2 E0409
- HPE Branded Products Impacted
- JF388A HP IMC UAM S/W MODULE W/200-USER LICENSE
- JF388AAE HP IMC UAM S/W MODULE W/200-USER E-LTU
- JG752AAE HP IMC UAM SW MOD W/ 50-USER E-LTU
- JG483A HP IMC TAM S/W MODULE W/100-NODE LIC
- JG483AAE HP IMC TAM S/W MODULE W/100-NODE E-LTU
- JG764AAE HP IMC TAM SW MOD W/ 50-NODE E-LTU
-
VCX - Version: 9.8.19
- HPE Branded Products Impacted
- J9672A HP VCX V7205 Platform w/ DL360 G7 Srvr
- J9668A HP VCX IPC V7005 Pltfrm w/ DL120 G6 Srvr
- JC517A HP VCX V7205 Platform w/DL 360 G6 Server
- JE355A HP VCX V6000 Branch Platform 9.0
- JC516A HP VCX V7005 Platform w/DL 120 G6 Server
- JC518A HP VCX Connect 200 Primry 120 G6 Server
- J9669A HP VCX IPC V7310 Pltfrm w/ DL360 G7 Srvr
- JE341A HP VCX Connect 100 Secondary
- JE252A HP VCX Connect Primary MIM Module
- JE253A HP VCX Connect Secondary MIM Module
- JE254A HP VCX Branch MIM Module
- JE355A HP VCX V6000 Branch Platform 9.0
- JD028A HP MS30-40 RTR w/VCX + T1/FXO/FXS/Mod
- JD023A HP MSR30-40 Router with VCX MIM Module
- JD024A HP MSR30-16 RTR w/VCX Ent Br Com MIM
- JD025A HP MSR30-16 RTR w/VCX + 4FXO/2FXS Mod
- JD026A HP MSR30-16 RTR w/VCX + 8FXO/4FXS Mod
- JD027A HP MSR30-16 RTR w/VCX + 8BRI/4FXS Mod
- JD029A HP MSR30-16 RTR w/VCX + E1/4BRI/4FXS
- JE340A HP VCX Connect 100 Pri Server 9.0
- JE342A HP VCX Connect 100 Sec Server 9.0
Note: Please contact HPE Technical Support if any assistance is needed acquiring the software updates.
HISTORY Version:1 (rev.1) - 1 August 2017 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running Hewlett Packard Enterprise (HPE) software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HPE Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hpe.com.
Report: To report a potential security vulnerability for any HPE supported product: Web form: https://www.hpe.com/info/report-security-vulnerability Email: security-alert@hpe.com
Subscribe: To initiate a subscription to receive future HPE Security Bulletin alerts via Email: http://www.hpe.com/support/Subscriber_Choice
Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://www.hpe.com/support/Security_Bulletin_Archive
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HPE General Software HF = HPE Hardware and Firmware MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PV = ProCurve ST = Storage Software UX = HP-UX
Copyright 2016 Hewlett Packard Enterprise
Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett Packard Enterprise and the names of Hewlett Packard Enterprise products referenced herein are trademarks of Hewlett Packard Enterprise in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. (CVE-2016-6808)
- A memory leak flaw was fixed in expat. Solution:
The References section of this erratum contains a download link (you must log in to download the update). JIRA issues fixed (https://issues.jboss.org/):
JBCS-50 - CVE-2012-1148 CVE-2012-0876 expat: various flaws [jbews-3.0.0] JBCS-95 - CVE-2014-3523 httpd: WinNT MPM denial of service
- (CVE-2016-2177)
It was discovered that OpenSSL did not properly handle Montgomery multiplication, resulting in incorrect results leading to transient failures. OpenSSL Security Advisory [22 Sep 2016] ========================================
OCSP Status Request extension unbounded memory growth (CVE-2016-6304)
Severity: High
A malicious client can send an excessively large OCSP Status Request extension. If that client continually requests renegotiation, sending a large OCSP Status Request extension each time, then there will be unbounded memory growth on the server. This will eventually lead to a Denial Of Service attack through memory exhaustion. Servers with a default configuration are vulnerable even if they do not support OCSP. Builds using the "no-ocsp" build time option are not affected.
Servers using OpenSSL versions prior to 1.0.1g are not vulnerable in a default configuration, instead only if an application explicitly enables OCSP stapling support.
OpenSSL 1.1.0 users should upgrade to 1.1.0a OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 29th August 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL development team.
SSL_peek() hang on empty record (CVE-2016-6305)
Severity: Moderate
OpenSSL 1.1.0 SSL/TLS will hang during a call to SSL_peek() if the peer sends an empty record. This could be exploited by a malicious peer in a Denial Of Service attack.
OpenSSL 1.1.0 users should upgrade to 1.1.0a
This issue was reported to OpenSSL on 10th September 2016 by Alex Gaynor. The fix was developed by Matt Caswell of the OpenSSL development team.
SWEET32 Mitigation (CVE-2016-2183)
Severity: Low
SWEET32 (https://sweet32.info) is an attack on older block cipher algorithms that use a block size of 64 bits. In mitigation for the SWEET32 attack DES based ciphersuites have been moved from the HIGH cipherstring group to MEDIUM in OpenSSL 1.0.1 and OpenSSL 1.0.2. OpenSSL 1.1.0 since release has had these ciphersuites disabled by default.
OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 16th August 2016 by Karthikeyan Bhargavan and Gaetan Leurent (INRIA). The fix was developed by Rich Salz of the OpenSSL development team.
OOB write in MDC2_Update() (CVE-2016-6303)
Severity: Low
An overflow can occur in MDC2_Update() either if called directly or through the EVP_DigestUpdate() function using MDC2. If an attacker is able to supply very large amounts of input data after a previous call to EVP_EncryptUpdate() with a partial block then a length check can overflow resulting in a heap corruption.
The amount of data needed is comparable to SIZE_MAX which is impractical on most platforms.
OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 11th August 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL development team.
Malformed SHA512 ticket DoS (CVE-2016-6302)
Severity: Low
If a server uses SHA512 for TLS session ticket HMAC it is vulnerable to a DoS attack where a malformed ticket will result in an OOB read which will ultimately crash.
The use of SHA512 in TLS session tickets is comparatively rare as it requires a custom server callback and ticket lookup mechanism.
OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 19th August 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL development team.
OOB write in BN_bn2dec() (CVE-2016-2182)
Severity: Low
The function BN_bn2dec() does not check the return value of BN_div_word(). This can cause an OOB write if an application uses this function with an overly large BIGNUM. This could be a problem if an overly large certificate or CRL is printed out from an untrusted source. TLS is not affected because record limits will reject an oversized certificate before it is parsed.
OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 2nd August 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL development team.
OOB read in TS_OBJ_print_bio() (CVE-2016-2180)
Severity: Low
The function TS_OBJ_print_bio() misuses OBJ_obj2txt(): the return value is the total length the OID text representation would use and not the amount of data written. This will result in OOB reads when large OIDs are presented.
OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 21st July 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL development team.
Pointer arithmetic undefined behaviour (CVE-2016-2177)
Severity: Low
Avoid some undefined pointer arithmetic
A common idiom in the codebase is to check limits in the following manner: "p + len > limit"
Where "p" points to some malloc'd data of SIZE bytes and limit == p + SIZE
"len" here could be from some externally supplied data (e.g. from a TLS message).
The rules of C pointer arithmetic are such that "p + len" is only well defined where len <= SIZE. Therefore the above idiom is actually undefined behaviour.
For example this could cause problems if some malloc implementation provides an address for "p" such that "p + len" actually overflows for values of len that are too big and therefore p + len < limit.
OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 4th May 2016 by Guido Vranken. The fix was developed by Matt Caswell of the OpenSSL development team.
Constant time flag not preserved in DSA signing (CVE-2016-2178)
Severity: Low
Operations in the DSA signing algorithm should run in constant time in order to avoid side channel attacks. A flaw in the OpenSSL DSA implementation means that a non-constant time codepath is followed for certain operations. This has been demonstrated through a cache-timing attack to be sufficient for an attacker to recover the private DSA key.
OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 23rd May 2016 by César Pereida (Aalto University), Billy Brumley (Tampere University of Technology), and Yuval Yarom (The University of Adelaide and NICTA). The fix was developed by César Pereida.
DTLS buffered message DoS (CVE-2016-2179)
Severity: Low
In a DTLS connection where handshake messages are delivered out-of-order those messages that OpenSSL is not yet ready to process will be buffered for later use. Under certain circumstances, a flaw in the logic means that those messages do not get removed from the buffer even though the handshake has been completed. An attacker could force up to approx. 15 messages to remain in the buffer when they are no longer required. These messages will be cleared when the DTLS connection is closed. The default maximum size for a message is 100k. Therefore the attacker could force an additional 1500k to be consumed per connection. By opening many simulataneous connections an attacker could cause a DoS attack through memory exhaustion.
OpenSSL 1.0.2 DTLS users should upgrade to 1.0.2i OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 22nd June 2016 by Quan Luo. The fix was developed by Matt Caswell of the OpenSSL development team.
DTLS replay protection DoS (CVE-2016-2181)
Severity: Low
A flaw in the DTLS replay attack protection mechanism means that records that arrive for future epochs update the replay protection "window" before the MAC for the record has been validated. This could be exploited by an attacker by sending a record for the next epoch (which does not have to decrypt or have a valid MAC), with a very large sequence number. This means that all subsequent legitimate packets are dropped causing a denial of service for a specific DTLS connection.
OpenSSL 1.0.2 DTLS users should upgrade to 1.0.2i OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 21st November 2015 by the OCAP audit team. The fix was developed by Matt Caswell of the OpenSSL development team.
Certificate message OOB reads (CVE-2016-6306)
Severity: Low
In OpenSSL 1.0.2 and earlier some missing message length checks can result in OOB reads of up to 2 bytes beyond an allocated buffer. There is a theoretical DoS risk but this has not been observed in practice on common platforms.
The messages affected are client certificate, client certificate request and server certificate. As a result the attack can only be performed against a client or a server which enables client authentication.
OpenSSL 1.1.0 is not affected.
OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 22nd August 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL development team.
Excessive allocation of memory in tls_get_message_header() (CVE-2016-6307)
Severity: Low
A TLS message includes 3 bytes for its length in the header for the message. This would allow for messages up to 16Mb in length. Messages of this length are excessive and OpenSSL includes a check to ensure that a peer is sending reasonably sized messages in order to avoid too much memory being consumed to service a connection. A flaw in the logic of version 1.1.0 means that memory for the message is allocated too early, prior to the excessive message length check. Due to way memory is allocated in OpenSSL this could mean an attacker could force up to 21Mb to be allocated to service a connection. This could lead to a Denial of Service through memory exhaustion. However, the excessive message length check still takes place, and this would cause the connection to immediately fail. Assuming that the application calls SSL_free() on the failed conneciton in a timely manner then the 21Mb of allocated memory will then be immediately freed again. Therefore the excessive memory allocation will be transitory in nature. This then means that there is only a security impact if:
1) The application does not call SSL_free() in a timely manner in the event that the connection fails or 2) The application is working in a constrained environment where there is very little free memory or 3) The attacker initiates multiple connection attempts such that there are multiple connections in a state where memory has been allocated for the connection; SSL_free() has not yet been called; and there is insufficient memory to service the multiple requests.
Except in the instance of (1) above any Denial Of Service is likely to be transitory because as soon as the connection fails the memory is subsequently freed again in the SSL_free() call. However there is an increased risk during this period of application crashes due to the lack of memory - which would then mean a more serious Denial of Service.
This issue does not affect DTLS users.
OpenSSL 1.1.0 TLS users should upgrade to 1.1.0a
This issue was reported to OpenSSL on 18th September 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL development team.
Excessive allocation of memory in dtls1_preprocess_fragment() (CVE-2016-6308)
Severity: Low
This issue is very similar to CVE-2016-6307. The underlying defect is different but the security analysis and impacts are the same except that it impacts DTLS.
A DTLS message includes 3 bytes for its length in the header for the message. This would allow for messages up to 16Mb in length. Messages of this length are excessive and OpenSSL includes a check to ensure that a peer is sending reasonably sized messages in order to avoid too much memory being consumed to service a connection. A flaw in the logic of version 1.1.0 means that memory for the message is allocated too early, prior to the excessive message length check. Due to way memory is allocated in OpenSSL this could mean an attacker could force up to 21Mb to be allocated to service a connection. This could lead to a Denial of Service through memory exhaustion. However, the excessive message length check still takes place, and this would cause the connection to immediately fail. Assuming that the application calls SSL_free() on the failed conneciton in a timely manner then the 21Mb of allocated memory will then be immediately freed again. Therefore the excessive memory allocation will be transitory in nature. This then means that there is only a security impact if:
1) The application does not call SSL_free() in a timely manner in the event that the connection fails or 2) The application is working in a constrained environment where there is very little free memory or 3) The attacker initiates multiple connection attempts such that there are multiple connections in a state where memory has been allocated for the connection; SSL_free() has not yet been called; and there is insufficient memory to service the multiple requests.
Except in the instance of (1) above any Denial Of Service is likely to be transitory because as soon as the connection fails the memory is subsequently freed again in the SSL_free() call. However there is an increased risk during this period of application crashes due to the lack of memory - which would then mean a more serious Denial of Service.
This issue does not affect TLS users.
OpenSSL 1.1.0 DTLS users should upgrade to 1.1.0a
This issue was reported to OpenSSL on 18th September 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL development team.
Note
As per our previous announcements and our Release Strategy (https://www.openssl.org/policies/releasestrat.html), support for OpenSSL version 1.0.1 will cease on 31st December 2016. No security updates for that version will be provided after that date. Users of 1.0.1 are advised to upgrade.
Support for versions 0.9.8 and 1.0.0 ended on 31st December 2015. Those versions are no longer receiving security updates.
References
URL for this Security Advisory: https://www.openssl.org/news/secadv/20160922.txt
Note: the online version of the advisory may be updated with additional details over time.
For details of OpenSSL severity classifications please see: https://www.openssl.org/policies/secpolicy.html
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201606-0478",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "solaris",
"scope": "eq",
"trust": 2.1,
"vendor": "oracle",
"version": "10"
},
{
"model": "solaris",
"scope": "eq",
"trust": 2.1,
"vendor": "oracle",
"version": "11.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.8,
"vendor": "oracle",
"version": "5"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.8,
"vendor": "oracle",
"version": "6"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.8,
"vendor": "oracle",
"version": "7"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1q"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2a"
},
{
"model": "icewall sso agent option",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "10.0"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1m"
},
{
"model": "icewall mcrp",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "3.0"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1r"
},
{
"model": "icewall sso",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "10.0"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1p"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1o"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1n"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1s"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1l"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1t"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2"
},
{
"model": "openssl",
"scope": "lte",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.2h"
},
{
"model": "icewall mcrp",
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": "icewall sso",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "certd"
},
{
"model": "icewall sso",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "dfw"
},
{
"model": "icewall sso agent option",
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": "capssuite",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v3.0 to v4.0"
},
{
"model": "enterpriseidentitymanager",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "esmpro/serveragentservice",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "(linux edition )"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "sg3600 all series"
},
{
"model": "ix1000 series",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "ix2000 series",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "ix3000 series",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "secureware/pki application development kit",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "ver3.2"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "enterprise v8.2 to v9.4"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "express v8.2 to v9.4"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "foundation v8.2 to v8.5"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "standard v8.2 to v9.4"
},
{
"model": "webotx enterprise service bus",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v8.2 to v8.5"
},
{
"model": "webotx portal",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v8.2 to v9.1"
},
{
"model": "cosminexus application server enterprise",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 6"
},
{
"model": "cosminexus application server standard",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 6"
},
{
"model": "cosminexus application server version 5",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus developer light version 6",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus developer professional version 6",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus developer standard version 6",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus developer version 5",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus http server",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus primary server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "base version 6"
},
{
"model": "cosminexus primary server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 6"
},
{
"model": "web server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "none"
},
{
"model": "web server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "- security enhancement"
},
{
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "none"
},
{
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "-r"
},
{
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "express"
},
{
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "standard-r"
},
{
"model": "ucosminexus application server enterprise",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server smart edition",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server standard",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "01"
},
{
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "professional"
},
{
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "professional for plug-in"
},
{
"model": "ucosminexus developer light",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus developer standard",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus primary server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "base"
},
{
"model": "ucosminexus service architect",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus service platform",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "none"
},
{
"model": "ucosminexus service platform",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "- messaging"
},
{
"model": "stealthwatch udp director",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "0"
},
{
"model": "content security management appliance",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "0"
},
{
"model": "cloud web security",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "0"
},
{
"model": "paging server",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "0"
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "0"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.10"
},
{
"model": "webex centers t32",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "sterling connect:express for unix ifix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.13150-13"
},
{
"model": "clean access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified contact center enterprise live data server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "nexus series blade switches 4.1 e1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4000"
},
{
"model": "api management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.9"
},
{
"model": "telepresence content server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "proactive network operations center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.5"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "69010"
},
{
"model": "anyconnect secure mobility client for linux",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.7"
},
{
"model": "ucs central software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance media server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.13"
},
{
"model": "stealthwatch management console",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 1.0.1e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "tivoli provisioning manager for os deployment 5.1.fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"model": "ios and cisco ios xe software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "16.2"
},
{
"model": "anyconnect secure mobility client for android",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.7"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.5"
},
{
"model": "project openssl 1.0.2g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "jabber software development kit",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"model": "project openssl 1.0.1a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "computer telephony integration object server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified workforce optimization",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "industrial router 1.2.1rb4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "910"
},
{
"model": "nexus intercloud for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1000v0"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6"
},
{
"model": "powerkvm",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.14"
},
{
"model": "ip interoperability and collaboration system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "asr series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50000"
},
{
"model": "edge digital media player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3400"
},
{
"model": "nexus series switches standalone nx-os mode",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9000-0"
},
{
"model": "unified contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network protection",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.3.1"
},
{
"model": "nexus series switches standalone nx-os mode 7.0 i5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9000-"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.11"
},
{
"model": "intelligent automation for cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "5.1.2"
},
{
"model": "nexus series switches 5.2.8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7000"
},
{
"model": "api connect",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.0.0"
},
{
"model": "anyconnect secure mobility client for desktop platforms",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.26"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"model": "smartcloud entry appliance fi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.4"
},
{
"model": "jabber guest",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime license manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance ptz ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.9"
},
{
"model": "series digital media players 5.3.6 rb3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4300"
},
{
"model": "stealthwatch flowcollector sflow",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "visual quality experience server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.11"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2.2"
},
{
"model": "jd edwards enterpriseone tools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.1.1"
},
{
"model": "video surveillance series ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "60002.9"
},
{
"model": "prime collaboration provisioning",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6"
},
{
"model": "agent for openflow",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.3"
},
{
"model": "anyconnect secure mobility client for desktop platforms",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.4"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.8"
},
{
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.4.0"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1"
},
{
"model": "ons series multiservice provisioning platforms",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.15"
},
{
"model": "telepresence sx series ce8.2.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "prime collaboration assurance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "16.10"
},
{
"model": "asa next-generation firewall services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "email security appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0.1"
},
{
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8200"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.9"
},
{
"model": "unified communications manager im \u0026 presence service (formerly c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ios and cisco ios xe software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "16.3"
},
{
"model": "webex meetings for blackberry",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.5"
},
{
"model": "bigfix platform",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.2"
},
{
"model": "lancope stealthwatch flowcollector sflow",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 1.0.1g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "prime lan management solution",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security virtual server protection for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.1"
},
{
"model": "firesight system software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.0.1.3"
},
{
"model": "anyconnect secure mobility client for mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x4.0.7"
},
{
"model": "common services platform collector",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.11"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"model": "partner support service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "media services interface",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus intercloud",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1000v0"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.9"
},
{
"model": "project openssl 1.0.1i",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "5.1.3"
},
{
"model": "prime collaboration assurance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6"
},
{
"model": "jabber for iphone and ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0"
},
{
"model": "email gateway 7.6.2h968406",
"scope": null,
"trust": 0.3,
"vendor": "mcafee",
"version": null
},
{
"model": "unified attendant console advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "common services platform collector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "anyconnect secure mobility client for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence mx series ce8.2.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "spectrum control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.8"
},
{
"model": "webex meetings client on-premises",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "project openssl 1.0.1s",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "unified wireless ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified intelligence center",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6(1)"
},
{
"model": "services provisioning platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ucs b-series blade servers",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1.3"
},
{
"model": "nac appliance clean access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.6"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10000"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "tivoli provisioning manager for os deployment build",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.20290.1"
},
{
"model": "jabber for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "asa next-generation firewall services",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1.2"
},
{
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.0.0"
},
{
"model": "unified sip proxy",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.405"
},
{
"model": "unified attendant console premium edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "api gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1.2.4.0"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.5"
},
{
"model": "services provisioning platform sfp1.1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "small business spa300 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "configuration professional",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.8"
},
{
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mysql workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.1.5"
},
{
"model": "video surveillance series high-definition ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40000"
},
{
"model": "jabber for android",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"model": "anyconnect secure mobility client for desktop platforms",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3.4"
},
{
"model": "series digital media players 5.3.6 rb3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4400"
},
{
"model": "video surveillance series ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30002.9"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.20"
},
{
"model": "project openssl 1.0.1r",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "mysql workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.3.8"
},
{
"model": "cognos metrics manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"model": "stealthwatch identity",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "aironet series access points",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "270016.2"
},
{
"model": "application policy infrastructure controller",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2(1)"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.2"
},
{
"model": "aironet series access points",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "270016.1"
},
{
"model": "unified workforce optimization quality management solution 11.5 su1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "show and share",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence system ex series tc7.3.7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "universal small cell iuh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.2"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.5"
},
{
"model": "tivoli provisioning manager for images",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.19"
},
{
"model": "ucs director",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tivoli provisioning manager for images build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.20280.6"
},
{
"model": "jabber client framework components",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"model": "telepresence isdn link",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence profile series tc7.3.7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings client on-premises t32",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "dcm series d9900 digital content manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70006.2.19"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.5.1"
},
{
"model": "unified attendant console business edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "5.3.1"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "bigfix platform",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"model": "tealeaf customer experience",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "aironet series access points",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "270016.4"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.54"
},
{
"model": "bigfix remote control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.2"
},
{
"model": "powerkvm",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "enterprise manager ops center",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1.4"
},
{
"model": "mds series multilayer switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"model": "prime network services controller 1.01u",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "oss support tools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.9.15.9.8"
},
{
"model": "firesight system software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.4.0.10"
},
{
"model": "worklight consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.0"
},
{
"model": "universal small cell series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50000"
},
{
"model": "nexus series switches 5.2 sv3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1000v"
},
{
"model": "telepresence system tx1310",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified communications domain manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence server on multiparty media and",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3103204.4"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.4"
},
{
"model": "tivoli provisioning manager for os deployment build",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1051.08"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.10"
},
{
"model": "project openssl 1.0.2h",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "nac guest server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "enterprise content delivery system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.11"
},
{
"model": "anyconnect secure mobility client for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.1"
},
{
"model": "telepresence system ex series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime collaboration deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex business suite",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "dx series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "communications network charging and control",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.1.0"
},
{
"model": "ios and cisco ios xe software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "15.5(3)"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.18"
},
{
"model": "anyconnect secure mobility client for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus series blade switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40000"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.11"
},
{
"model": "telepresence system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "500-376.1"
},
{
"model": "jabber for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"model": "telepresence profile series ce8.2.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "enterprise manager base platform",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "13.1.0.0"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.10"
},
{
"model": "ace30 application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.28"
},
{
"model": "edge digital media player 1.6rb5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "300"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.12"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "69450"
},
{
"model": "telepresence isdn gateway mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83210"
},
{
"model": "wireless lan controller",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.4"
},
{
"model": "jabber software development kit",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "uc integration for microsoft lync",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6.3"
},
{
"model": "unified contact center enterprise",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6.1"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.404"
},
{
"model": "telepresence system tx1310",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1"
},
{
"model": "spa112 2-port phone adapter",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.4.2"
},
{
"model": "tivoli provisioning manager for os deployment build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.151.05"
},
{
"model": "connected grid routers",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.3"
},
{
"model": "transportation management",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.4.1.2"
},
{
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3"
},
{
"model": "enterprise manager base platform",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.33"
},
{
"model": "telepresence mx series tc7.3.7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ip interoperability and collaboration system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0(1)"
},
{
"model": "project openssl 1.0.1c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "spa122 analog telephone adapter with router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "universal small cell series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "50003.5.12.23"
},
{
"model": "universal small cell series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50003.4.2.0"
},
{
"model": "connected grid routers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "uc integration for microsoft lync",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0.1"
},
{
"model": "project openssl 1.0.1f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.401"
},
{
"model": "project openssl 1.0.2a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.8"
},
{
"model": "bigfix remote control",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.3"
},
{
"model": "unity express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.7"
},
{
"model": "project openssl 1.0.2f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.21"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "13000"
},
{
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.0"
},
{
"model": "tivoli provisioning manager for images",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.0"
},
{
"model": "tandberg codian isdn gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "email gateway 7.6.405h1165239",
"scope": null,
"trust": 0.3,
"vendor": "mcafee",
"version": null
},
{
"model": "jabber guest",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.9"
},
{
"model": "business intelligence enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1.1.9.0"
},
{
"model": "digital media manager 5.3.6 rb3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "storediq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6"
},
{
"model": "series digital media players",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44000"
},
{
"model": "ata series analog terminal adaptors",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1901.3"
},
{
"model": "webex meetings server ssl gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "integrated management module for bladecenter yuoo",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "prime network services controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ata series analog terminal adaptors",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1900"
},
{
"model": "asr series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "500021.2"
},
{
"model": "ironport email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500-37"
},
{
"model": "ons series multiservice provisioning platforms",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1545410.7"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.12"
},
{
"model": "telepresence system series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "cognos metrics manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"model": "broadband access center telco and wireless",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.19"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2.3"
},
{
"model": "worklight consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.2"
},
{
"model": "hosted collaboration mediation fulfillment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified communications manager session management edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.19"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.0"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.2"
},
{
"model": "security guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.2"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.25"
},
{
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.0"
},
{
"model": "webex meetings server multimedia platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "unified ip conference phone 10.3.1sr4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8831"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.7"
},
{
"model": "prime network registrar",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.3.5"
},
{
"model": "project openssl 1.0.2d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "series stackable managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1000"
},
{
"model": "prime access registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "onepk all-in-one vm",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified intelligent contact management enterprise",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6.1"
},
{
"model": "stealthwatch flowcollector netflow",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.3.2"
},
{
"model": "ucs manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "communications network charging and control",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.0.2"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "5.3.2"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.11"
},
{
"model": "prime optical",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "communications network charging and control",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.0.1"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "network analysis module",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2(2)"
},
{
"model": "series stackable",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"model": "video surveillance 4300e and 4500e high-definition ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified attendant console department edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "16.04"
},
{
"model": "ip series phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "78000"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "27000"
},
{
"model": "onepk all-in-one virtual machine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "industrial router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9100"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.1"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "unified intelligence center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "video distribution suite for internet streaming",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "13006.1"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.7.1"
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.116"
},
{
"model": "cloupia unified infrastructure controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50000"
},
{
"model": "telepresence system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11006.1"
},
{
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.20"
},
{
"model": "packaged contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "agent desktop for cisco unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.0"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"model": "adaptive security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.2"
},
{
"model": "telepresence sx series tc7.3.7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "tealeaf customer experience",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "cognos metrics manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.5"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "project openssl 1.0.1n",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "nac appliance clean access server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "project openssl 1.0.1o",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"model": "firesight system software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1.0.1"
},
{
"model": "webex meetings for windows phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "80"
},
{
"model": "spa232d multi-line dect analog telephone adapter",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime optical for service providers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smart care",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network protection",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.11"
},
{
"model": "edge digital media player 1.2rb1.0.3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "340"
},
{
"model": "universal small cell cloudbase factory recovery root filesystem",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.99.4"
},
{
"model": "network performance analysis",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "60006.2.19"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.55"
},
{
"model": "unified ip conference phone for third-party call control",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "project openssl 1.0.2e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "5.1"
},
{
"model": "webex meetings for windows phone",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "82.8"
},
{
"model": "anyconnect secure mobility client",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "project openssl 1.0.1q",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "spectrum control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.10"
},
{
"model": "universal small cell cloudbase factory recovery root filesystem",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.7"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.0"
},
{
"model": "secure access control system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.8.0.32.7"
},
{
"model": "telepresence integrator c series ce8.2.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5"
},
{
"model": "agent desktop",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "tivoli provisioning manager for os deployment intirim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.133"
},
{
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.3"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2"
},
{
"model": "webex meetings client hosted",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.13"
},
{
"model": "content security management appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1.140"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.8"
},
{
"model": "security virtual server protection for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"model": "nexus series switches 5.2.8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6000"
},
{
"model": "intrusion prevention system solutions",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified ip conference phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2.1"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.14"
},
{
"model": "smartcloud entry appliance fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.4"
},
{
"model": "jabber client framework components",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime ip express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified sip proxy software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.4"
},
{
"model": "telepresence system tx9000",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"model": "mysql workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.1.4"
},
{
"model": "security manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jabber for mac",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"model": "netflow generation appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.403"
},
{
"model": "unified sip proxy software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mysql enterprise monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.1.4.7895"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "99510"
},
{
"model": "mobility services engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "openssh for gpfs",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89450"
},
{
"model": "telepresence supervisor mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "80500"
},
{
"model": "tivoli provisioning manager for os deployment build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.20280.6"
},
{
"model": "telepresence server and mse",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "701087104.4"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.10"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.6"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.12"
},
{
"model": "ucs series and series fabric interconnects",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "620063000"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2.2"
},
{
"model": "webex meeting center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.11"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.4"
},
{
"model": "lotus protector for mail security",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.8.3.0"
},
{
"model": "netflow generation appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.1(1)"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.13"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.6"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.5.2"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2.2"
},
{
"model": "enterprise content management system monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.71"
},
{
"model": "application networking manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "socialminer",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "powerkvm update",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.1.3-6513"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.28"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "spa112 2-port phone adapter",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance series high-definition ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "40002.9"
},
{
"model": "intracer",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.29"
},
{
"model": "tivoli provisioning manager for os deployment build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1051.07"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.3"
},
{
"model": "spa51x ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jabber for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "oss support tools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.8.15.7.15"
},
{
"model": "transportation management",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.1"
},
{
"model": "communications network charging and control",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.2.0"
},
{
"model": "business intelligence enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.2.1.3.0"
},
{
"model": "prime infrastructure",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "telepresence video communication server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance 4300e and 4500e high-definition ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.9"
},
{
"model": "powerkvm update",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.23"
},
{
"model": "computer telephony integration object server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6.1"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11000"
},
{
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "7"
},
{
"model": "telepresence sx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence server on multiparty media and",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3103200"
},
{
"model": "small business series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3000"
},
{
"model": "enterprise content management system monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.24"
},
{
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "14.04"
},
{
"model": "content security appliance update servers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified attendant console",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"model": "videoscape anyres live",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9.7.2"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "99710"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.6"
},
{
"model": "security guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.0.2"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.4"
},
{
"model": "firesight system software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.4.1.9"
},
{
"model": "universal small cell iuh",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.17.3"
},
{
"model": "ata analog telephone adaptor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1870"
},
{
"model": "solaris sru11.6",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "11.3"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1.1"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.2"
},
{
"model": "project openssl 1.0.1m",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "ios and cisco ios xe software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "16.4"
},
{
"model": "telepresence system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "500-326.1"
},
{
"model": "unity express",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10"
},
{
"model": "expressway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "virtualization experience media edition",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"model": "vm virtualbox",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "5.1.8"
},
{
"model": "small business series managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3000"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.3.1"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.6"
},
{
"model": "telepresence system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10006.1"
},
{
"model": "telepresence isdn gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32410"
},
{
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "edge digital media player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3000"
},
{
"model": "series smart plus switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2200"
},
{
"model": "enterprise manager ops center",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.2.2"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"model": "smartcloud entry appliance fi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.0.4"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1000v0"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.5.1"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.6"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "virtual security gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mysql enterprise monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.4.1102"
},
{
"model": "access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.4.3.0"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.5"
},
{
"model": "telepresence tx9000 series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smartcloud entry appliance fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.4"
},
{
"model": "project openssl 1.0.1j",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "series digital media players",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "43000"
},
{
"model": "telepresence system series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30006.1"
},
{
"model": "universal small cell series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70003.4.2.0"
},
{
"model": "unity connection",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.4"
},
{
"model": "one portal",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.13"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.12"
},
{
"model": "ucs b-series blade servers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"model": "unified attendant console standard",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ucs standalone c-series rack server integrated management cont",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "security network protection",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2.5"
},
{
"model": "telepresence integrator c series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "spectrum control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.9"
},
{
"model": "project openssl 1.0.1d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.32"
},
{
"model": "enterprise content delivery system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.9"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.5.1"
},
{
"model": "mds series multilayer switches 5.2.8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9000"
},
{
"model": "series digital media players 5.4.1 rb4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4300"
},
{
"model": "ucs standalone c-series rack server integrated management cont",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "-3.0"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "5.1.1"
},
{
"model": "ios and cisco ios xe software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "16.1"
},
{
"model": "prime network",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence tx9000 series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1"
},
{
"model": "prime performance manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tealeaf customer experience on cloud network capture add-on",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "16.1.01"
},
{
"model": "smart net total care local collector appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "prime collaboration provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.12"
},
{
"model": "connected grid routers",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "15.8.9"
},
{
"model": "network analysis module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "integrated management module for system yuoo",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.5.2"
},
{
"model": "nexus series fabric switches aci mode",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9000-0"
},
{
"model": "prime performance manager sp1611",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.7"
},
{
"model": "worklight consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.1"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.12"
},
{
"model": "lancope stealthwatch flowcollector netflow",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.22"
},
{
"model": "unified ip phone 9.3 sr3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6901"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.23"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.16"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.10"
},
{
"model": "telepresence server and mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "701087100"
},
{
"model": "identity services engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mds series multilayer switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "90006.2.19"
},
{
"model": "aironet series access points",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "270015.5(3)"
},
{
"model": "bigfix platform",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500-32"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.30"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.4"
},
{
"model": "spectrum control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.11"
},
{
"model": "telepresence server on virtual machine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mysql enterprise monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.3.0.1098"
},
{
"model": "webex meetings for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus series switches 5.2.8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"model": "digital media manager 5.4.1 rb4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "unified workforce optimization quality management solution",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "telepresence integrator c series tc7.3.7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.3"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.13"
},
{
"model": "spa122 analog telephone adapter with router",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.4.2"
},
{
"model": "cloud object storage",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.5"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.1"
},
{
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.2"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.14"
},
{
"model": "ios xr software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.3"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.4"
},
{
"model": "unified intelligent contact management enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2.4"
},
{
"model": "application and content networking system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 1.0.1k",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "anyconnect secure mobility client for ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "business intelligence enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1.1.7.0"
},
{
"model": "ace application control engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "47100"
},
{
"model": "oss support tools",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "8.15.17.3.14"
},
{
"model": "anyconnect secure mobility client for mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x0"
},
{
"model": "business intelligence enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.2.1.2.0"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.4.1.2"
},
{
"model": "tealeaf customer experience",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.2"
},
{
"model": "project openssl 1.0.1b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "prime infrastructure plug and play standalone gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.2"
},
{
"model": "tivoli provisioning manager for images build",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.20290.1"
},
{
"model": "virtual security gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1.6"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "50006.2.19"
},
{
"model": "telepresence conductor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.3"
},
{
"model": "application policy infrastructure controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jabber for mac",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jabber for iphone and ipad",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"model": "prime network registrar",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.3"
},
{
"model": "cognos metrics manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2"
},
{
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.1"
},
{
"model": "telepresence video communication server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x8.8.3"
},
{
"model": "jabber",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "connected analytics for collaboration",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.16"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.4.1"
},
{
"model": "series digital media players 5.4.1 rb4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4400"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0"
},
{
"model": "multicast manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "aironet series access points",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "270016.3"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"model": "anyconnect secure mobility client for ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.7"
},
{
"model": "secure access control system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.8.0.32.8"
},
{
"model": "webex node for mcs",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence mcu",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5(1.89)"
},
{
"model": "management appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "anyconnect secure mobility client for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.7"
},
{
"model": "videoscape anyres live",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance ptz ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video distribution suite for internet streaming",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.003(002)"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.31"
},
{
"model": "telepresence serial gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence server on multiparty media",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8204.4"
},
{
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "sterling connect:direct for hp nonstop",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.6"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.3"
},
{
"model": "project openssl 1.0.2c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "virtual security gateway for microsoft hyper-v",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.13"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.400"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89610"
},
{
"model": "expressway series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x8.8.3"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.3"
},
{
"model": "prime network",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "431"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500-320"
},
{
"model": "unified attendant console enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "small business spa500 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.26"
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"model": "network analysis module 6.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "telepresence system ex series ce8.2.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "prime data center network manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mxe series media experience engines",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "35000"
},
{
"model": "project openssl 1.0.2b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "universal small cell cloudbase factory recovery root filesystem",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.17.3"
},
{
"model": "videoscape control suite",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1100"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tandberg codian mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83200"
},
{
"model": "ip series phones vpn feature",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8800-0"
},
{
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.3.0"
},
{
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.0"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.9"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.3"
},
{
"model": "emergency responder",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.27"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.17"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.18"
},
{
"model": "enterprise manager base platform",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "13.2.0.0"
},
{
"model": "tealeaf customer experience",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"model": "email gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.406-3402.103"
},
{
"model": "unified meetingplace 8.6mr1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "telepresence mx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tapi service provider",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance series ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70002.9"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500-370"
},
{
"model": "spa525g 5-line ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence profile series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "secure access control system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.22"
},
{
"model": "unified ip conference phone for third-party call control 9.3 sr3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8831"
},
{
"model": "unified ip series phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "79000"
},
{
"model": "spa232d multi-line dect analog telephone adapter",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.4.2"
},
{
"model": "nexus series fabric switches aci mode",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9000-0"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.6"
},
{
"model": "visual quality experience tools server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "virtualization experience media edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "enterprise manager ops center",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.3.2"
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "email gateway 7.6.405h1157986",
"scope": null,
"trust": 0.3,
"vendor": "mcafee",
"version": null
},
{
"model": "project openssl 1.0.1l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.7"
},
{
"model": "registered envelope service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "universal small cell series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70003.5.12.23"
},
{
"model": "firesight system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "physical access gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smartcloud entry appliance fi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.0.4"
},
{
"model": "webex meetings client hosted t32",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.15"
},
{
"model": "unified meetingplace",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security virtual server protection for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1"
},
{
"model": "unified contact center express",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6"
},
{
"model": "webex meetings server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.1.30"
},
{
"model": "tivoli provisioning manager for images system edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x7.1.1.0"
},
{
"model": "communications network charging and control",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.4.1.5.0"
},
{
"model": "project openssl 1.0.1h",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.402"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "5.3.0"
},
{
"model": "project openssl 1.0.1p",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "91319"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003304"
},
{
"db": "NVD",
"id": "CVE-2016-2177"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:hp:icewall_sso:10.0:*:*:*:certd:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hp:icewall_mcrp:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hp:icewall_sso:10.0:*:*:*:dfw:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hp:icewall_sso_agent_option:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1m:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1j:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1h:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1r:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2g:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2h:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1t:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1p:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1k:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1n:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1q:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1l:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1o:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1i:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:oracle:linux:5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-2177"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "140717"
},
{
"db": "PACKETSTORM",
"id": "143176"
},
{
"db": "PACKETSTORM",
"id": "143181"
},
{
"db": "PACKETSTORM",
"id": "140182"
}
],
"trust": 0.4
},
"cve": "CVE-2016-2177",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2016-2177",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2016-2177",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-2177",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2016-2177",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-2177"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003304"
},
{
"db": "NVD",
"id": "CVE-2016-2177"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap-buffer boundary checks, which might allow remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact by leveraging unexpected malloc behavior, related to s3_srvr.c, ssl_sess.c, and t1_lib.c. Supplementary information : CWE Vulnerability type by CWE-190: Integer Overflow or Wraparound ( Integer overflow or wraparound ) Has been identified. OpenSSL is prone to an integer-overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it into an insufficiently sized buffer. \nAn attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions. \nOpenSSL 1.0.2h and prior versions are vulnerable. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Release on RHEL 7\nAdvisory ID: RHSA-2017:0194-01\nProduct: Red Hat JBoss Core Services\nAdvisory URL: https://access.redhat.com/errata/RHSA-2017:0194\nIssue date: 2017-01-25\nCVE Names: CVE-2016-2108 CVE-2016-2177 CVE-2016-2178 \n CVE-2016-4459 CVE-2016-6808 CVE-2016-8612 \n=====================================================================\n\n1. Summary:\n\nAn update is now available for JBoss Core Services on RHEL 7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat JBoss Core Services on RHEL 7 Server - noarch, ppc64, x86_64\n\n3. Description:\n\nThis release adds the new Apache HTTP Server 2.4.23 packages that are part\nof the JBoss Core Services offering. \n\nThis release serves as a replacement for Red Hat JBoss Core Services Pack\nApache Server 2.4.6 and includes bug fixes and enhancements. Refer to the\nRelease Notes for information on the most significant bug fixes and\nenhancements included in this release. \n(CVE-2016-2108)\n\n* It was found that the length checks prior to writing to the target buffer\nfor creating a virtual host mapping rule did not take account of the length\nof the virtual host name, creating the potential for a buffer overflow. \n(CVE-2016-2178)\n\n* Multiple integer overflow flaws were found in the way OpenSSL performed\npointer arithmetic. A remote attacker could possibly use these flaws to\ncause a TLS/SSL server or client using OpenSSL to crash. (CVE-2016-2177)\n\n* It was discovered that specifying configuration with a JVMRoute path\nlonger than 80 characters will cause segmentation fault leading to a server\ncrash. (CVE-2016-4459)\n\n* An error was found in protocol parsing logic of mod_cluster load balancer\nApache HTTP Server modules. An attacker could use this flaw to cause a\nSegmentation Fault in the serving httpd process. (CVE-2016-8612)\n\nRed Hat would like to thank the OpenSSL project for reporting\nCVE-2016-2108. The CVE-2016-4459 issue was discovered by Robert Bost (Red\nHat). Upstream acknowledges Huzaifa Sidhpurwala (Red Hat), Hanno Bock, and\nDavid Benjamin (Google) as the original reporters of CVE-2016-2108. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library\nmust be restarted, or the system rebooted. After installing the updated\npackages, the httpd daemon will be restarted automatically. \n\n5. Package List:\n\nRed Hat JBoss Core Services on RHEL 7 Server:\n\nSource:\njbcs-httpd24-httpd-2.4.23-102.jbcs.el7.src.rpm\njbcs-httpd24-mod_auth_kerb-5.4-35.jbcs.el7.src.rpm\njbcs-httpd24-mod_bmx-0.9.6-14.GA.jbcs.el7.src.rpm\njbcs-httpd24-mod_cluster-native-1.3.5-13.Final_redhat_1.jbcs.el7.src.rpm\njbcs-httpd24-mod_jk-1.2.41-14.redhat_1.jbcs.el7.src.rpm\njbcs-httpd24-mod_rt-2.4.1-16.GA.jbcs.el7.src.rpm\njbcs-httpd24-mod_security-2.9.1-18.GA.jbcs.el7.src.rpm\njbcs-httpd24-nghttp2-1.12.0-9.jbcs.el7.src.rpm\njbcs-httpd24-openssl-1.0.2h-12.jbcs.el7.src.rpm\n\nnoarch:\njbcs-httpd24-httpd-manual-2.4.23-102.jbcs.el7.noarch.rpm\n\nppc64:\njbcs-httpd24-httpd-2.4.23-102.jbcs.el7.ppc64.rpm\njbcs-httpd24-httpd-debuginfo-2.4.23-102.jbcs.el7.ppc64.rpm\njbcs-httpd24-httpd-devel-2.4.23-102.jbcs.el7.ppc64.rpm\njbcs-httpd24-httpd-selinux-2.4.23-102.jbcs.el7.ppc64.rpm\njbcs-httpd24-httpd-src-zip-2.4.23-102.jbcs.el7.ppc64.rpm\njbcs-httpd24-httpd-tools-2.4.23-102.jbcs.el7.ppc64.rpm\njbcs-httpd24-httpd-zip-2.4.23-102.jbcs.el7.ppc64.rpm\njbcs-httpd24-mod_auth_kerb-5.4-35.jbcs.el7.ppc64.rpm\njbcs-httpd24-mod_auth_kerb-debuginfo-5.4-35.jbcs.el7.ppc64.rpm\njbcs-httpd24-mod_bmx-0.9.6-14.GA.jbcs.el7.ppc64.rpm\njbcs-httpd24-mod_bmx-debuginfo-0.9.6-14.GA.jbcs.el7.ppc64.rpm\njbcs-httpd24-mod_bmx-src-zip-0.9.6-14.GA.jbcs.el7.ppc64.rpm\njbcs-httpd24-mod_cluster-native-1.3.5-13.Final_redhat_1.jbcs.el7.ppc64.rpm\njbcs-httpd24-mod_cluster-native-debuginfo-1.3.5-13.Final_redhat_1.jbcs.el7.ppc64.rpm\njbcs-httpd24-mod_jk-ap24-1.2.41-14.redhat_1.jbcs.el7.ppc64.rpm\njbcs-httpd24-mod_jk-debuginfo-1.2.41-14.redhat_1.jbcs.el7.ppc64.rpm\njbcs-httpd24-mod_jk-manual-1.2.41-14.redhat_1.jbcs.el7.ppc64.rpm\njbcs-httpd24-mod_ldap-2.4.23-102.jbcs.el7.ppc64.rpm\njbcs-httpd24-mod_proxy_html-2.4.23-102.jbcs.el7.ppc64.rpm\njbcs-httpd24-mod_rt-2.4.1-16.GA.jbcs.el7.ppc64.rpm\njbcs-httpd24-mod_rt-debuginfo-2.4.1-16.GA.jbcs.el7.ppc64.rpm\njbcs-httpd24-mod_rt-src-zip-2.4.1-16.GA.jbcs.el7.ppc64.rpm\njbcs-httpd24-mod_security-2.9.1-18.GA.jbcs.el7.ppc64.rpm\njbcs-httpd24-mod_security-debuginfo-2.9.1-18.GA.jbcs.el7.ppc64.rpm\njbcs-httpd24-mod_security-src-zip-2.9.1-18.GA.jbcs.el7.ppc64.rpm\njbcs-httpd24-mod_session-2.4.23-102.jbcs.el7.ppc64.rpm\njbcs-httpd24-mod_ssl-2.4.23-102.jbcs.el7.ppc64.rpm\njbcs-httpd24-nghttp2-1.12.0-9.jbcs.el7.ppc64.rpm\njbcs-httpd24-nghttp2-debuginfo-1.12.0-9.jbcs.el7.ppc64.rpm\njbcs-httpd24-openssl-1.0.2h-12.jbcs.el7.ppc64.rpm\njbcs-httpd24-openssl-debuginfo-1.0.2h-12.jbcs.el7.ppc64.rpm\njbcs-httpd24-openssl-devel-1.0.2h-12.jbcs.el7.ppc64.rpm\njbcs-httpd24-openssl-libs-1.0.2h-12.jbcs.el7.ppc64.rpm\njbcs-httpd24-openssl-perl-1.0.2h-12.jbcs.el7.ppc64.rpm\njbcs-httpd24-openssl-static-1.0.2h-12.jbcs.el7.ppc64.rpm\n\nx86_64:\njbcs-httpd24-httpd-2.4.23-102.jbcs.el7.x86_64.rpm\njbcs-httpd24-httpd-debuginfo-2.4.23-102.jbcs.el7.x86_64.rpm\njbcs-httpd24-httpd-devel-2.4.23-102.jbcs.el7.x86_64.rpm\njbcs-httpd24-httpd-selinux-2.4.23-102.jbcs.el7.x86_64.rpm\njbcs-httpd24-httpd-src-zip-2.4.23-102.jbcs.el7.x86_64.rpm\njbcs-httpd24-httpd-tools-2.4.23-102.jbcs.el7.x86_64.rpm\njbcs-httpd24-httpd-zip-2.4.23-102.jbcs.el7.x86_64.rpm\njbcs-httpd24-mod_auth_kerb-5.4-35.jbcs.el7.x86_64.rpm\njbcs-httpd24-mod_auth_kerb-debuginfo-5.4-35.jbcs.el7.x86_64.rpm\njbcs-httpd24-mod_bmx-0.9.6-14.GA.jbcs.el7.x86_64.rpm\njbcs-httpd24-mod_bmx-debuginfo-0.9.6-14.GA.jbcs.el7.x86_64.rpm\njbcs-httpd24-mod_bmx-src-zip-0.9.6-14.GA.jbcs.el7.x86_64.rpm\njbcs-httpd24-mod_cluster-native-1.3.5-13.Final_redhat_1.jbcs.el7.x86_64.rpm\njbcs-httpd24-mod_cluster-native-debuginfo-1.3.5-13.Final_redhat_1.jbcs.el7.x86_64.rpm\njbcs-httpd24-mod_jk-ap24-1.2.41-14.redhat_1.jbcs.el7.x86_64.rpm\njbcs-httpd24-mod_jk-debuginfo-1.2.41-14.redhat_1.jbcs.el7.x86_64.rpm\njbcs-httpd24-mod_jk-manual-1.2.41-14.redhat_1.jbcs.el7.x86_64.rpm\njbcs-httpd24-mod_ldap-2.4.23-102.jbcs.el7.x86_64.rpm\njbcs-httpd24-mod_proxy_html-2.4.23-102.jbcs.el7.x86_64.rpm\njbcs-httpd24-mod_rt-2.4.1-16.GA.jbcs.el7.x86_64.rpm\njbcs-httpd24-mod_rt-debuginfo-2.4.1-16.GA.jbcs.el7.x86_64.rpm\njbcs-httpd24-mod_rt-src-zip-2.4.1-16.GA.jbcs.el7.x86_64.rpm\njbcs-httpd24-mod_security-2.9.1-18.GA.jbcs.el7.x86_64.rpm\njbcs-httpd24-mod_security-debuginfo-2.9.1-18.GA.jbcs.el7.x86_64.rpm\njbcs-httpd24-mod_security-src-zip-2.9.1-18.GA.jbcs.el7.x86_64.rpm\njbcs-httpd24-mod_session-2.4.23-102.jbcs.el7.x86_64.rpm\njbcs-httpd24-mod_ssl-2.4.23-102.jbcs.el7.x86_64.rpm\njbcs-httpd24-nghttp2-1.12.0-9.jbcs.el7.x86_64.rpm\njbcs-httpd24-nghttp2-debuginfo-1.12.0-9.jbcs.el7.x86_64.rpm\njbcs-httpd24-openssl-1.0.2h-12.jbcs.el7.x86_64.rpm\njbcs-httpd24-openssl-debuginfo-1.0.2h-12.jbcs.el7.x86_64.rpm\njbcs-httpd24-openssl-devel-1.0.2h-12.jbcs.el7.x86_64.rpm\njbcs-httpd24-openssl-libs-1.0.2h-12.jbcs.el7.x86_64.rpm\njbcs-httpd24-openssl-perl-1.0.2h-12.jbcs.el7.x86_64.rpm\njbcs-httpd24-openssl-static-1.0.2h-12.jbcs.el7.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2016-2108\nhttps://access.redhat.com/security/cve/CVE-2016-2177\nhttps://access.redhat.com/security/cve/CVE-2016-2178\nhttps://access.redhat.com/security/cve/CVE-2016-4459\nhttps://access.redhat.com/security/cve/CVE-2016-6808\nhttps://access.redhat.com/security/cve/CVE-2016-8612\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2017 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFYiQWBXlSAg2UNWIIRArWdAJwO4BE3aBxonVdBzdTUsNa+5ZKLmwCfSRUf\n2AmaztKx6GqFZTJkumoOcS8=\n=0wxz\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. Description:\n\nRed Hat JBoss Enterprise Application Platform is a platform for Java\napplications based on the JBoss Application Server. For\nfurther information, see the knowledge base article linked to in the\nReferences section. The JBoss server process must be restarted for the update\nto take effect. Solution:\n\nBefore applying this update, back up your existing Red Hat JBoss Enterprise\nApplication Platform installation and deployed applications. ==========================================================================\nUbuntu Security Notice USN-3087-2\nSeptember 23, 2016\n\nopenssl regression\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 16.04 LTS\n- Ubuntu 14.04 LTS\n- Ubuntu 12.04 LTS\n\nSummary:\n\nUSN-3087-1 introduced a regression in OpenSSL. \n\nSoftware Description:\n- openssl: Secure Socket Layer (SSL) cryptographic library and tools\n\nDetails:\n\nUSN-3087-1 fixed vulnerabilities in OpenSSL. The fix for CVE-2016-2182 was\nincomplete and caused a regression when parsing certificates. This update\nfixes the problem. \n\nWe apologize for the inconvenience. This\n issue has only been addressed in Ubuntu 16.04 LTS in this update. (CVE-2016-2178)\n Quan Luo discovered that OpenSSL did not properly restrict the lifetime\n of queue entries in the DTLS implementation. (CVE-2016-2179)\n Shi Lei discovered that OpenSSL incorrectly handled memory in the\n TS_OBJ_print_bio() function. (CVE-2016-2180)\n It was discovered that the OpenSSL incorrectly handled the DTLS anti-replay\n feature. (CVE-2016-2181)\n Shi Lei discovered that OpenSSL incorrectly validated division results. \n (CVE-2016-2182)\n Karthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES\n ciphers were vulnerable to birthday attacks. This update moves DES from the HIGH cipher list to MEDIUM. \n (CVE-2016-2183)\n Shi Lei discovered that OpenSSL incorrectly handled certain ticket lengths. \n (CVE-2016-6302)\n Shi Lei discovered that OpenSSL incorrectly handled memory in the\n MDC2_Update() function. (CVE-2016-6303)\n Shi Lei discovered that OpenSSL incorrectly performed certain message\n length checks. (CVE-2016-6306)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 16.04 LTS:\n libssl1.0.0 1.0.2g-1ubuntu4.5\n\nUbuntu 14.04 LTS:\n libssl1.0.0 1.0.1f-1ubuntu2.21\n\nUbuntu 12.04 LTS:\n libssl1.0.0 1.0.1-4ubuntu5.38\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03763en_us\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: hpesbhf03763en_us\nVersion: 1\n\nHPESBHF03763 rev.1 - HPE Comware 7, IMC, VCX products using OpenSSL, Remote\nDenial of Service (DoS)\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2017-08-01\nLast Updated: 2017-08-01\n\nPotential Security Impact: Remote: Denial of Service (DoS)\n\nSource: Hewlett Packard Enterprise, Product Security Response Team\n\nVULNERABILITY SUMMARY\nA potential security vulnerability has been identified in Comware 7, IMC, VCX\nproducts using OpenSSL. \n\n - Comware v7 (CW7) Products See resolution section for impacted versions\n - HP Intelligent Management Center (iMC) See resolution section for\nimpacted versions\n - VCX Products 9.8.19\n\nBACKGROUND\n\n CVSS Base Metrics\n =================\n Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector\n\n CVE-2016-2177\n 7.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L\n 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)\n\n Information on CVSS is documented in\n HPE Customer Notice HPSN-2008-002 here:\n\nhttps://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499\n\nRESOLUTION\n\nHPE has provided the following software updates to resolve the vulnerability\nin Comware 7, IMC PLAT, and VCX. \n\n**Note:** The following products are impacted by this issue\n\n**COMWARE 7 Products**\n\n + **12500 (Comware 7) - Version: R7377P02**\n * HPE Branded Products Impacted\n - JC072B HP 12500 Main Processing Unit\n - JC085A HP A12518 Switch Chassis\n - JC086A HP A12508 Switch Chassis\n - JC652A HP 12508 DC Switch Chassis\n - JC653A HP 12518 DC Switch Chassis\n - JC654A HP 12504 AC Switch Chassis\n - JC655A HP 12504 DC Switch Chassis\n - JF430A HP A12518 Switch Chassis\n - JF430B HP 12518 Switch Chassis\n - JF430C HP 12518 AC Switch Chassis\n - JF431A HP A12508 Switch Chassis\n - JF431B HP 12508 Switch Chassis\n - JF431C HP 12508 AC Switch Chassis\n - JG497A HP 12500 MPU w/Comware V7 OS\n - JG782A HP FF 12508E AC Switch Chassis\n - JG783A HP FF 12508E DC Switch Chassis\n - JG784A HP FF 12518E AC Switch Chassis\n - JG785A HP FF 12518E DC Switch Chassis\n - JG802A HP FF 12500E MPU\n \n \n + **10500 (Comware 7) - Version: R7184**\n * HPE Branded Products Impacted\n - JC611A HP 10508-V Switch Chassis\n - JC612A HP 10508 Switch Chassis\n - JC613A HP 10504 Switch Chassis\n - JC748A HP 10512 Switch Chassis\n - JG608A HP FlexFabric 11908-V Switch Chassis\n - JG609A HP FlexFabric 11900 Main Processing Unit\n - JG820A HP 10504 TAA Switch Chassis\n - JG821A HP 10508 TAA Switch Chassis\n - JG822A HP 10508-V TAA Switch Chassis\n - JG823A HP 10512 TAA Switch Chassis\n - JG496A HP 10500 Type A MPU w/Comware v7 OS\n - JH198A HP 10500 Type D Main Processing Unit with Comware v7 Operating\nSystem\n - JH206A HP 10500 Type D TAA-compliant with Comware v7 Operating System\nMain Processing Unit\n \n \n + **5900/5920 (Comware 7) - Version: R2432**\n * HPE Branded Products Impacted\n - JC772A HP 5900AF-48XG-4QSFP+ Switch\n - JG296A HP 5920AF-24XG Switch\n - JG336A HP 5900AF-48XGT-4QSFP+ Switch\n - JG510A HP 5900AF-48G-4XG-2QSFP+ Switch\n - JG554A HP 5900AF-48XG-4QSFP+ TAA Switch\n - JG555A HP 5920AF-24XG TAA Switch\n - JG838A HP FF 5900CP-48XG-4QSFP+ Switch\n - JH036A HP FlexFabric 5900CP 48XG 4QSFP+ TAA-Compliant\n - JH037A HP 5900AF 48XGT 4QSFP+ TAA-Compliant Switch\n - JH038A HP 5900AF 48G 4XG 2QSFP+ TAA-Compliant\n \n \n + **MSR1000 (Comware 7) - Version: R0306P80**\n * HPE Branded Products Impacted\n - JG875A HP MSR1002-4 AC Router\n - JH060A HP MSR1003-8S AC Router\n \n \n + **MSR2000 (Comware 7) - Version: R0306P80**\n * HPE Branded Products Impacted\n - JG411A HP MSR2003 AC Router\n - JG734A HP MSR2004-24 AC Router\n - JG735A HP MSR2004-48 Router\n - JG866A HP MSR2003 TAA-compliant AC Router\n \n \n + **MSR3000 (Comware 7) - Version: R0306P80**\n * HPE Branded Products Impacted\n - JG404A HP MSR3064 Router\n - JG405A HP MSR3044 Router\n - JG406A HP MSR3024 AC Router\n - JG407A HP MSR3024 DC Router\n - JG408A HP MSR3024 PoE Router\n - JG409A HP MSR3012 AC Router\n - JG410A HP MSR3012 DC Router\n - JG861A HP MSR3024 TAA-compliant AC Router\n \n \n + **MSR4000 (Comware 7) - Version: R0306P80**\n * HPE Branded Products Impacted\n - JG402A HP MSR4080 Router Chassis\n - JG403A HP MSR4060 Router Chassis\n - JG412A HP MSR4000 MPU-100 Main Processing Unit\n - JG869A HP MSR4000 TAA-compliant MPU-100 Main Processing Unit\n \n \n + **VSR (Comware 7) - Version: E0324**\n * HPE Branded Products Impacted\n - JG810AAE HP VSR1001 Virtual Services Router 60 Day Evaluation\nSoftware\n - JG811AAE HP VSR1001 Comware 7 Virtual Services Router\n - JG812AAE HP VSR1004 Comware 7 Virtual Services Router\n - JG813AAE HP VSR1008 Comware 7 Virtual Services Router\n \n \n + **7900 (Comware 7) - Version: R2152**\n * HPE Branded Products Impacted\n - JG682A HP FlexFabric 7904 Switch Chassis\n - JG841A HP FlexFabric 7910 Switch Chassis\n - JG842A HP FlexFabric 7910 7.2Tbps Fabric / Main Processing Unit\n - JH001A HP FlexFabric 7910 2.4Tbps Fabric / Main Processing Unit\n - JH122A HP FlexFabric 7904 TAA-compliant Switch Chassis\n - JH123A HP FlexFabric 7910 TAA-compliant Switch Chassis\n - JH124A HP FlexFabric 7910 7.2Tbps TAA-compliant Fabric/Main\nProcessing Unit\n - JH125A HP FlexFabric 7910 2.4Tbps TAA-compliant Fabric/Main\nProcessing Unit\n \n \n + **5130EI (Comware 7) - Version: R3115P05**\n * HPE Branded Products Impacted\n - JG932A HP 5130-24G-4SFP+ EI Switch\n - JG933A HP 5130-24G-SFP-4SFP+ EI Switch\n - JG934A HP 5130-48G-4SFP+ EI Switch\n - JG936A HP 5130-24G-PoE+-4SFP+ (370W) EI Switch\n - JG937A HP 5130-48G-PoE+-4SFP+ (370W) EI Switch\n - JG938A HP 5130-24G-2SFP+-2XGT EI Switch\n - JG939A HP 5130-48G-2SFP+-2XGT EI Switch\n - JG940A HP 5130-24G-PoE+-2SFP+-2XGT (370W) EI Switch\n - JG941A HP 5130-48G-PoE+-2SFP+-2XGT (370W) EI Switch\n - JG975A HP 5130-24G-4SFP+ EI Brazil Switch\n - JG976A HP 5130-48G-4SFP+ EI Brazil Switch\n - JG977A HP 5130-24G-PoE+-4SFP+ (370W) EI Brazil Switch\n - JG978A HP 5130-48G-PoE+-4SFP+ (370W) EI Brazil Switch\n \n \n + **6125XLG - Version: R2432**\n * HPE Branded Products Impacted\n - 711307-B21 HP 6125XLG Blade Switch\n - 737230-B21 HP 6125XLG Blade Switch with TAA\n \n \n + **6127XLG - Version: R2432**\n * HPE Branded Products Impacted\n - 787635-B21 HP 6127XLG Blade Switch Opt Kit\n - 787635-B22 HP 6127XLG Blade Switch with TAA\n \n \n + **Moonshot - Version: R2432**\n * HPE Branded Products Impacted\n - 786617-B21 - HP Moonshot-45Gc Switch Module\n - 704654-B21 - HP Moonshot-45XGc Switch Module\n - 786619-B21 - HP Moonshot-180XGc Switch Module\n \n \n + **5700 (Comware 7) - Version: R2432**\n * HPE Branded Products Impacted\n - JG894A HP FlexFabric 5700-48G-4XG-2QSFP+ Switch\n - JG895A HP FlexFabric 5700-48G-4XG-2QSFP+ TAA-compliant Switch\n - JG896A HP FlexFabric 5700-40XG-2QSFP+ Switch\n - JG897A HP FlexFabric 5700-40XG-2QSFP+ TAA-compliant Switch\n - JG898A HP FlexFabric 5700-32XGT-8XG-2QSFP+ Switch\n - JG899A HP FlexFabric 5700-32XGT-8XG-2QSFP+ TAA-compliant Switch\n \n \n + **5930 (Comware 7) - Version: R2432**\n * HPE Branded Products Impacted\n - JG726A HP FlexFabric 5930 32QSFP+ Switch\n - JG727A HP FlexFabric 5930 32QSFP+ TAA-compliant Switch\n - JH178A HP FlexFabric 5930 2QSFP+ 2-slot Switch\n - JH179A HP FlexFabric 5930 4-slot Switch\n - JH187A HP FlexFabric 5930 2QSFP+ 2-slot TAA-compliant Switch\n - JH188A HP FlexFabric 5930 4-slot TAA-compliant Switch\n \n \n + **1950 (Comware 7) - Version: R3115P06**\n * HPE Branded Products Impacted\n - JG960A HP 1950-24G-4XG Switch\n - JG961A HP 1950-48G-2SFP+-2XGT Switch\n - JG962A HP 1950-24G-2SFP+-2XGT-PoE+(370W) Switch\n - JG963A HP 1950-48G-2SFP+-2XGT-PoE+(370W) Switch\n \n \n + **7500 (Comware 7) - Version: R7184**\n * HPE Branded Products Impacted\n - JD238C HP 7510 Switch Chassis\n - JD239C HP 7506 Switch Chassis\n - JD240C HP 7503 Switch Chassis\n - JD242C HP 7502 Switch Chassis\n - JH207A HP 7500 1.2Tbps Fabric with 2-port 40GbE QSFP+ for IRF-Only\nMain Processing Unit\n - JH208A HP 7502 Main Processing Unit\n - JH209A HP 7500 2.4Tbps Fabric with 8-port 1/10GbE SFP+ and 2-port\n40GbE QSFP+ Main Processing Unit\n \n \n + **5510HI (Comware 7) - Version: R1121P01**\n * HPE Branded Products Impacted\n - JH145A HPE 5510 24G 4SFP+ HI 1-slot Switch\n - JH146A HPE 5510 48G 4SFP+ HI 1-slot Switch\n - JH147A HPE 5510 24G PoE+ 4SFP+ HI 1-slot Switch\n - JH148A HPE 5510 48G PoE+ 4SFP+ HI 1-slot Switch\n - JH149A HPE 5510 24G SFP 4SFP+ HI 1-slot Switch\n \n \n + **5130HI (Comware 7) - Version: R1121P02**\n * HPE Branded Products Impacted\n - JH323A HPE 5130 24G 4SFP+ 1-slot HI Switch\n - JH324A HPE 5130 48G 4SFP+ 1-slot HI Switch\n - JH325A HPE 5130 24G PoE+ 4SFP+ 1-slot HI Switch\n - JH326A HPE 5130 48G PoE+ 4SFP+ 1-slot HI Switch\n \n \n + **5940 (Comware 7) - Version: R2509P02**\n * HPE Branded Products Impacted\n - JH390A HPE FlexFabric 5940 48SFP+ 6QSFP28 Switch\n - JH391A HPE FlexFabric 5940 48XGT 6QSFP28 Switch\n - JH394A HPE FlexFabric 5940 48XGT 6QSFP+ Switch\n - JH395A HPE FlexFabric 5940 48SFP+ 6QSFP+ Switch\n - JH396A HPE FlexFabric 5940 32QSFP+ Switch\n - JH397A HPE FlexFabric 5940 2-slot Switch\n - JH398A HPE FlexFabric 5940 4-slot Switch\n \n \n + **5950 (Comware 7) - Version: R6123**\n * HPE Branded Products Impacted\n - JH321A HPE FlexFabric 5950 32QSFP28 Switch\n - JH402A HPE FlexFabric 5950 48SFP28 8QSFP28 Switch\n - JH404A HPE FlexFabric 5950 4-slot Switch\n \n \n + **12900E (Comware 7) - Version: R2609**\n * HPE Branded Products Impacted\n - JG619A HP FlexFabric 12910 Switch AC Chassis\n - JG621A HP FlexFabric 12910 Main Processing Unit\n - JG632A HP FlexFabric 12916 Switch AC Chassis\n - JG634A HP FlexFabric 12916 Main Processing Unit\n - JH104A HP FlexFabric 12900E Main Processing Unit\n - JH114A HP FlexFabric 12910 TAA-compliant Main Processing Unit\n - JH263A HP FlexFabric 12904E Main Processing Unit\n - JH255A HP FlexFabric 12908E Switch Chassis\n - JH262A HP FlexFabric 12904E Switch Chassis\n - JH113A HP FlexFabric 12910 TAA-compliant Switch AC Chassis\n - JH103A HP FlexFabric 12916E Switch Chassis\n \n \n + **iNode PC 7.2 (E0410) - Version: 7.2 E0410**\n * HPE Branded Products Impacted\n - JD144A HP A-IMC User Access Management Software Module with 200-user\nLicense\n - JD147A HP IMC Endpoint Admission Defense Software Module with\n200-user License\n - JD435A HP A-IMC Endpoint Admission Defense Client Software\n - JF388A HP IMC User Authentication Management Software Module with\n200-user License\n - JF388AAE HP IMC User Authentication Management Software Module with\n200-user E-LTU\n - JF391A HP IMC Endpoint Admission Defense Software Module with\n200-user License\n - JF391AAE HP IMC Endpoint Admission Defense Software Module with\n200-user E-LTU\n - JG752AAE HP IMC User Access Manager Software Module with 50-user\nE-LTU\n - JG754AAE) HP IMC Endpoint Admission Defense Software Module with\n50-user E-LTU\n \n \n + **iMC UAM_TAM 7.2-E0409 - Version: 7.2 E0409**\n * HPE Branded Products Impacted\n - JF388A HP IMC UAM S/W MODULE W/200-USER LICENSE\n - JF388AAE HP IMC UAM S/W MODULE W/200-USER E-LTU\n - JG752AAE HP IMC UAM SW MOD W/ 50-USER E-LTU\n - JG483A HP IMC TAM S/W MODULE W/100-NODE LIC\n - JG483AAE HP IMC TAM S/W MODULE W/100-NODE E-LTU\n - JG764AAE HP IMC TAM SW MOD W/ 50-NODE E-LTU\n \n \n + **VCX - Version: 9.8.19**\n * HPE Branded Products Impacted\n - J9672A HP VCX V7205 Platform w/ DL360 G7 Srvr\n - J9668A HP VCX IPC V7005 Pltfrm w/ DL120 G6 Srvr\n - JC517A HP VCX V7205 Platform w/DL 360 G6 Server\n - JE355A HP VCX V6000 Branch Platform 9.0\n - JC516A HP VCX V7005 Platform w/DL 120 G6 Server\n - JC518A HP VCX Connect 200 Primry 120 G6 Server\n - J9669A HP VCX IPC V7310 Pltfrm w/ DL360 G7 Srvr\n - JE341A HP VCX Connect 100 Secondary\n - JE252A HP VCX Connect Primary MIM Module\n - JE253A HP VCX Connect Secondary MIM Module\n - JE254A HP VCX Branch MIM Module\n - JE355A HP VCX V6000 Branch Platform 9.0\n - JD028A HP MS30-40 RTR w/VCX + T1/FXO/FXS/Mod\n - JD023A HP MSR30-40 Router with VCX MIM Module\n - JD024A HP MSR30-16 RTR w/VCX Ent Br Com MIM\n - JD025A HP MSR30-16 RTR w/VCX + 4FXO/2FXS Mod\n - JD026A HP MSR30-16 RTR w/VCX + 8FXO/4FXS Mod\n - JD027A HP MSR30-16 RTR w/VCX + 8BRI/4FXS Mod\n - JD029A HP MSR30-16 RTR w/VCX + E1/4BRI/4FXS\n - JE340A HP VCX Connect 100 Pri Server 9.0\n - JE342A HP VCX Connect 100 Sec Server 9.0\n \n**Note:** Please contact HPE Technical Support if any assistance is needed\nacquiring the software updates. \n\nHISTORY\nVersion:1 (rev.1) - 1 August 2017 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running Hewlett Packard Enterprise (HPE) software\nproducts should be applied in accordance with the customer\u0027s patch management\npolicy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HPE Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hpe.com. \n\nReport: To report a potential security vulnerability for any HPE supported\nproduct:\n Web form: https://www.hpe.com/info/report-security-vulnerability\n Email: security-alert@hpe.com\n\nSubscribe: To initiate a subscription to receive future HPE Security Bulletin\nalerts via Email: http://www.hpe.com/support/Subscriber_Choice\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here: http://www.hpe.com/support/Security_Bulletin_Archive\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HPE General Software\nHF = HPE Hardware and Firmware\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPV = ProCurve\nST = Storage Software\nUX = HP-UX\n\nCopyright 2016 Hewlett Packard Enterprise\n\nHewlett Packard Enterprise shall not be liable for technical or editorial\nerrors or omissions contained herein. The information provided is provided\n\"as is\" without warranty of any kind. To the extent permitted by law, neither\nHP or its affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. Hewlett\nPackard Enterprise and the names of Hewlett Packard Enterprise products\nreferenced herein are trademarks of Hewlett Packard Enterprise in the United\nStates and other countries. Other product and company names mentioned herein\nmay be trademarks of their respective owners. (CVE-2016-6808)\n\n* A memory leak flaw was fixed in expat. Solution:\n\nThe References section of this erratum contains a download link (you must\nlog in to download the update). JIRA issues fixed (https://issues.jboss.org/):\n\nJBCS-50 - CVE-2012-1148 CVE-2012-0876 expat: various flaws [jbews-3.0.0]\nJBCS-95 - CVE-2014-3523 httpd: WinNT MPM denial of service\n\n6. (CVE-2016-2177)\n\nIt was discovered that OpenSSL did not properly handle Montgomery\nmultiplication, resulting in incorrect results leading to transient\nfailures. \nOpenSSL Security Advisory [22 Sep 2016]\n========================================\n\nOCSP Status Request extension unbounded memory growth (CVE-2016-6304)\n=====================================================================\n\nSeverity: High\n\nA malicious client can send an excessively large OCSP Status Request extension. \nIf that client continually requests renegotiation, sending a large OCSP Status\nRequest extension each time, then there will be unbounded memory growth on the\nserver. This will eventually lead to a Denial Of Service attack through memory\nexhaustion. Servers with a default configuration are vulnerable even if they do\nnot support OCSP. Builds using the \"no-ocsp\" build time option are not affected. \n\nServers using OpenSSL versions prior to 1.0.1g are not vulnerable in a default\nconfiguration, instead only if an application explicitly enables OCSP stapling\nsupport. \n\nOpenSSL 1.1.0 users should upgrade to 1.1.0a\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 29th August 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL\ndevelopment team. \n\nSSL_peek() hang on empty record (CVE-2016-6305)\n===============================================\n\nSeverity: Moderate\n\nOpenSSL 1.1.0 SSL/TLS will hang during a call to SSL_peek() if the peer sends an\nempty record. This could be exploited by a malicious peer in a Denial Of Service\nattack. \n\nOpenSSL 1.1.0 users should upgrade to 1.1.0a\n\nThis issue was reported to OpenSSL on 10th September 2016 by Alex Gaynor. The\nfix was developed by Matt Caswell of the OpenSSL development team. \n\nSWEET32 Mitigation (CVE-2016-2183)\n==================================\n\nSeverity: Low\n\nSWEET32 (https://sweet32.info) is an attack on older block cipher algorithms\nthat use a block size of 64 bits. In mitigation for the SWEET32 attack DES based\nciphersuites have been moved from the HIGH cipherstring group to MEDIUM in\nOpenSSL 1.0.1 and OpenSSL 1.0.2. OpenSSL 1.1.0 since release has had these\nciphersuites disabled by default. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 16th August 2016 by Karthikeyan\nBhargavan and Gaetan Leurent (INRIA). The fix was developed by Rich Salz of the\nOpenSSL development team. \n\nOOB write in MDC2_Update() (CVE-2016-6303)\n==========================================\n\nSeverity: Low\n\nAn overflow can occur in MDC2_Update() either if called directly or\nthrough the EVP_DigestUpdate() function using MDC2. If an attacker\nis able to supply very large amounts of input data after a previous\ncall to EVP_EncryptUpdate() with a partial block then a length check\ncan overflow resulting in a heap corruption. \n\nThe amount of data needed is comparable to SIZE_MAX which is impractical\non most platforms. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 11th August 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL\ndevelopment team. \n\nMalformed SHA512 ticket DoS (CVE-2016-6302)\n===========================================\n\nSeverity: Low\n\nIf a server uses SHA512 for TLS session ticket HMAC it is vulnerable to a\nDoS attack where a malformed ticket will result in an OOB read which will\nultimately crash. \n\nThe use of SHA512 in TLS session tickets is comparatively rare as it requires\na custom server callback and ticket lookup mechanism. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 19th August 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL\ndevelopment team. \n\nOOB write in BN_bn2dec() (CVE-2016-2182)\n========================================\n\nSeverity: Low\n\nThe function BN_bn2dec() does not check the return value of BN_div_word(). \nThis can cause an OOB write if an application uses this function with an\noverly large BIGNUM. This could be a problem if an overly large certificate\nor CRL is printed out from an untrusted source. TLS is not affected because\nrecord limits will reject an oversized certificate before it is parsed. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 2nd August 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL\ndevelopment team. \n\nOOB read in TS_OBJ_print_bio() (CVE-2016-2180)\n==============================================\n\nSeverity: Low\n\nThe function TS_OBJ_print_bio() misuses OBJ_obj2txt(): the return value is\nthe total length the OID text representation would use and not the amount\nof data written. This will result in OOB reads when large OIDs are presented. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 21st July 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL\ndevelopment team. \n\nPointer arithmetic undefined behaviour (CVE-2016-2177)\n======================================================\n\nSeverity: Low\n\nAvoid some undefined pointer arithmetic\n\nA common idiom in the codebase is to check limits in the following manner:\n\"p + len \u003e limit\"\n\nWhere \"p\" points to some malloc\u0027d data of SIZE bytes and\nlimit == p + SIZE\n\n\"len\" here could be from some externally supplied data (e.g. from a TLS\nmessage). \n\nThe rules of C pointer arithmetic are such that \"p + len\" is only well\ndefined where len \u003c= SIZE. Therefore the above idiom is actually\nundefined behaviour. \n\nFor example this could cause problems if some malloc implementation\nprovides an address for \"p\" such that \"p + len\" actually overflows for\nvalues of len that are too big and therefore p + len \u003c limit. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 4th May 2016 by Guido Vranken. The\nfix was developed by Matt Caswell of the OpenSSL development team. \n\nConstant time flag not preserved in DSA signing (CVE-2016-2178)\n===============================================================\n\nSeverity: Low\n\nOperations in the DSA signing algorithm should run in constant time in order to\navoid side channel attacks. A flaw in the OpenSSL DSA implementation means that\na non-constant time codepath is followed for certain operations. This has been\ndemonstrated through a cache-timing attack to be sufficient for an attacker to\nrecover the private DSA key. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 23rd May 2016 by C\u00e9sar Pereida (Aalto\nUniversity), Billy Brumley (Tampere University of Technology), and Yuval Yarom\n(The University of Adelaide and NICTA). The fix was developed by C\u00e9sar Pereida. \n\nDTLS buffered message DoS (CVE-2016-2179)\n=========================================\n\nSeverity: Low\n\nIn a DTLS connection where handshake messages are delivered out-of-order those\nmessages that OpenSSL is not yet ready to process will be buffered for later\nuse. Under certain circumstances, a flaw in the logic means that those messages\ndo not get removed from the buffer even though the handshake has been completed. \nAn attacker could force up to approx. 15 messages to remain in the buffer when\nthey are no longer required. These messages will be cleared when the DTLS\nconnection is closed. The default maximum size for a message is 100k. Therefore\nthe attacker could force an additional 1500k to be consumed per connection. By\nopening many simulataneous connections an attacker could cause a DoS attack\nthrough memory exhaustion. \n\nOpenSSL 1.0.2 DTLS users should upgrade to 1.0.2i\nOpenSSL 1.0.1 DTLS users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 22nd June 2016 by Quan Luo. The fix was\ndeveloped by Matt Caswell of the OpenSSL development team. \n\nDTLS replay protection DoS (CVE-2016-2181)\n==========================================\n\nSeverity: Low\n\nA flaw in the DTLS replay attack protection mechanism means that records that\narrive for future epochs update the replay protection \"window\" before the MAC\nfor the record has been validated. This could be exploited by an attacker by\nsending a record for the next epoch (which does not have to decrypt or have a\nvalid MAC), with a very large sequence number. This means that all subsequent\nlegitimate packets are dropped causing a denial of service for a specific\nDTLS connection. \n\nOpenSSL 1.0.2 DTLS users should upgrade to 1.0.2i\nOpenSSL 1.0.1 DTLS users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 21st November 2015 by the OCAP audit team. \nThe fix was developed by Matt Caswell of the OpenSSL development team. \n\nCertificate message OOB reads (CVE-2016-6306)\n=============================================\n\nSeverity: Low\n\nIn OpenSSL 1.0.2 and earlier some missing message length checks can result in\nOOB reads of up to 2 bytes beyond an allocated buffer. There is a theoretical\nDoS risk but this has not been observed in practice on common platforms. \n\nThe messages affected are client certificate, client certificate request and\nserver certificate. As a result the attack can only be performed against\na client or a server which enables client authentication. \n\nOpenSSL 1.1.0 is not affected. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 22nd August 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL\ndevelopment team. \n\nExcessive allocation of memory in tls_get_message_header() (CVE-2016-6307)\n==========================================================================\n\nSeverity: Low\n\nA TLS message includes 3 bytes for its length in the header for the message. \nThis would allow for messages up to 16Mb in length. Messages of this length are\nexcessive and OpenSSL includes a check to ensure that a peer is sending\nreasonably sized messages in order to avoid too much memory being consumed to\nservice a connection. A flaw in the logic of version 1.1.0 means that memory for\nthe message is allocated too early, prior to the excessive message length\ncheck. Due to way memory is allocated in OpenSSL this could mean an attacker\ncould force up to 21Mb to be allocated to service a connection. This could lead\nto a Denial of Service through memory exhaustion. However, the excessive message\nlength check still takes place, and this would cause the connection to\nimmediately fail. Assuming that the application calls SSL_free() on the failed\nconneciton in a timely manner then the 21Mb of allocated memory will then be\nimmediately freed again. Therefore the excessive memory allocation will be\ntransitory in nature. This then means that there is only a security impact if:\n\n1) The application does not call SSL_free() in a timely manner in the\nevent that the connection fails\nor\n2) The application is working in a constrained environment where there\nis very little free memory\nor\n3) The attacker initiates multiple connection attempts such that there\nare multiple connections in a state where memory has been allocated for\nthe connection; SSL_free() has not yet been called; and there is\ninsufficient memory to service the multiple requests. \n\nExcept in the instance of (1) above any Denial Of Service is likely to\nbe transitory because as soon as the connection fails the memory is\nsubsequently freed again in the SSL_free() call. However there is an\nincreased risk during this period of application crashes due to the lack\nof memory - which would then mean a more serious Denial of Service. \n\nThis issue does not affect DTLS users. \n\nOpenSSL 1.1.0 TLS users should upgrade to 1.1.0a\n\nThis issue was reported to OpenSSL on 18th September 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL\ndevelopment team. \n\nExcessive allocation of memory in dtls1_preprocess_fragment() (CVE-2016-6308)\n=============================================================================\n\nSeverity: Low\n\nThis issue is very similar to CVE-2016-6307. The underlying defect is different\nbut the security analysis and impacts are the same except that it impacts DTLS. \n\nA DTLS message includes 3 bytes for its length in the header for the message. \nThis would allow for messages up to 16Mb in length. Messages of this length are\nexcessive and OpenSSL includes a check to ensure that a peer is sending\nreasonably sized messages in order to avoid too much memory being consumed to\nservice a connection. A flaw in the logic of version 1.1.0 means that memory for\nthe message is allocated too early, prior to the excessive message length\ncheck. Due to way memory is allocated in OpenSSL this could mean an attacker\ncould force up to 21Mb to be allocated to service a connection. This could lead\nto a Denial of Service through memory exhaustion. However, the excessive message\nlength check still takes place, and this would cause the connection to\nimmediately fail. Assuming that the application calls SSL_free() on the failed\nconneciton in a timely manner then the 21Mb of allocated memory will then be\nimmediately freed again. Therefore the excessive memory allocation will be\ntransitory in nature. This then means that there is only a security impact if:\n\n1) The application does not call SSL_free() in a timely manner in the\nevent that the connection fails\nor\n2) The application is working in a constrained environment where there\nis very little free memory\nor\n3) The attacker initiates multiple connection attempts such that there\nare multiple connections in a state where memory has been allocated for\nthe connection; SSL_free() has not yet been called; and there is\ninsufficient memory to service the multiple requests. \n\nExcept in the instance of (1) above any Denial Of Service is likely to\nbe transitory because as soon as the connection fails the memory is\nsubsequently freed again in the SSL_free() call. However there is an\nincreased risk during this period of application crashes due to the lack\nof memory - which would then mean a more serious Denial of Service. \n\nThis issue does not affect TLS users. \n\nOpenSSL 1.1.0 DTLS users should upgrade to 1.1.0a\n\nThis issue was reported to OpenSSL on 18th September 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL\ndevelopment team. \n\nNote\n====\n\nAs per our previous announcements and our Release Strategy\n(https://www.openssl.org/policies/releasestrat.html), support for OpenSSL\nversion 1.0.1 will cease on 31st December 2016. No security updates for that\nversion will be provided after that date. Users of 1.0.1 are advised to\nupgrade. \n\nSupport for versions 0.9.8 and 1.0.0 ended on 31st December 2015. Those\nversions are no longer receiving security updates. \n\nReferences\n==========\n\nURL for this Security Advisory:\nhttps://www.openssl.org/news/secadv/20160922.txt\n\nNote: the online version of the advisory may be updated with additional details\nover time. \n\nFor details of OpenSSL severity classifications please see:\nhttps://www.openssl.org/policies/secpolicy.html\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-2177"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003304"
},
{
"db": "BID",
"id": "91319"
},
{
"db": "VULMON",
"id": "CVE-2016-2177"
},
{
"db": "PACKETSTORM",
"id": "140717"
},
{
"db": "PACKETSTORM",
"id": "143176"
},
{
"db": "PACKETSTORM",
"id": "143181"
},
{
"db": "PACKETSTORM",
"id": "138826"
},
{
"db": "PACKETSTORM",
"id": "143628"
},
{
"db": "PACKETSTORM",
"id": "140182"
},
{
"db": "PACKETSTORM",
"id": "140850"
},
{
"db": "PACKETSTORM",
"id": "169633"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-2177",
"trust": 3.0
},
{
"db": "ICS CERT",
"id": "ICSA-18-144-01",
"trust": 1.9
},
{
"db": "MCAFEE",
"id": "SB10165",
"trust": 1.4
},
{
"db": "BID",
"id": "91319",
"trust": 1.4
},
{
"db": "SECTRACK",
"id": "1036088",
"trust": 1.1
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2016/06/08/9",
"trust": 1.1
},
{
"db": "MCAFEE",
"id": "SB10215",
"trust": 1.1
},
{
"db": "SCHNEIDER",
"id": "SEVD-2018-144-01",
"trust": 1.1
},
{
"db": "SCHNEIDER",
"id": "SEVD-2018-137-01",
"trust": 1.1
},
{
"db": "SIEMENS",
"id": "SSA-412672",
"trust": 1.1
},
{
"db": "TENABLE",
"id": "TNS-2016-20",
"trust": 1.1
},
{
"db": "TENABLE",
"id": "TNS-2016-21",
"trust": 1.1
},
{
"db": "TENABLE",
"id": "TNS-2016-16",
"trust": 1.1
},
{
"db": "JUNIPER",
"id": "JSA10759",
"trust": 1.1
},
{
"db": "PULSESECURE",
"id": "SA40312",
"trust": 1.1
},
{
"db": "JVN",
"id": "JVNVU98667810",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003304",
"trust": 0.8
},
{
"db": "VULMON",
"id": "CVE-2016-2177",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "140717",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "143176",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "143181",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "138826",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "143628",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "140182",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "140850",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169633",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-2177"
},
{
"db": "BID",
"id": "91319"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003304"
},
{
"db": "PACKETSTORM",
"id": "140717"
},
{
"db": "PACKETSTORM",
"id": "143176"
},
{
"db": "PACKETSTORM",
"id": "143181"
},
{
"db": "PACKETSTORM",
"id": "138826"
},
{
"db": "PACKETSTORM",
"id": "143628"
},
{
"db": "PACKETSTORM",
"id": "140182"
},
{
"db": "PACKETSTORM",
"id": "140850"
},
{
"db": "PACKETSTORM",
"id": "169633"
},
{
"db": "NVD",
"id": "CVE-2016-2177"
}
]
},
"id": "VAR-201606-0478",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.4102494200000001
},
"last_update_date": "2024-07-22T21:45:06.283000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20160927-openssl",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160927-openssl"
},
{
"title": "hitachi-sec-2017-103",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/prod/comp/soft1/global/security/info/vuls/hitachi-sec-2017-103/index.html"
},
{
"title": "HPSBGN03658",
"trust": 0.8,
"url": "https://h20565.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05302448"
},
{
"title": "1995039",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039"
},
{
"title": "SB10165",
"trust": 0.8,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10165"
},
{
"title": "NV17-001",
"trust": 0.8,
"url": "http://jpn.nec.com/security-info/secinfo/nv17-001.html"
},
{
"title": "OpenSSL 1.0.1 Series Release Notes",
"trust": 0.8,
"url": "https://www.openssl.org/news/openssl-1.0.1-notes.html"
},
{
"title": "OpenSSL 1.0.2 Series Release Notes",
"trust": 0.8,
"url": "https://www.openssl.org/news/openssl-1.0.2-notes.html"
},
{
"title": "Avoid some undefined pointer arithmetic",
"trust": 0.8,
"url": "https://git.openssl.org/?p=openssl.git;a=commit;h=a004e72b95835136d3f1ea90517f706c24c03da7"
},
{
"title": "Oracle Critical Patch Update Advisory - October 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"title": "Oracle Linux Bulletin - October 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html"
},
{
"title": "Oracle Solaris Third Party Bulletin - April 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"title": "Oracle VM Server for x86 Bulletin - October 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html"
},
{
"title": "Bug 1341705",
"trust": 0.8,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1341705"
},
{
"title": "SA40312",
"trust": 0.8,
"url": "https://kb.pulsesecure.net/articles/pulse_security_advisories/sa40312"
},
{
"title": "SA132",
"trust": 0.8,
"url": "https://bto.bluecoat.com/security-advisory/sa132"
},
{
"title": "JSA10759",
"trust": 0.8,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10759"
},
{
"title": "Splunk Enterprise 6.4.5 addresses multiple vulnerabilities",
"trust": 0.8,
"url": "http://www.splunk.com/view/sp-caaapue"
},
{
"title": "Splunk Enterprise 6.5.1 addresses multiple OpenSSL vulnerabilities",
"trust": 0.8,
"url": "http://www.splunk.com/view/sp-caaapsv"
},
{
"title": "TNS-2016-16",
"trust": 0.8,
"url": "https://www.tenable.com/security/tns-2016-16"
},
{
"title": "HS16-023",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/prod/comp/soft1/security/info/vuls/hs16-023/index.html"
},
{
"title": "hitachi-sec-2017-103",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/prod/comp/soft1/security/info/vuls/hitachi-sec-2017-103/index.html"
},
{
"title": "Red Hat: Important: Red Hat JBoss Enterprise Application Platform 6.4.16 natives update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20171659 - security advisory"
},
{
"title": "Red Hat: Important: Red Hat JBoss Enterprise Application Platform 6.4.16 natives update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20171658 - security advisory"
},
{
"title": "Red Hat: Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Release on RHEL 7",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20170194 - security advisory"
},
{
"title": "Red Hat: Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Release on RHEL 6",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20170193 - security advisory"
},
{
"title": "Red Hat: Important: openssl security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20161940 - security advisory"
},
{
"title": "Red Hat: CVE-2016-2177",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2016-2177"
},
{
"title": "Arch Linux Issues: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=cve-2016-2177"
},
{
"title": "Ubuntu Security Notice: openssl vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3181-1"
},
{
"title": "Ubuntu Security Notice: openssl vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3087-1"
},
{
"title": "Ubuntu Security Notice: openssl regression",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3087-2"
},
{
"title": "Amazon Linux AMI: ALAS-2016-755",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2016-755"
},
{
"title": "Arch Linux Advisories: [ASA-201609-23] openssl: multiple issues",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=asa-201609-23"
},
{
"title": "Arch Linux Advisories: [ASA-201609-24] lib32-openssl: multiple issues",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=asa-201609-24"
},
{
"title": "Red Hat: Important: Red Hat JBoss Core Services Apache HTTP 2.4.23 Release",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20162957 - security advisory"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - January 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=69e9536e77203a3c76b24dd89f4f9300"
},
{
"title": "Tenable Security Advisories: [R7] Nessus 6.9 Fixes Multiple Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=tns-2016-16"
},
{
"title": "Symantec Security Advisories: SA132 : OpenSSL Vulnerabilities 22-Sep-2016 and 26-Sep-2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=1e6dcaf5dac6ef96a7d917a8c1393040"
},
{
"title": "Cisco: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: September 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20160927-openssl"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=05aabe19d38058b7814ef5514aab4c0c"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - July 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=ac5af5dd99788925425f5747ec672707"
},
{
"title": "Tenable Security Advisories: [R3] PVS 5.2.0 Fixes Multiple Third-party Library Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=tns-2016-20"
},
{
"title": "Tenable Security Advisories: [R2] LCE 4.8.2 Fixes Multiple Third-party Library Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=tns-2016-21"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - July 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=2f446a7e1ea263c0c3a365776c6713f2"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - April 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=a31bff03e9909229fd67996884614fdf"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - April 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=976a4da35d55283870dbb31b88a6c655"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - January 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=e2a7f287e9acc8c64ab3df71130bc64d"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - July 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=586e6062440cdd312211d748e028164e"
},
{
"title": "Oracle VM Server for x86 Bulletins: Oracle VM Server for x86 Bulletin - October 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_vm_server_for_x86_bulletins\u0026qid=21c0efa2643d707e2f50a501209eb75c"
},
{
"title": "Oracle Linux Bulletins: Oracle Linux Bulletin - October 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=13f3551b67d913fba90df4b2c0dae0bf"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - April 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=4019ca77f50c7a34e4d97833e6f3321e"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - April 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=143b3fb255063c81571469eaa3cf0a87"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=523d3f220a64ff01dd95e064bd37566a"
},
{
"title": "CVE Scanning of Alpine base images using Multi Stage builds in Docker 17.05\nSummary",
"trust": 0.1,
"url": "https://github.com/tomwillfixit/alpine-cvecheck "
},
{
"title": "hackerone-publicy-disclosed",
"trust": 0.1,
"url": "https://github.com/imhunterand/hackerone-publicy-disclosed "
},
{
"title": "OpenSSL-CVE-lib",
"trust": 0.1,
"url": "https://github.com/chnzzh/openssl-cve-lib "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-2177"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003304"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-190",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-003304"
},
{
"db": "NVD",
"id": "CVE-2016-2177"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.4,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"trust": 1.4,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10165"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039"
},
{
"trust": 1.4,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"trust": 1.4,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160927-openssl"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2017:1658"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2017:0194"
},
{
"trust": 1.2,
"url": "http://rhn.redhat.com/errata/rhsa-2017-1659.html"
},
{
"trust": 1.2,
"url": "http://rhn.redhat.com/errata/rhsa-2016-2957.html"
},
{
"trust": 1.2,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-144-01"
},
{
"trust": 1.2,
"url": "http://www.ubuntu.com/usn/usn-3181-1"
},
{
"trust": 1.2,
"url": "http://www.ubuntu.com/usn/usn-3087-2"
},
{
"trust": 1.2,
"url": "http://www.ubuntu.com/usn/usn-3087-1"
},
{
"trust": 1.1,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1341705"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05302448"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/91319"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1036088"
},
{
"trust": 1.1,
"url": "http://www.splunk.com/view/sp-caaapue"
},
{
"trust": 1.1,
"url": "http://www.splunk.com/view/sp-caaapsv"
},
{
"trust": 1.1,
"url": "https://security.gentoo.org/glsa/201612-16"
},
{
"trust": 1.1,
"url": "https://kb.pulsesecure.net/articles/pulse_security_advisories/sa40312"
},
{
"trust": 1.1,
"url": "https://bto.bluecoat.com/security-advisory/sa132"
},
{
"trust": 1.1,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10759"
},
{
"trust": 1.1,
"url": "https://www.tenable.com/security/tns-2016-16"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03763en_us"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"trust": 1.1,
"url": "https://www.tenable.com/security/tns-2016-21"
},
{
"trust": 1.1,
"url": "https://www.tenable.com/security/tns-2016-20"
},
{
"trust": 1.1,
"url": "https://security.freebsd.org/advisories/freebsd-sa-16:26.openssl.asc"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2017:0193"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2016-1940.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"trust": 1.1,
"url": "https://www.schneider-electric.com/en/download/document/sevd-2018-144-01/"
},
{
"trust": 1.1,
"url": "https://www.schneider-electric.com/en/download/document/sevd-2018-137-01/"
},
{
"trust": 1.1,
"url": "https://www.citect.schneider-electric.com/safety-and-security-central/36-security-notifications/9134-vulnerabilities-within-schneider-electric-floating-license-manager"
},
{
"trust": 1.1,
"url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03856en_us"
},
{
"trust": 1.1,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10215"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00005.html"
},
{
"trust": 1.1,
"url": "https://support.f5.com/csp/article/k23873366"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2016/dsa-3673"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/archive/1/540957/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00024.html"
},
{
"trust": 1.1,
"url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en\u0026docid=emr_na-hpesbhf03856en_us"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00010.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00029.html"
},
{
"trust": 1.1,
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1749-security-advisory-24"
},
{
"trust": 1.1,
"url": "http://www.openwall.com/lists/oss-security/2016/06/08/9"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00012.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00032.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00023.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00011.html"
},
{
"trust": 1.1,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170322-01-openssl-en"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00031.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00011.html"
},
{
"trust": 1.1,
"url": "http://seclists.org/fulldisclosure/2017/jul/31"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-c05302448"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00022.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/540957/100/0/threaded"
},
{
"trust": 1.1,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
},
{
"trust": 1.1,
"url": "https://git.openssl.org/?p=openssl.git%3ba=commit%3bh=a004e72b95835136d3f1ea90517f706c24c03da7"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2177"
},
{
"trust": 0.8,
"url": "https://www.us-cert.gov/ics/advisories/icsa-18-144-01"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu98667810/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-2177"
},
{
"trust": 0.8,
"url": "http://www.bizmobile.co.jp/news_02.php?id=4069\u0026nc=1"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2177"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2178"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2016-2177"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.4,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2016-2178"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6304"
},
{
"trust": 0.3,
"url": "https://git.openssl.org/?p=openssl.git;a=commit;h=a004e72b95835136d3f1ea90517f706c24c03da7"
},
{
"trust": 0.3,
"url": "https://github.com/openssl/openssl/commit/a004e72b95835136d3f1ea90517f706c24c03da7"
},
{
"trust": 0.3,
"url": "http://openssl.org/"
},
{
"trust": 0.3,
"url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory21.asc"
},
{
"trust": 0.3,
"url": "https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-openssl-affect-ibm-worklight-and-ibm-mobilefirst-platform-foundation-2/"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1024394"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=isg3t1024401"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1024507"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1024648"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1021643"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
},
{
"trust": 0.3,
"url": "https://kc.mcafee.com/resources/sites/mcafee/content/live/product_documentation/27000/pd27128/en_us/meg_7_6_406_3402_103_release_notes_en_us.pdf"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995935"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21991896"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5099492"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21994870"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21991724"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21992348"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21992898"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21993061"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21993601"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21993856"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21993875"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21994534"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21994861"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995038"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995129"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995392"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995393"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995691"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg22001805"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-8610"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-4459"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2108"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-6808"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-8612"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-2108"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-6304"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/articles/2688611"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/solutions/222023"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-8610"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?product=appplatform\u0026downloadtype=securitypatches\u0026version=6.4"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6302"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2181"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2182"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6303"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2179"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6306"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2183"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2180"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/190.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2017:1659"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/3181-1/"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=49001"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4459"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-8612"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6808"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en/jboss-enterprise-application-platform/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu2.21"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1-4ubuntu5.38"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.2g-1ubuntu4.5"
},
{
"trust": 0.1,
"url": "https://launchpad.net/bugs/1626883"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/support/security_bulletin_archive"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-hpesbhf03763en_us"
},
{
"trust": 0.1,
"url": "https://www.hpe.com/info/report-security-vulnerability"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c01345499"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/support/subscriber_choice"
},
{
"trust": 0.1,
"url": "https://issues.jboss.org/):"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2107"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2106"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0705"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-3196"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-4448"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3216"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2106"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0702"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0797"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-8176"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1835"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en/red-hat-jboss-core-services-apache-http-server/version-2.4.23/apache-http-server-2423-release-notes/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-3705"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1838"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2107"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0799"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3196"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1839"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3523"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-4483"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-3523"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2842"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1148"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1840"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0797"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3185"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2109"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1836"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0705"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-3185"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-3194"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1833"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?product=core.service.apachehttp\u0026downloadtype=distributions\u0026version=2.4.23"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2105"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8176"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1840"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1836"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1762"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1835"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-4449"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-0286"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1762"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-5420"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0286"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-3627"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2012-1148"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1837"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2109"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1834"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3195"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0209"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1837"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1839"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-5419"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-0209"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-3195"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0702"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-3216"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1838"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1833"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2105"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1834"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-4447"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-7141"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0799"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.2g-1ubuntu4.6"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.2g-1ubuntu9.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu2.22"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-3731"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1-4ubuntu5.39"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-7056"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-7055"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-3732"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6308"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/news/secadv/20160922.txt"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/policies/secpolicy.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6305"
},
{
"trust": 0.1,
"url": "https://sweet32.info)"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/policies/releasestrat.html),"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6307"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-2177"
},
{
"db": "BID",
"id": "91319"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003304"
},
{
"db": "PACKETSTORM",
"id": "140717"
},
{
"db": "PACKETSTORM",
"id": "143176"
},
{
"db": "PACKETSTORM",
"id": "143181"
},
{
"db": "PACKETSTORM",
"id": "138826"
},
{
"db": "PACKETSTORM",
"id": "143628"
},
{
"db": "PACKETSTORM",
"id": "140182"
},
{
"db": "PACKETSTORM",
"id": "140850"
},
{
"db": "PACKETSTORM",
"id": "169633"
},
{
"db": "NVD",
"id": "CVE-2016-2177"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2016-2177"
},
{
"db": "BID",
"id": "91319"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003304"
},
{
"db": "PACKETSTORM",
"id": "140717"
},
{
"db": "PACKETSTORM",
"id": "143176"
},
{
"db": "PACKETSTORM",
"id": "143181"
},
{
"db": "PACKETSTORM",
"id": "138826"
},
{
"db": "PACKETSTORM",
"id": "143628"
},
{
"db": "PACKETSTORM",
"id": "140182"
},
{
"db": "PACKETSTORM",
"id": "140850"
},
{
"db": "PACKETSTORM",
"id": "169633"
},
{
"db": "NVD",
"id": "CVE-2016-2177"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-06-20T00:00:00",
"db": "VULMON",
"id": "CVE-2016-2177"
},
{
"date": "2016-05-05T00:00:00",
"db": "BID",
"id": "91319"
},
{
"date": "2016-06-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-003304"
},
{
"date": "2017-01-25T21:53:32",
"db": "PACKETSTORM",
"id": "140717"
},
{
"date": "2017-06-28T22:12:00",
"db": "PACKETSTORM",
"id": "143176"
},
{
"date": "2017-06-28T22:37:00",
"db": "PACKETSTORM",
"id": "143181"
},
{
"date": "2016-09-23T19:19:00",
"db": "PACKETSTORM",
"id": "138826"
},
{
"date": "2017-08-03T04:28:16",
"db": "PACKETSTORM",
"id": "143628"
},
{
"date": "2016-12-16T16:34:49",
"db": "PACKETSTORM",
"id": "140182"
},
{
"date": "2017-02-01T00:36:45",
"db": "PACKETSTORM",
"id": "140850"
},
{
"date": "2016-09-22T12:12:12",
"db": "PACKETSTORM",
"id": "169633"
},
{
"date": "2016-06-20T01:59:02.087000",
"db": "NVD",
"id": "CVE-2016-2177"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2016-2177"
},
{
"date": "2018-02-05T14:00:00",
"db": "BID",
"id": "91319"
},
{
"date": "2019-07-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-003304"
},
{
"date": "2023-11-07T02:31:01.273000",
"db": "NVD",
"id": "CVE-2016-2177"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "91319"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL Service disruption in (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-003304"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Boundary Condition Error",
"sources": [
{
"db": "BID",
"id": "91319"
}
],
"trust": 0.3
}
}
VAR-201609-0592
Vulnerability from variot - Updated: 2024-07-04 21:32The certificate parser in OpenSSL before 1.0.1u and 1.0.2 before 1.0.2i might allow remote attackers to cause a denial of service (out-of-bounds read) via crafted certificate operations, related to s3_clnt.c and s3_srvr.c. Supplementary information : CWE Vulnerability type by CWE-125: Out-of-bounds Read ( Read out of bounds ) Has been identified. http://cwe.mitre.org/data/definitions/125.htmlService disruption through the manipulation of crafted certificates by third parties ( Read out of bounds ) There is a possibility of being put into a state. OpenSSL is prone to a local denial-of-service vulnerability. A local attacker can exploit this issue to cause a denial-of-service condition. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: openssl security update Advisory ID: RHSA-2016:1940-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-1940.html Issue date: 2016-09-27 CVE Names: CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-2180 CVE-2016-2181 CVE-2016-2182 CVE-2016-6302 CVE-2016-6304 CVE-2016-6306 =====================================================================
- Summary:
An update for openssl is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
- Description:
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library. A remote attacker could cause a TLS server using OpenSSL to consume an excessive amount of memory and, possibly, exit unexpectedly after exhausting all available memory, if it enabled OCSP stapling support. (CVE-2016-2178)
-
It was discovered that the Datagram TLS (DTLS) implementation could fail to release memory in certain cases. A malicious DTLS client could cause a DTLS server using OpenSSL to consume an excessive amount of memory and, possibly, exit unexpectedly after exhausting all available memory. A remote attacker could possibly use this flaw to make a DTLS server using OpenSSL to reject further packets sent from a DTLS client over an established DTLS connection. (CVE-2016-2181)
-
An out of bounds write flaw was discovered in the OpenSSL BN_bn2dec() function. (CVE-2016-2182)
-
A flaw was found in the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite. (CVE-2016-2183)
This update mitigates the CVE-2016-2183 issue by lowering priority of DES cipher suites so they are not preferred over cipher suites using AES. For compatibility reasons, DES cipher suites remain enabled by default and included in the set of cipher suites identified by the HIGH cipher string. Future updates may move them to MEDIUM or not enable them by default.
-
An integer underflow flaw leading to a buffer over-read was found in the way OpenSSL parsed TLS session tickets. (CVE-2016-6302)
-
Multiple integer overflow flaws were found in the way OpenSSL performed pointer arithmetic. A remote attacker could possibly use these flaws to cause a TLS/SSL server or client using OpenSSL to crash. (CVE-2016-2177)
-
An out of bounds read flaw was found in the way OpenSSL formatted Public Key Infrastructure Time-Stamp Protocol data for printing. An attacker could possibly cause an application using OpenSSL to crash if it printed time stamp data from the attacker. A remote attacker could possibly use these flaws to crash a TLS/SSL server or client using OpenSSL. (CVE-2016-6306)
Red Hat would like to thank the OpenSSL project for reporting CVE-2016-6304 and CVE-2016-6306 and OpenVPN for reporting CVE-2016-2183.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.
- Bugs fixed (https://bugzilla.redhat.com/):
1341705 - CVE-2016-2177 openssl: Possible integer overflow vulnerabilities in codebase 1343400 - CVE-2016-2178 openssl: Non-constant time codepath followed for certain operations in DSA implementation 1359615 - CVE-2016-2180 OpenSSL: OOB read in TS_OBJ_print_bio() 1367340 - CVE-2016-2182 openssl: Out-of-bounds write caused by unchecked errors in BN_bn2dec() 1369113 - CVE-2016-2181 openssl: DTLS replay protection bypass allows DoS against DTLS connection 1369383 - CVE-2016-2183 SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32) 1369504 - CVE-2016-2179 openssl: DTLS memory exhaustion DoS when messages are not removed from fragment buffer 1369855 - CVE-2016-6302 openssl: Insufficient TLS session ticket HMAC length checks 1377594 - CVE-2016-6306 openssl: certificate message OOB reads 1377600 - CVE-2016-6304 openssl: OCSP Status Request extension unbounded memory growth
- Package List:
Red Hat Enterprise Linux Desktop (v. 6):
Source: openssl-1.0.1e-48.el6_8.3.src.rpm
i386: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm
x86_64: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
i386: openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm openssl-perl-1.0.1e-48.el6_8.3.i686.rpm openssl-static-1.0.1e-48.el6_8.3.i686.rpm
x86_64: openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm openssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-static-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source: openssl-1.0.1e-48.el6_8.3.src.rpm
x86_64: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
x86_64: openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm openssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-static-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source: openssl-1.0.1e-48.el6_8.3.src.rpm
i386: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm
ppc64: openssl-1.0.1e-48.el6_8.3.ppc.rpm openssl-1.0.1e-48.el6_8.3.ppc64.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.ppc.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.ppc64.rpm openssl-devel-1.0.1e-48.el6_8.3.ppc.rpm openssl-devel-1.0.1e-48.el6_8.3.ppc64.rpm
s390x: openssl-1.0.1e-48.el6_8.3.s390.rpm openssl-1.0.1e-48.el6_8.3.s390x.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.s390.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.s390x.rpm openssl-devel-1.0.1e-48.el6_8.3.s390.rpm openssl-devel-1.0.1e-48.el6_8.3.s390x.rpm
x86_64: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
i386: openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-perl-1.0.1e-48.el6_8.3.i686.rpm openssl-static-1.0.1e-48.el6_8.3.i686.rpm
ppc64: openssl-debuginfo-1.0.1e-48.el6_8.3.ppc64.rpm openssl-perl-1.0.1e-48.el6_8.3.ppc64.rpm openssl-static-1.0.1e-48.el6_8.3.ppc64.rpm
s390x: openssl-debuginfo-1.0.1e-48.el6_8.3.s390x.rpm openssl-perl-1.0.1e-48.el6_8.3.s390x.rpm openssl-static-1.0.1e-48.el6_8.3.s390x.rpm
x86_64: openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm openssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-static-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source: openssl-1.0.1e-48.el6_8.3.src.rpm
i386: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm
x86_64: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
i386: openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-perl-1.0.1e-48.el6_8.3.i686.rpm openssl-static-1.0.1e-48.el6_8.3.i686.rpm
x86_64: openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm openssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-static-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux Client (v. 7):
Source: openssl-1.0.1e-51.el7_2.7.src.rpm
x86_64: openssl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-libs-1.0.1e-51.el7_2.7.i686.rpm openssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64: openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-devel-1.0.1e-51.el7_2.7.i686.rpm openssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm openssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-static-1.0.1e-51.el7_2.7.i686.rpm openssl-static-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: openssl-1.0.1e-51.el7_2.7.src.rpm
x86_64: openssl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-libs-1.0.1e-51.el7_2.7.i686.rpm openssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
x86_64: openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-devel-1.0.1e-51.el7_2.7.i686.rpm openssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm openssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-static-1.0.1e-51.el7_2.7.i686.rpm openssl-static-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: openssl-1.0.1e-51.el7_2.7.src.rpm
ppc64: openssl-1.0.1e-51.el7_2.7.ppc64.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.ppc.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.ppc64.rpm openssl-devel-1.0.1e-51.el7_2.7.ppc.rpm openssl-devel-1.0.1e-51.el7_2.7.ppc64.rpm openssl-libs-1.0.1e-51.el7_2.7.ppc.rpm openssl-libs-1.0.1e-51.el7_2.7.ppc64.rpm
ppc64le: openssl-1.0.1e-51.el7_2.7.ppc64le.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.ppc64le.rpm openssl-devel-1.0.1e-51.el7_2.7.ppc64le.rpm openssl-libs-1.0.1e-51.el7_2.7.ppc64le.rpm
s390x: openssl-1.0.1e-51.el7_2.7.s390x.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.s390.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.s390x.rpm openssl-devel-1.0.1e-51.el7_2.7.s390.rpm openssl-devel-1.0.1e-51.el7_2.7.s390x.rpm openssl-libs-1.0.1e-51.el7_2.7.s390.rpm openssl-libs-1.0.1e-51.el7_2.7.s390x.rpm
x86_64: openssl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-devel-1.0.1e-51.el7_2.7.i686.rpm openssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm openssl-libs-1.0.1e-51.el7_2.7.i686.rpm openssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64: openssl-debuginfo-1.0.1e-51.el7_2.7.ppc.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.ppc64.rpm openssl-perl-1.0.1e-51.el7_2.7.ppc64.rpm openssl-static-1.0.1e-51.el7_2.7.ppc.rpm openssl-static-1.0.1e-51.el7_2.7.ppc64.rpm
ppc64le: openssl-debuginfo-1.0.1e-51.el7_2.7.ppc64le.rpm openssl-perl-1.0.1e-51.el7_2.7.ppc64le.rpm openssl-static-1.0.1e-51.el7_2.7.ppc64le.rpm
s390x: openssl-debuginfo-1.0.1e-51.el7_2.7.s390.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.s390x.rpm openssl-perl-1.0.1e-51.el7_2.7.s390x.rpm openssl-static-1.0.1e-51.el7_2.7.s390.rpm openssl-static-1.0.1e-51.el7_2.7.s390x.rpm
x86_64: openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-static-1.0.1e-51.el7_2.7.i686.rpm openssl-static-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: openssl-1.0.1e-51.el7_2.7.src.rpm
x86_64: openssl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-devel-1.0.1e-51.el7_2.7.i686.rpm openssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm openssl-libs-1.0.1e-51.el7_2.7.i686.rpm openssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64: openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-static-1.0.1e-51.el7_2.7.i686.rpm openssl-static-1.0.1e-51.el7_2.7.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2016-2177 https://access.redhat.com/security/cve/CVE-2016-2178 https://access.redhat.com/security/cve/CVE-2016-2179 https://access.redhat.com/security/cve/CVE-2016-2180 https://access.redhat.com/security/cve/CVE-2016-2181 https://access.redhat.com/security/cve/CVE-2016-2182 https://access.redhat.com/security/cve/CVE-2016-6302 https://access.redhat.com/security/cve/CVE-2016-6304 https://access.redhat.com/security/cve/CVE-2016-6306 https://access.redhat.com/security/updates/classification/#important https://www.openssl.org/news/secadv/20160922.txt
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFX6nnFXlSAg2UNWIIRAqklAJ9uGMit/wxZ0CfuGjR7Vi2+AjmGMwCfTpEI xpTW7ApBLmKhVjs49DGYouI= =4VgY -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Solution:
The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).
After installing the updated packages, the httpd daemon will be restarted automatically. Additional information can be found at https://www.openssl.org/blog/blog/2016/06/27/undefined-pointer-arithmetic/
CVE-2016-2178
Cesar Pereida, Billy Brumley and Yuval Yarom discovered a timing
leak in the DSA code.
CVE-2016-2179 / CVE-2016-2181
Quan Luo and the OCAP audit team discovered denial of service
vulnerabilities in DTLS.
For the stable distribution (jessie), these problems have been fixed in version 1.0.1t-1+deb8u4.
For the unstable distribution (sid), these problems will be fixed soon.
Gentoo Linux Security Advisory GLSA 201612-16
https://security.gentoo.org/
Severity: Normal Title: OpenSSL: Multiple vulnerabilities Date: December 07, 2016 Bugs: #581234, #585142, #585276, #591454, #592068, #592074, #592082, #594500, #595186 ID: 201612-16
Synopsis
Multiple vulnerabilities have been found in OpenSSL, the worst of which allows attackers to conduct a time based side-channel attack.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-libs/openssl < 1.0.2j >= 1.0.2j
Description
Multiple vulnerabilities have been discovered in OpenSSL. Please review the CVE identifiers and the International Association for Cryptologic Research's (IACR) paper, "Make Sure DSA Signing Exponentiations Really are Constant-Time" for further details.
Workaround
There is no known workaround at this time.
Resolution
All OpenSSL users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/openssl-1.0.2j"
References
[ 1 ] CVE-2016-2105 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2105 [ 2 ] CVE-2016-2106 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2106 [ 3 ] CVE-2016-2107 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2107 [ 4 ] CVE-2016-2108 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2108 [ 5 ] CVE-2016-2109 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2109 [ 6 ] CVE-2016-2176 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2176 [ 7 ] CVE-2016-2177 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2177 [ 8 ] CVE-2016-2178 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2178 [ 9 ] CVE-2016-2180 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2180 [ 10 ] CVE-2016-2183 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2183 [ 11 ] CVE-2016-6304 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6304 [ 12 ] CVE-2016-6305 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6305 [ 13 ] CVE-2016-6306 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6306 [ 14 ] CVE-2016-7052 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7052 [ 15 ] Make Sure DSA Signing Exponentiations Really are Constant-Time http://eprint.iacr.org/2016/594.pdf
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201612-16
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. ========================================================================== Ubuntu Security Notice USN-3087-1 September 22, 2016
openssl vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary:
Several security issues were fixed in OpenSSL. This issue has only been addressed in Ubuntu 16.04 LTS in this update. (CVE-2016-2178)
Quan Luo discovered that OpenSSL did not properly restrict the lifetime of queue entries in the DTLS implementation. (CVE-2016-2181)
Shi Lei discovered that OpenSSL incorrectly validated division results. (CVE-2016-2182)
Karthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES ciphers were vulnerable to birthday attacks. (CVE-2016-2183)
Shi Lei discovered that OpenSSL incorrectly handled certain ticket lengths. (CVE-2016-6303)
Shi Lei discovered that OpenSSL incorrectly performed certain message length checks. (CVE-2016-6306)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 16.04 LTS: libssl1.0.0 1.0.2g-1ubuntu4.4
Ubuntu 14.04 LTS: libssl1.0.0 1.0.1f-1ubuntu2.20
Ubuntu 12.04 LTS: libssl1.0.0 1.0.1-4ubuntu5.37
After a standard system update you need to reboot your computer to make all the necessary changes. Description:
This release adds the new Apache HTTP Server 2.4.29 packages that are part of the JBoss Core Services offering.
This release serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.23, and includes bug fixes and enhancements. Refer to the Release Notes for information on the most significant bug fixes, enhancements and component upgrades included in this release. Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied. JIRA issues fixed (https://issues.jboss.org/):
JBCS-373 - Errata for httpd 2.4.29 GA RHEL 7
-
OpenSSL Security Advisory [22 Sep 2016]
OCSP Status Request extension unbounded memory growth (CVE-2016-6304)
Severity: High
A malicious client can send an excessively large OCSP Status Request extension. If that client continually requests renegotiation, sending a large OCSP Status Request extension each time, then there will be unbounded memory growth on the server. This will eventually lead to a Denial Of Service attack through memory exhaustion. Servers with a default configuration are vulnerable even if they do not support OCSP. Builds using the "no-ocsp" build time option are not affected.
Servers using OpenSSL versions prior to 1.0.1g are not vulnerable in a default configuration, instead only if an application explicitly enables OCSP stapling support.
OpenSSL 1.1.0 users should upgrade to 1.1.0a OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 29th August 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL development team.
SSL_peek() hang on empty record (CVE-2016-6305)
Severity: Moderate
OpenSSL 1.1.0 SSL/TLS will hang during a call to SSL_peek() if the peer sends an empty record. This could be exploited by a malicious peer in a Denial Of Service attack.
OpenSSL 1.1.0 users should upgrade to 1.1.0a
This issue was reported to OpenSSL on 10th September 2016 by Alex Gaynor. The fix was developed by Matt Caswell of the OpenSSL development team.
SWEET32 Mitigation (CVE-2016-2183)
Severity: Low
SWEET32 (https://sweet32.info) is an attack on older block cipher algorithms that use a block size of 64 bits. In mitigation for the SWEET32 attack DES based ciphersuites have been moved from the HIGH cipherstring group to MEDIUM in OpenSSL 1.0.1 and OpenSSL 1.0.2. OpenSSL 1.1.0 since release has had these ciphersuites disabled by default.
OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 16th August 2016 by Karthikeyan Bhargavan and Gaetan Leurent (INRIA). The fix was developed by Rich Salz of the OpenSSL development team.
OOB write in MDC2_Update() (CVE-2016-6303)
Severity: Low
An overflow can occur in MDC2_Update() either if called directly or through the EVP_DigestUpdate() function using MDC2. If an attacker is able to supply very large amounts of input data after a previous call to EVP_EncryptUpdate() with a partial block then a length check can overflow resulting in a heap corruption.
The amount of data needed is comparable to SIZE_MAX which is impractical on most platforms.
OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 11th August 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL development team.
Malformed SHA512 ticket DoS (CVE-2016-6302)
Severity: Low
If a server uses SHA512 for TLS session ticket HMAC it is vulnerable to a DoS attack where a malformed ticket will result in an OOB read which will ultimately crash.
The use of SHA512 in TLS session tickets is comparatively rare as it requires a custom server callback and ticket lookup mechanism.
OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 19th August 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL development team.
OOB write in BN_bn2dec() (CVE-2016-2182)
Severity: Low
The function BN_bn2dec() does not check the return value of BN_div_word(). This can cause an OOB write if an application uses this function with an overly large BIGNUM. This could be a problem if an overly large certificate or CRL is printed out from an untrusted source. TLS is not affected because record limits will reject an oversized certificate before it is parsed.
OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 2nd August 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL development team.
OOB read in TS_OBJ_print_bio() (CVE-2016-2180)
Severity: Low
The function TS_OBJ_print_bio() misuses OBJ_obj2txt(): the return value is the total length the OID text representation would use and not the amount of data written. This will result in OOB reads when large OIDs are presented.
OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 21st July 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL development team.
Pointer arithmetic undefined behaviour (CVE-2016-2177)
Severity: Low
Avoid some undefined pointer arithmetic
A common idiom in the codebase is to check limits in the following manner: "p + len > limit"
Where "p" points to some malloc'd data of SIZE bytes and limit == p + SIZE
"len" here could be from some externally supplied data (e.g. from a TLS message).
The rules of C pointer arithmetic are such that "p + len" is only well defined where len <= SIZE. Therefore the above idiom is actually undefined behaviour.
For example this could cause problems if some malloc implementation provides an address for "p" such that "p + len" actually overflows for values of len that are too big and therefore p + len < limit.
OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 4th May 2016 by Guido Vranken. The fix was developed by Matt Caswell of the OpenSSL development team.
Constant time flag not preserved in DSA signing (CVE-2016-2178)
Severity: Low
Operations in the DSA signing algorithm should run in constant time in order to avoid side channel attacks. A flaw in the OpenSSL DSA implementation means that a non-constant time codepath is followed for certain operations. This has been demonstrated through a cache-timing attack to be sufficient for an attacker to recover the private DSA key.
OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 23rd May 2016 by César Pereida (Aalto University), Billy Brumley (Tampere University of Technology), and Yuval Yarom (The University of Adelaide and NICTA). The fix was developed by César Pereida.
DTLS buffered message DoS (CVE-2016-2179)
Severity: Low
In a DTLS connection where handshake messages are delivered out-of-order those messages that OpenSSL is not yet ready to process will be buffered for later use. Under certain circumstances, a flaw in the logic means that those messages do not get removed from the buffer even though the handshake has been completed. An attacker could force up to approx. 15 messages to remain in the buffer when they are no longer required. These messages will be cleared when the DTLS connection is closed. The default maximum size for a message is 100k. Therefore the attacker could force an additional 1500k to be consumed per connection. By opening many simulataneous connections an attacker could cause a DoS attack through memory exhaustion.
OpenSSL 1.0.2 DTLS users should upgrade to 1.0.2i OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 22nd June 2016 by Quan Luo. The fix was developed by Matt Caswell of the OpenSSL development team.
DTLS replay protection DoS (CVE-2016-2181)
Severity: Low
A flaw in the DTLS replay attack protection mechanism means that records that arrive for future epochs update the replay protection "window" before the MAC for the record has been validated. This could be exploited by an attacker by sending a record for the next epoch (which does not have to decrypt or have a valid MAC), with a very large sequence number. This means that all subsequent legitimate packets are dropped causing a denial of service for a specific DTLS connection.
OpenSSL 1.0.2 DTLS users should upgrade to 1.0.2i OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 21st November 2015 by the OCAP audit team. The fix was developed by Matt Caswell of the OpenSSL development team.
Certificate message OOB reads (CVE-2016-6306)
Severity: Low
In OpenSSL 1.0.2 and earlier some missing message length checks can result in OOB reads of up to 2 bytes beyond an allocated buffer. There is a theoretical DoS risk but this has not been observed in practice on common platforms.
The messages affected are client certificate, client certificate request and server certificate. As a result the attack can only be performed against a client or a server which enables client authentication.
OpenSSL 1.1.0 is not affected.
OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 22nd August 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL development team.
Excessive allocation of memory in tls_get_message_header() (CVE-2016-6307)
Severity: Low
A TLS message includes 3 bytes for its length in the header for the message. This would allow for messages up to 16Mb in length. Messages of this length are excessive and OpenSSL includes a check to ensure that a peer is sending reasonably sized messages in order to avoid too much memory being consumed to service a connection. A flaw in the logic of version 1.1.0 means that memory for the message is allocated too early, prior to the excessive message length check. Due to way memory is allocated in OpenSSL this could mean an attacker could force up to 21Mb to be allocated to service a connection. This could lead to a Denial of Service through memory exhaustion. However, the excessive message length check still takes place, and this would cause the connection to immediately fail. Assuming that the application calls SSL_free() on the failed conneciton in a timely manner then the 21Mb of allocated memory will then be immediately freed again. Therefore the excessive memory allocation will be transitory in nature. This then means that there is only a security impact if:
1) The application does not call SSL_free() in a timely manner in the event that the connection fails or 2) The application is working in a constrained environment where there is very little free memory or 3) The attacker initiates multiple connection attempts such that there are multiple connections in a state where memory has been allocated for the connection; SSL_free() has not yet been called; and there is insufficient memory to service the multiple requests.
Except in the instance of (1) above any Denial Of Service is likely to be transitory because as soon as the connection fails the memory is subsequently freed again in the SSL_free() call. However there is an increased risk during this period of application crashes due to the lack of memory - which would then mean a more serious Denial of Service.
This issue does not affect DTLS users.
OpenSSL 1.1.0 TLS users should upgrade to 1.1.0a
This issue was reported to OpenSSL on 18th September 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL development team.
Excessive allocation of memory in dtls1_preprocess_fragment() (CVE-2016-6308)
Severity: Low
This issue is very similar to CVE-2016-6307. The underlying defect is different but the security analysis and impacts are the same except that it impacts DTLS.
A DTLS message includes 3 bytes for its length in the header for the message. This would allow for messages up to 16Mb in length. Messages of this length are excessive and OpenSSL includes a check to ensure that a peer is sending reasonably sized messages in order to avoid too much memory being consumed to service a connection. A flaw in the logic of version 1.1.0 means that memory for the message is allocated too early, prior to the excessive message length check. Due to way memory is allocated in OpenSSL this could mean an attacker could force up to 21Mb to be allocated to service a connection. This could lead to a Denial of Service through memory exhaustion. However, the excessive message length check still takes place, and this would cause the connection to immediately fail. Assuming that the application calls SSL_free() on the failed conneciton in a timely manner then the 21Mb of allocated memory will then be immediately freed again. Therefore the excessive memory allocation will be transitory in nature. This then means that there is only a security impact if:
1) The application does not call SSL_free() in a timely manner in the event that the connection fails or 2) The application is working in a constrained environment where there is very little free memory or 3) The attacker initiates multiple connection attempts such that there are multiple connections in a state where memory has been allocated for the connection; SSL_free() has not yet been called; and there is insufficient memory to service the multiple requests.
Except in the instance of (1) above any Denial Of Service is likely to be transitory because as soon as the connection fails the memory is subsequently freed again in the SSL_free() call. However there is an increased risk during this period of application crashes due to the lack of memory - which would then mean a more serious Denial of Service.
This issue does not affect TLS users.
OpenSSL 1.1.0 DTLS users should upgrade to 1.1.0a
This issue was reported to OpenSSL on 18th September 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL development team.
Note
As per our previous announcements and our Release Strategy (https://www.openssl.org/policies/releasestrat.html), support for OpenSSL version 1.0.1 will cease on 31st December 2016. No security updates for that version will be provided after that date. Users of 1.0.1 are advised to upgrade.
Support for versions 0.9.8 and 1.0.0 ended on 31st December 2015. Those versions are no longer receiving security updates.
References
URL for this Security Advisory: https://www.openssl.org/news/secadv/20160922.txt
Note: the online version of the advisory may be updated with additional details over time.
For details of OpenSSL severity classifications please see: https://www.openssl.org/policies/secpolicy.html
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201609-0592",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1q"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2a"
},
{
"model": "node.js",
"scope": "gte",
"trust": 1.0,
"vendor": "nodejs",
"version": "5.0.0"
},
{
"model": "icewall sso agent option",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "10.0"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1m"
},
{
"model": "icewall mcrp",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "3.0"
},
{
"model": "node.js",
"scope": "lt",
"trust": 1.0,
"vendor": "nodejs",
"version": "6.7.0"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1b"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "14.04"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "8.0"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2h"
},
{
"model": "node.js",
"scope": "gte",
"trust": 1.0,
"vendor": "nodejs",
"version": "6.0.0"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1r"
},
{
"model": "icewall sso",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "10.0"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "12.04"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1p"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1a"
},
{
"model": "node.js",
"scope": "gte",
"trust": 1.0,
"vendor": "nodejs",
"version": "0.10.0"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1o"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1n"
},
{
"model": "icewall federation agent",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "3.0"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1f"
},
{
"model": "node.js",
"scope": "lt",
"trust": 1.0,
"vendor": "nodejs",
"version": "0.12.16"
},
{
"model": "node.js",
"scope": "gte",
"trust": 1.0,
"vendor": "nodejs",
"version": "4.0.0"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2f"
},
{
"model": "node.js",
"scope": "gte",
"trust": 1.0,
"vendor": "nodejs",
"version": "4.2.0"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1e"
},
{
"model": "node.js",
"scope": "lt",
"trust": 1.0,
"vendor": "nodejs",
"version": "4.6.0"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1s"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1l"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1t"
},
{
"model": "node.js",
"scope": "lte",
"trust": 1.0,
"vendor": "nodejs",
"version": "4.1.2"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "16.04"
},
{
"model": "node.js",
"scope": "lt",
"trust": 1.0,
"vendor": "nodejs",
"version": "0.10.47"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2b"
},
{
"model": "node.js",
"scope": "lte",
"trust": 1.0,
"vendor": "nodejs",
"version": "5.12.0"
},
{
"model": "suse linux enterprise module for web scripting",
"scope": "eq",
"trust": 1.0,
"vendor": "novell",
"version": "12.0"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2"
},
{
"model": "node.js",
"scope": "gte",
"trust": 1.0,
"vendor": "nodejs",
"version": "0.12.0"
},
{
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "(64)"
},
{
"model": "web server",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "express"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "enterprise v8.2 to v9.4"
},
{
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "professional for plug-in"
},
{
"model": "ucosminexus service platform",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "- messaging"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "foundation v8.2 to v8.5"
},
{
"model": "ucosminexus developer standard",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus service platform",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "(64)"
},
{
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "01"
},
{
"model": "enterpriseidentitymanager",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "icewall sso",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "certd"
},
{
"model": "ix2000 series",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "st ard v8.2 to v9.4"
},
{
"model": "ucosminexus developer light",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "icewall sso",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "agent option"
},
{
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "none"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "sg3600 all series"
},
{
"model": "application server for developers",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.2i"
},
{
"model": "linux enterprise module for web scripting",
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": "ucosminexus primary server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "base"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "express v8.2 to v9.4"
},
{
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "st ard-r"
},
{
"model": "enterprisedirectoryserver",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v8.0 to v8.1"
},
{
"model": "ucosminexus primary server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "base(64)"
},
{
"model": "ucosminexus service platform",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "none"
},
{
"model": "icewall federation agent",
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": "ix1000 series",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "cosminexus http server",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "capssuite",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v3.0 to v4.0"
},
{
"model": "webotx portal",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v8.2 to v9.1"
},
{
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "-r"
},
{
"model": "ucosminexus service architect",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server enterprise",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "esmpro/serveragentservice",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "all versions (linux edition )"
},
{
"model": "openssl",
"scope": "lt",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.2"
},
{
"model": "icewall mcrp",
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": "ucosminexus application server standard",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "icewall sso",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "dfw"
},
{
"model": "ix3000 series",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "professional"
},
{
"model": "node.js",
"scope": null,
"trust": 0.8,
"vendor": "node js",
"version": null
},
{
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "none"
},
{
"model": "ucosminexus application server smart edition",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "application server",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "paging server",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "0"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.10"
},
{
"model": "webex centers t32",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.3"
},
{
"model": "big-ip afm hf6",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6"
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "big-ip apm hf8",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6"
},
{
"model": "sterling connect:express for unix ifix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.13150-13"
},
{
"model": "clean access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip gtm hf9",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.2"
},
{
"model": "nexus series blade switches 4.1 e1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4000"
},
{
"model": "big-ip ltm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.4"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.0.0"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.9"
},
{
"model": "big-ip analytics hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0.0"
},
{
"model": "telepresence content server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "proactive network operations center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.5"
},
{
"model": "big-ip analytics build",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.110.104.180"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "69010"
},
{
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "anyconnect secure mobility client for linux",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.7"
},
{
"model": "ucs central software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip aam build",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.40.1.256"
},
{
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "video surveillance media server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.13"
},
{
"model": "stealthwatch management console",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 1.0.1e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.4"
},
{
"model": "tivoli provisioning manager for os deployment 5.1.fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.0"
},
{
"model": "ios and cisco ios xe software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "16.2"
},
{
"model": "anyconnect secure mobility client for android",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.7"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.5"
},
{
"model": "project openssl 1.0.2g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "jabber software development kit",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"model": "project openssl 1.0.1a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "big-ip ltm build",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.110.104.180"
},
{
"model": "computer telephony integration object server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip afm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.4"
},
{
"model": "unified workforce optimization",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "industrial router 1.2.1rb4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "910"
},
{
"model": "firepass",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "7.0"
},
{
"model": "big-ip gtm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.0.1"
},
{
"model": "big-ip analytics hf7",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "big-ip apm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.4"
},
{
"model": "big-ip apm hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6"
},
{
"model": "powerkvm",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"model": "big-ip afm hf6",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.14"
},
{
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.2.0"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.1"
},
{
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.4"
},
{
"model": "big-ip asm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0.0"
},
{
"model": "big-ip link controller build",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.01.14.628"
},
{
"model": "big-ip apm hf8",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "ip interoperability and collaboration system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "asr series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50000"
},
{
"model": "edge digital media player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3400"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.0"
},
{
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.0"
},
{
"model": "nexus series switches standalone nx-os mode",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9000-0"
},
{
"model": "unified contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network protection",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.3.1"
},
{
"model": "nexus series switches standalone nx-os mode 7.0 i5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9000-"
},
{
"model": "big-ip link controller hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.11"
},
{
"model": "big-ip link controller hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "big-ip aam hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.4"
},
{
"model": "nexus series switches 5.2.8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7000"
},
{
"model": "big-iq device",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5"
},
{
"model": "anyconnect secure mobility client for desktop platforms",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip pem hf6",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.26"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"model": "big-iq device",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"model": "smartcloud entry appliance fi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.4"
},
{
"model": "big-ip pem hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.3"
},
{
"model": "sdk for node.js",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.0.0"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.0"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"model": "jabber guest",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "prime license manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance ptz ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.9"
},
{
"model": "series digital media players 5.3.6 rb3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4300"
},
{
"model": "big-ip afm hf8",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6"
},
{
"model": "stealthwatch flowcollector sflow",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip aam hf11",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.0"
},
{
"model": "visual quality experience server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.11"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2.2"
},
{
"model": "video surveillance series ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "60002.9"
},
{
"model": "content security management appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip afm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "agent for openflow",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip link controller hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.0"
},
{
"model": "prime collaboration provisioning",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6"
},
{
"model": "anyconnect secure mobility client for desktop platforms",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.4"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.3"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.2.4"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.2"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.8"
},
{
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.4.0"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1"
},
{
"model": "big-ip apm hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.15"
},
{
"model": "big-ip apm hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "big-ip apm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.4"
},
{
"model": "ons series multiservice provisioning platforms",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "telepresence sx series ce8.2.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "big-iq device",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.4"
},
{
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "prime collaboration assurance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings client hosted t32",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "asa next-generation firewall services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip aam hf8",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.3"
},
{
"model": "big-ip apm hf7",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6"
},
{
"model": "big-ip aam hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"model": "big-ip aam hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"model": "email security appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0.1"
},
{
"model": "big-ip afm build",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.01.14.628"
},
{
"model": "big-ip asm hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8200"
},
{
"model": "big-ip analytics hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0.0"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.2"
},
{
"model": "big-ip aam hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.9"
},
{
"model": "big-ip psm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "unified communications manager im \u0026 presence service (formerly c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ios and cisco ios xe software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "16.3"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.1"
},
{
"model": "webex meetings for blackberry",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.5"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "big-ip afm hf8",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "project openssl 1.0.1g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.20"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip asm hf10",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"model": "big-ip gtm hf10",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.3"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security virtual server protection for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.1"
},
{
"model": "big-ip pem hf9",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "big-ip aam hf10",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip gtm hf6",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.2"
},
{
"model": "big-ip ltm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.0.2"
},
{
"model": "firesight system software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.0.1.3"
},
{
"model": "big-ip webaccelerator hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "anyconnect secure mobility client for mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x4.0.7"
},
{
"model": "common services platform collector",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.11"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.3"
},
{
"model": "big-ip afm hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.0"
},
{
"model": "partner support service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "media services interface",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.1"
},
{
"model": "big-ip afm hf11",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.9"
},
{
"model": "project openssl 1.0.1i",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "big-ip pem hf10",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "cloud web security",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime collaboration assurance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6"
},
{
"model": "jabber for iphone and ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0"
},
{
"model": "email gateway 7.6.2h968406",
"scope": null,
"trust": 0.3,
"vendor": "mcafee",
"version": null
},
{
"model": "unified attendant console advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "common services platform collector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "anyconnect secure mobility client for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip link controller hf9",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "telepresence mx series ce8.2.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "big-ip ltm hf8",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6"
},
{
"model": "big-ip link controller hf6",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6"
},
{
"model": "spectrum control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.8"
},
{
"model": "big-ip apm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.3"
},
{
"model": "project openssl 1.0.1s",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "webex meetings client on-premises",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "unified intelligence center",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6(1)"
},
{
"model": "services provisioning platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ucs b-series blade servers",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1.3"
},
{
"model": "nac appliance clean access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.0.0"
},
{
"model": "big-ip link controller hf8",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.6"
},
{
"model": "big-ip afm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1"
},
{
"model": "big-ip link controller hf10",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10000"
},
{
"model": "tivoli provisioning manager for os deployment build",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.20290.1"
},
{
"model": "jabber for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "asa next-generation firewall services",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1.2"
},
{
"model": "big-ip apm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1"
},
{
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.0.0"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.405"
},
{
"model": "big-ip gtm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.4"
},
{
"model": "big-ip afm build 685-hf10",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "big-ip gtm hf6",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "api gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1.2.4.0"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.40"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.5"
},
{
"model": "big-iq device hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.4"
},
{
"model": "arx",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.4"
},
{
"model": "big-ip apm hf10",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "unified attendant console premium edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.7"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "services provisioning platform sfp1.1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.8"
},
{
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mysql workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.1.5"
},
{
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5"
},
{
"model": "big-ip link controller hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "video surveillance series high-definition ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40000"
},
{
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.2.2"
},
{
"model": "jabber for android",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"model": "big-ip aam hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1"
},
{
"model": "anyconnect secure mobility client for desktop platforms",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3.4"
},
{
"model": "series digital media players 5.3.6 rb3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4400"
},
{
"model": "video surveillance series ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30002.9"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4.1.0"
},
{
"model": "big-ip dns build",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.01.14.628"
},
{
"model": "big-ip link controller hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.4"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.20"
},
{
"model": "big-ip afm build",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.110.104.180"
},
{
"model": "project openssl 1.0.1r",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "big-ip pem hf8",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "mysql workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.3.8"
},
{
"model": "big-ip dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"model": "big-ip edge gateway 10.2.3-hf1",
"scope": null,
"trust": 0.3,
"vendor": "f5",
"version": null
},
{
"model": "cognos metrics manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"model": "arx",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.3"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.10"
},
{
"model": "big-ip ltm hf8",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "big-ip link controller hf6",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "stealthwatch identity",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "aironet series access points",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "270016.2"
},
{
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.2.1"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.4"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.1.0"
},
{
"model": "big-ip aam hf10",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "application policy infrastructure controller",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2(1)"
},
{
"model": "big-ip ltm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0.0"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.2"
},
{
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.4"
},
{
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.0"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"model": "big-ip afm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.4"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.1.0"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "big-ip aam hf6",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "aironet series access points",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "270016.1"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "unified workforce optimization quality management solution 11.5 su1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "show and share",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence system ex series tc7.3.7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.2"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.5"
},
{
"model": "big-ip link controller hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"model": "big-ip asm hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.0"
},
{
"model": "tivoli provisioning manager for images",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.19"
},
{
"model": "universal small cell iuh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ucs director",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tivoli provisioning manager for images build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.20280.6"
},
{
"model": "big-ip afm hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0.0"
},
{
"model": "big-ip pem hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"model": "arx",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.2"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.1"
},
{
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.3"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.3"
},
{
"model": "jabber client framework components",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"model": "big-ip analytics hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.0"
},
{
"model": "big-ip aam build",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.66.204.442"
},
{
"model": "big-ip ltm hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.0"
},
{
"model": "telepresence isdn link",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence profile series tc7.3.7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings client on-premises t32",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "dcm series d9900 digital content manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip asm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0.0"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.5.1"
},
{
"model": "big-ip analytics hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "big-ip websafe hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"model": "big-ip afm hf7",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6"
},
{
"model": "unified attendant console business edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70006.2.19"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.2.3"
},
{
"model": "big-ip link controller hf10",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "big-ip gtm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.3"
},
{
"model": "big-ip gtm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "project openssl 1.0.2i",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.14"
},
{
"model": "big-ip gtm build",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.110.104.180"
},
{
"model": "big-ip asm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1"
},
{
"model": "big-ip aam hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0.0"
},
{
"model": "aironet series access points",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "270016.4"
},
{
"model": "bigfix remote control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.2"
},
{
"model": "powerkvm",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "enterprise manager ops center",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1.4"
},
{
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "big-ip apm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "mds series multilayer switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"model": "big-ip gtm hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.0"
},
{
"model": "prime network services controller 1.01u",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "big-ip aam hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.12"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.0"
},
{
"model": "big-ip analytics hf6",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6"
},
{
"model": "oss support tools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.9.15.9.8"
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "big-ip apm hf10",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "firesight system software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.4.0.10"
},
{
"model": "worklight consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.0"
},
{
"model": "big-ip link controller hf11",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "universal small cell series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50000"
},
{
"model": "telepresence system tx1310",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus series switches 5.2 sv3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1000v"
},
{
"model": "big-ip aam hf6",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "unified communications domain manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.3"
},
{
"model": "telepresence server on multiparty media and",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3103204.4"
},
{
"model": "big-ip link controller hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.3"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.4"
},
{
"model": "tivoli provisioning manager for os deployment build",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1051.08"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.10"
},
{
"model": "project openssl 1.0.2h",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "nac guest server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "enterprise content delivery system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.11"
},
{
"model": "anyconnect secure mobility client for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.1"
},
{
"model": "telepresence system ex series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime collaboration deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip ltm hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"model": "webex business suite",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.3"
},
{
"model": "big-ip aam hf7",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6"
},
{
"model": "dx series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ios and cisco ios xe software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "15.5(3)"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.18"
},
{
"model": "big-ip ltm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"model": "anyconnect secure mobility client for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.19"
},
{
"model": "nexus series blade switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40000"
},
{
"model": "telepresence server on multiparty media",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8204.4"
},
{
"model": "big-iq device",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"model": "big-ip pem hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.4"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5.0.0"
},
{
"model": "big-ip apm hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.11"
},
{
"model": "telepresence system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "500-376.1"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"model": "jabber for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "telepresence profile series ce8.2.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "big-ip analytics hf7",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6"
},
{
"model": "enterprise manager base platform",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "13.1.0.0"
},
{
"model": "big-ip analytics hf6",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.0"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.10"
},
{
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.3"
},
{
"model": "ace30 application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip analytics hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.3"
},
{
"model": "vm virtualbox",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.28"
},
{
"model": "edge digital media player 1.6rb5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "300"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.12"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "69450"
},
{
"model": "big-ip gtm hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.0"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "big-ip afm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4.0.0"
},
{
"model": "telepresence isdn gateway mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83210"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.6.1.0"
},
{
"model": "jabber software development kit",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "wireless lan controller",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.4"
},
{
"model": "uc integration for microsoft lync",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6.3"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4.5.0"
},
{
"model": "rational application developer for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "big-ip websafe",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.404"
},
{
"model": "big-ip apm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"model": "unified contact center enterprise",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6.1"
},
{
"model": "telepresence system tx1310",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1"
},
{
"model": "tivoli provisioning manager for os deployment build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.151.05"
},
{
"model": "spa112 2-port phone adapter",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.4.2"
},
{
"model": "connected grid routers",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.3"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.4.1.2"
},
{
"model": "enterprise manager base platform",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1"
},
{
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3"
},
{
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"model": "big-ip gtm hf8",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.33"
},
{
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "big-ip ltm hf9",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "telepresence mx series tc7.3.7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.1"
},
{
"model": "ip interoperability and collaboration system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0(1)"
},
{
"model": "big-ip afm hf9",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"model": "project openssl 1.0.1c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "spa122 analog telephone adapter with router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip link controller hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"model": "big-ip aam hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "big-ip link controller hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "big-ip ltm hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "big-ip apm hf9",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "universal small cell series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50003.4.2.0"
},
{
"model": "security guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0.1"
},
{
"model": "big-ip asm hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.0"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.2"
},
{
"model": "uc integration for microsoft lync",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "connected grid routers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "openssh for gpfs for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5"
},
{
"model": "big-ip ltm hf10",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "big-ip apm hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "project openssl 1.0.1f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "big-ip asm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.3"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.401"
},
{
"model": "project openssl 1.0.2a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.8"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.15"
},
{
"model": "bigfix remote control",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.3"
},
{
"model": "unity express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.7"
},
{
"model": "project openssl 1.0.2f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.21"
},
{
"model": "big-ip afm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "13000"
},
{
"model": "big-ip link controller hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "big-ip gtm hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.0"
},
{
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.1"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.4"
},
{
"model": "tivoli provisioning manager for images",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.0"
},
{
"model": "tandberg codian isdn gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "email gateway 7.6.405h1165239",
"scope": null,
"trust": 0.3,
"vendor": "mcafee",
"version": null
},
{
"model": "jabber guest",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11"
},
{
"model": "big-ip asm hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0.0"
},
{
"model": "big-ip aam hf9",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.9"
},
{
"model": "big-ip websafe",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"model": "digital media manager 5.3.6 rb3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4.4.0"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"model": "series digital media players",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44000"
},
{
"model": "big-ip asm hf8",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"model": "ata series analog terminal adaptors",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1901.3"
},
{
"model": "prime network services controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ata series analog terminal adaptors",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1900"
},
{
"model": "asr series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "500021.2"
},
{
"model": "project openssl 1.0.1t",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "big-iq cloud hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.4"
},
{
"model": "ons series multiservice provisioning platforms",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1545410.7"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.12"
},
{
"model": "big-ip asm build",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.40.1.256"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.1"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"model": "telepresence system series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "cognos metrics manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.19"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2.3"
},
{
"model": "worklight consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.2"
},
{
"model": "big-ip gtm hf7",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6"
},
{
"model": "hosted collaboration mediation fulfillment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip apm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.4"
},
{
"model": "unified communications manager session management edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.19"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.0"
},
{
"model": "big-ip ltm hf11",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip apm build",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.110.104.180"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.2"
},
{
"model": "security guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.2"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.25"
},
{
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.0"
},
{
"model": "big-ip aam build",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.01.14.628"
},
{
"model": "webex meetings server multimedia platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.7"
},
{
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "unified ip conference phone 10.3.1sr4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8831"
},
{
"model": "prime network registrar",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.3.5"
},
{
"model": "big-ip analytics hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "project openssl 1.0.2d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "series stackable managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.2"
},
{
"model": "big-ip afm hf10",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "prime access registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified intelligent contact management enterprise",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6.1"
},
{
"model": "stealthwatch flowcollector netflow",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.3.2"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4.3.0"
},
{
"model": "ucs manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "big-ip edge gateway hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.11"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"model": "big-ip gtm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "network analysis module",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2(2)"
},
{
"model": "big-ip apm hf6",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6"
},
{
"model": "big-ip gtm hf9",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"model": "video surveillance 4300e and 4500e high-definition ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"model": "unified attendant console department edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ip series phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "78000"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "27000"
},
{
"model": "onepk all-in-one virtual machine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip link controller hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "big-ip ltm hf7",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"model": "big-iq centralized management",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "5.1"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"model": "big-ip pem hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1"
},
{
"model": "big-iq cloud hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.4"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.6.0.1"
},
{
"model": "industrial router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9100"
},
{
"model": "big-ip asm hf6",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.1"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "big-ip ltm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0.0"
},
{
"model": "big-ip asm hf11",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip asm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "big-ip asm hf9",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "unified intelligence center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip afm hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.0"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.4"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "video distribution suite for internet streaming",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip ltm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1"
},
{
"model": "telepresence system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "13006.1"
},
{
"model": "sdk for node.js",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.7.0.0"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.7.1"
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.116"
},
{
"model": "cloupia unified infrastructure controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50000"
},
{
"model": "telepresence system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11006.1"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.20"
},
{
"model": "packaged contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "agent desktop for cisco unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.0"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"model": "big-ip gtm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"model": "big-ip pem hf8",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6"
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"model": "adaptive security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.2"
},
{
"model": "telepresence sx series tc7.3.7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cognos metrics manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.5"
},
{
"model": "big-ip dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.1"
},
{
"model": "big-ip apm hf8",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"model": "big-ip afm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0.0"
},
{
"model": "project openssl 1.0.1n",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.1"
},
{
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.4"
},
{
"model": "nac appliance clean access server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "project openssl 1.0.1o",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "big-ip asm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "big-ip apm hf6",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "big-ip aam hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.0"
},
{
"model": "webex meetings for windows phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "80"
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"model": "sdk for node.js",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.4"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "firesight system software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1.0.1"
},
{
"model": "big-ip ltm build 685-hf10",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.3"
},
{
"model": "big-ip analytics hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6"
},
{
"model": "spa232d multi-line dect analog telephone adapter",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.1"
},
{
"model": "prime optical for service providers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smart care",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4.6.0"
},
{
"model": "big-ip ltm hf6",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6"
},
{
"model": "big-ip ltm hf11",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "big-ip link controller hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"model": "universal small cell cloudbase factory recovery root filesystem",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.99.4"
},
{
"model": "security network protection",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.11"
},
{
"model": "edge digital media player 1.2rb1.0.3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "340"
},
{
"model": "network performance analysis",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.1"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "60006.2.19"
},
{
"model": "big-ip asm hf6",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "unified ip conference phone for third-party call control",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"model": "big-ip afm hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"model": "big-ip afm hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "project openssl 1.0.2e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "big-ip link controller hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6"
},
{
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip afm hf10",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "big-ip aam hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0.0"
},
{
"model": "sonas",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.2.5"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.2.0"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"model": "security guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "big-ip analytics build",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.40.1.256"
},
{
"model": "big-ip afm hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.1"
},
{
"model": "project openssl 1.0.1q",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "spectrum control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.10"
},
{
"model": "webex meetings for windows phone",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "82.8"
},
{
"model": "universal small cell cloudbase factory recovery root filesystem",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.7"
},
{
"model": "big-ip analytics hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.0"
},
{
"model": "big-ip link controller hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.4"
},
{
"model": "secure access control system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.8.0.32.7"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.0"
},
{
"model": "telepresence integrator c series ce8.2.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5"
},
{
"model": "big-ip aam build",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.110.104.180"
},
{
"model": "tivoli provisioning manager for os deployment intirim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.133"
},
{
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.3"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.9"
},
{
"model": "big-ip apm hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2"
},
{
"model": "big-ip pem hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.4"
},
{
"model": "webex meetings client hosted",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.13"
},
{
"model": "big-ip ltm build",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.40.1.256"
},
{
"model": "content security management appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1.140"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.8"
},
{
"model": "big-ip aam hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "security virtual server protection for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"model": "stealthwatch udp director",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"model": "intrusion prevention system solutions",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.3"
},
{
"model": "big-iq centralized management",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.6"
},
{
"model": "unified ip conference phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"model": "nexus series switches 5.2.8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6000"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2.1"
},
{
"model": "big-ip ltm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.3"
},
{
"model": "big-ip analytics hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.14"
},
{
"model": "big-ip analytics hf10",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "smartcloud entry appliance fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.4"
},
{
"model": "big-ip ltm hf6",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "big-ip ltm hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0.0"
},
{
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.0"
},
{
"model": "big-ip link controller hf7",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "big-ip analytics build 685-hf10",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "jabber client framework components",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime ip express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified sip proxy software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.4"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip apm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1"
},
{
"model": "big-ip websafe",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.1"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"model": "big-ip pem hf10",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "mysql workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.1.4"
},
{
"model": "big-ip link controller hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "security manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "netflow generation appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip afm hf8",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.403"
},
{
"model": "jabber for mac",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.4"
},
{
"model": "big-ip analytics hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.4"
},
{
"model": "unified sip proxy software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "99510"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.3"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89450"
},
{
"model": "telepresence supervisor mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "80500"
},
{
"model": "tivoli provisioning manager for os deployment build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.20280.6"
},
{
"model": "telepresence server and mse",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "701087104.4"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.10"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.6"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.12"
},
{
"model": "ucs series and series fabric interconnects",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "620063000"
},
{
"model": "big-ip apm hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2.2"
},
{
"model": "big-ip apm hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "webex meeting center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.11"
},
{
"model": "big-ip aam hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.3"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.4"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.6.0.0"
},
{
"model": "big-ip gtm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.4"
},
{
"model": "big-ip analytics hf8",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.1"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.0"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.1"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.0"
},
{
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.1"
},
{
"model": "lotus protector for mail security",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.8.3.0"
},
{
"model": "netflow generation appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.1(1)"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.8"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.13"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.5.2"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.6"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2.2"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.6"
},
{
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.71"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.11"
},
{
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.0"
},
{
"model": "big-ip link controller hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.3"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"model": "big-ip apm hf11",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "socialminer",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip asm hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "big-ip link controller hf9",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"model": "powerkvm update",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.1.3-6513"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.28"
},
{
"model": "big-ip pem hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.2.0"
},
{
"model": "big-ip asm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.4"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "big-ip pem hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.3"
},
{
"model": "spa112 2-port phone adapter",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "intracer",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance series high-definition ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "40002.9"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.29"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.18"
},
{
"model": "big-ip dns hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0.0"
},
{
"model": "big-ip analytics hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "big-ip ltm hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "tivoli provisioning manager for os deployment build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1051.07"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.3"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.0"
},
{
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.1"
},
{
"model": "big-ip asm hf10",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "jabber for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "oss support tools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.8.15.7.15"
},
{
"model": "big-ip aam hf8",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6"
},
{
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.1.3"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.0"
},
{
"model": "prime infrastructure",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "telepresence video communication server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance 4300e and 4500e high-definition ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.9"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.3"
},
{
"model": "big-ip asm build",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.66.204.442"
},
{
"model": "powerkvm update",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.23"
},
{
"model": "computer telephony integration object server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6.1"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11000"
},
{
"model": "big-ip gtm hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "7"
},
{
"model": "telepresence sx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"model": "telepresence server on multiparty media and",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3103200"
},
{
"model": "big-ip ltm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.24"
},
{
"model": "content security appliance update servers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip psm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"model": "big-ip websafe hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "99710"
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.3"
},
{
"model": "videoscape anyres live",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9.7.2"
},
{
"model": "big-iq centralized management",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "5.0"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.6"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.9"
},
{
"model": "big-ip ltm hf8",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"model": "big-ip afm hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.2.3"
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.0.2"
},
{
"model": "security guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.4"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"model": "big-ip websafe",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.1"
},
{
"model": "big-ip link controller build",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.40.1.256"
},
{
"model": "firesight system software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.4.1.9"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.13"
},
{
"model": "big-ip gtm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.3"
},
{
"model": "big-ip link controller hf8",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip aam hf10",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"model": "ata analog telephone adaptor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1870"
},
{
"model": "universal small cell iuh",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.17.3"
},
{
"model": "big-ip analytics hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.4"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1.1"
},
{
"model": "big-ip link controller hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.2"
},
{
"model": "project openssl 1.0.1m",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "ios and cisco ios xe software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "16.4"
},
{
"model": "telepresence system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "500-326.1"
},
{
"model": "big-iq adc",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5"
},
{
"model": "big-ip asm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "big-ip aam hf8",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "expressway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"model": "vm virtualbox",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "5.1.8"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "small business series managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3000"
},
{
"model": "sdk for node.js",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.15"
},
{
"model": "virtualization experience media edition",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"model": "unity express",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10"
},
{
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.1"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.3.1"
},
{
"model": "big-ip aam hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "big-ip analytics hf9",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.6"
},
{
"model": "telepresence system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10006.1"
},
{
"model": "telepresence isdn gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32410"
},
{
"model": "big-ip afm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0.0"
},
{
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "edge digital media player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3000"
},
{
"model": "series smart plus switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2200"
},
{
"model": "enterprise manager ops center",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.2.2"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.3"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.21"
},
{
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.0"
},
{
"model": "smartcloud entry appliance fi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.0.4"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1000v0"
},
{
"model": "big-ip websafe hf8",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.5.1"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.6"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.5"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "virtual security gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip gtm hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "big-ip link controller hf8",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6"
},
{
"model": "big-ip link controller hf10",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.5"
},
{
"model": "big-ip asm hf10",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "telepresence tx9000 series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip gtm hf10",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "smartcloud entry appliance fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.4"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "big-ip afm build",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.40.1.256"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.2"
},
{
"model": "project openssl 1.0.1j",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "big-ip apm hf10",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"model": "series digital media players",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "43000"
},
{
"model": "telepresence system series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30006.1"
},
{
"model": "universal small cell series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70003.4.2.0"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.0"
},
{
"model": "big-ip asm hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.4"
},
{
"model": "big-ip psm hf9",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"model": "big-ip asm hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "unity connection",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.13"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.0"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.12"
},
{
"model": "ucs b-series blade servers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "ucs standalone c-series rack server integrated management cont",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.1"
},
{
"model": "security network protection",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2.5"
},
{
"model": "telepresence integrator c series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "spectrum control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.9"
},
{
"model": "big-ip dns hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"model": "project openssl 1.0.1d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "big-ip analytics hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.3"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.6.0.0"
},
{
"model": "big-ip analytics build",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.66.204.442"
},
{
"model": "big-ip aam hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.0"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.32"
},
{
"model": "big-ip link controller hf8",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"model": "big-ip asm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1"
},
{
"model": "big-iq cloud and orchestration",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "1.0"
},
{
"model": "big-ip apm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.2"
},
{
"model": "enterprise content delivery system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.9"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.5.1"
},
{
"model": "mds series multilayer switches 5.2.8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9000"
},
{
"model": "big-ip analytics hf8",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "series digital media players 5.4.1 rb4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4300"
},
{
"model": "ucs standalone c-series rack server integrated management cont",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "-3.0"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.2.1"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.3"
},
{
"model": "ios and cisco ios xe software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "16.1"
},
{
"model": "prime network",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence tx9000 series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4.2.0"
},
{
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.1"
},
{
"model": "big-ip gtm build",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.40.1.256"
},
{
"model": "prime performance manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip ltm build",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.66.204.442"
},
{
"model": "smart net total care local collector appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "prime collaboration provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.12"
},
{
"model": "connected grid routers",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "15.8.9"
},
{
"model": "big-ip aam build 685-hf10",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "network analysis module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.5.2"
},
{
"model": "nexus series fabric switches aci mode",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9000-0"
},
{
"model": "prime performance manager sp1611",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.7"
},
{
"model": "worklight consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.1"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.12"
},
{
"model": "big-ip ltm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.3"
},
{
"model": "big-ip gtm build 685-hf10",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.22"
},
{
"model": "unified ip phone 9.3 sr3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6901"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.23"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.16"
},
{
"model": "big-ip ltm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.4"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.10"
},
{
"model": "big-ip ltm hf9",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "telepresence server and mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "701087100"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.1.3"
},
{
"model": "big-ip apm hf9",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"model": "mds series multilayer switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "90006.2.19"
},
{
"model": "aironet series access points",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "270015.5(3)"
},
{
"model": "big-ip ltm hf10",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.30"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.4"
},
{
"model": "spectrum control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.11"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip asm build",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.01.14.628"
},
{
"model": "big-ip afm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.3"
},
{
"model": "telepresence server on virtual machine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip apm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.3"
},
{
"model": "rational application developer for websphere software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"model": "big-ip websafe hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"model": "big-ip asm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.4"
},
{
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.3"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.4"
},
{
"model": "nexus series switches 5.2.8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"model": "digital media manager 5.4.1 rb4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "unified workforce optimization quality management solution",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "telepresence integrator c series tc7.3.7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.3"
},
{
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.2"
},
{
"model": "universal small cell series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "50003.5.12.23"
},
{
"model": "big-ip aam hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.4"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.13"
},
{
"model": "spa122 analog telephone adapter with router",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.4.2"
},
{
"model": "big-ip asm hf7",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4"
},
{
"model": "big-ip aam hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.3"
},
{
"model": "cloud object storage",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.5"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.1"
},
{
"model": "big-ip apm build",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.66.204.442"
},
{
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.2"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.14"
},
{
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.2.4"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.3"
},
{
"model": "big-ip pem hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.0"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.4"
},
{
"model": "big-ip analytics hf8",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.4"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6"
},
{
"model": "unified intelligent contact management enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2.4"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.1"
},
{
"model": "application and content networking system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 1.0.1k",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "anyconnect secure mobility client for ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "ace application control engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "47100"
},
{
"model": "big-ip asm build 685-hf10",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.3"
},
{
"model": "oss support tools",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "8.15.17.3.14"
},
{
"model": "anyconnect secure mobility client for mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x0"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.2"
},
{
"model": "big-ip analytics hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0.0"
},
{
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.0"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.4.1.2"
},
{
"model": "tivoli provisioning manager for images build",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.20290.1"
},
{
"model": "project openssl 1.0.1b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "big-ip psm hf8",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.2"
},
{
"model": "big-ip pem hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"model": "big-ip dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.0"
},
{
"model": "prime infrastructure plug and play standalone gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "virtual security gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1.6"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "50006.2.19"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.3"
},
{
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"model": "project openssl 1.0.1u",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "telepresence conductor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.3"
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "big-ip websafe hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1"
},
{
"model": "application policy infrastructure controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jabber for mac",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip apm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0.0"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.5.2.2"
},
{
"model": "jabber for iphone and ipad",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.1"
},
{
"model": "prime network registrar",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.3"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.0.0"
},
{
"model": "cognos metrics manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.2"
},
{
"model": "big-ip ltm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.1"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.0"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.0"
},
{
"model": "telepresence video communication server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x8.8.3"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.16"
},
{
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.4.1"
},
{
"model": "series digital media players 5.4.1 rb4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4400"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0"
},
{
"model": "multicast manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "aironet series access points",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "270016.3"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"model": "big-ip wom hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "anyconnect secure mobility client for ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.7"
},
{
"model": "big-ip link controller build",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.66.204.442"
},
{
"model": "secure access control system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.8.0.32.8"
},
{
"model": "big-ip asm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.3"
},
{
"model": "big-ip psm hf10",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.3"
},
{
"model": "webex node for mcs",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence mcu",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5(1.89)"
},
{
"model": "management appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "anyconnect secure mobility client for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.7"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "videoscape anyres live",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance ptz ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip asm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.2"
},
{
"model": "big-ip asm hf9",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"model": "big-ip afm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "video distribution suite for internet streaming",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.003(002)"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.31"
},
{
"model": "iworkflow",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.0"
},
{
"model": "big-ip dns hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "sterling connect:direct for hp nonstop",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.6"
},
{
"model": "big-ip apm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"model": "big-ip apm hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.3"
},
{
"model": "project openssl 1.0.2c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "telepresence serial gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip asm build",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.110.104.180"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.1"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.13"
},
{
"model": "big-ip gtm hf8",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "big-ip asm hf8",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "big-ip analytics build",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.01.14.628"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.400"
},
{
"model": "big-ip apm build",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.40.1.256"
},
{
"model": "big-ip afm hf9",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89610"
},
{
"model": "expressway series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x8.8.3"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.12"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.3"
},
{
"model": "prime network",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "431"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "big-ip aam hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "big-ip ltm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500-320"
},
{
"model": "unified attendant console enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.1"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.14"
},
{
"model": "big-ip analytics hf9",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.26"
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"model": "big-ip websafe hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "telepresence system ex series ce8.2.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.3"
},
{
"model": "prime data center network manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "network analysis module 6.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "big-ip ltm build",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.01.14.628"
},
{
"model": "mxe series media experience engines",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "35000"
},
{
"model": "project openssl 1.0.2b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "big-ip afm build",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.66.204.442"
},
{
"model": "universal small cell cloudbase factory recovery root filesystem",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.17.3"
},
{
"model": "videoscape control suite",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tandberg codian mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83200"
},
{
"model": "ip series phones vpn feature",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8800-0"
},
{
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.3.0"
},
{
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.0"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.9"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.3"
},
{
"model": "big-ip pem hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.0"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"model": "big-ip afm hf10",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"model": "big-ip aam hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0.0"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.27"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.17"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.18"
},
{
"model": "enterprise manager base platform",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "13.2.0.0"
},
{
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5"
},
{
"model": "big-ip aam hf9",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "email gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.406-3402.103"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "3.1.1"
},
{
"model": "unified meetingplace 8.6mr1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "telepresence mx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tapi service provider",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip analytics hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500-370"
},
{
"model": "video surveillance series ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70002.9"
},
{
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.2"
},
{
"model": "big-ip asm hf8",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "big-ip pem hf11",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip ltm hf3",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.0"
},
{
"model": "spa525g 5-line ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence profile series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "sonas",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.1.0"
},
{
"model": "secure access control system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.22"
},
{
"model": "unified ip conference phone for third-party call control 9.3 sr3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8831"
},
{
"model": "unified ip series phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "79000"
},
{
"model": "big-ip ltm hf10",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "spa232d multi-line dect analog telephone adapter",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.4.2"
},
{
"model": "nexus series fabric switches aci mode",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9000-0"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.6"
},
{
"model": "big-ip link controller hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0.0"
},
{
"model": "big-iq security hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.4"
},
{
"model": "visual quality experience tools server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "virtualization experience media edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "big-ip ltm hf7",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6"
},
{
"model": "enterprise manager ops center",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.3.2"
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "email gateway 7.6.405h1157986",
"scope": null,
"trust": 0.3,
"vendor": "mcafee",
"version": null
},
{
"model": "big-ip link controller hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1"
},
{
"model": "project openssl 1.0.1l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.7"
},
{
"model": "big-ip apm build 685-hf10",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "registered envelope service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip pem hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0.0"
},
{
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.4"
},
{
"model": "universal small cell series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70003.5.12.23"
},
{
"model": "firesight system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip analytics hf10",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4"
},
{
"model": "smartcloud entry appliance fi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.0.4"
},
{
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1.0"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.15"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.2"
},
{
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.0"
},
{
"model": "big-ip websafe",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1"
},
{
"model": "unified meetingplace",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security virtual server protection for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1"
},
{
"model": "big-ip websafe hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"model": "big-ip pem hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.1"
},
{
"model": "unified contact center express",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6"
},
{
"model": "big-ip pem hf4",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.0"
},
{
"model": "tivoli provisioning manager for images system edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x7.1.1.0"
},
{
"model": "webex meetings server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.1.30"
},
{
"model": "big-iq device hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.4"
},
{
"model": "big-ip gtm build",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.66.204.442"
},
{
"model": "project openssl 1.0.1h",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "big-ip afm hf1",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.3"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2.0.13"
},
{
"model": "big-ip ltm hf5",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.6.0"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.402"
},
{
"model": "big-ip apm build",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "12.01.14.628"
},
{
"model": "project openssl 1.0.1p",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "93153"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004992"
},
{
"db": "NVD",
"id": "CVE-2016-6306"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1m:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1j:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1:beta2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1h:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1r:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1:beta3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1t:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1p:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1k:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1n:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1q:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1l:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1o:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1i:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:hp:icewall_sso:10.0:*:*:*:certd:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hp:icewall_mcrp:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hp:icewall_sso:10.0:*:*:*:dfw:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hp:icewall_sso_agent_option:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:novell:suse_linux_enterprise_module_for_web_scripting:12.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2h:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2:beta3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2:beta2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.1.2",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
"cpe_name": [],
"versionEndExcluding": "0.12.16",
"versionStartIncluding": "0.12.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
"cpe_name": [],
"versionEndExcluding": "0.10.47",
"versionStartIncluding": "0.10.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.7.0",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.6.0",
"versionStartIncluding": "4.2.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.12.0",
"versionStartIncluding": "5.0.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-6306"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "138870"
},
{
"db": "PACKETSTORM",
"id": "148521"
},
{
"db": "PACKETSTORM",
"id": "148525"
},
{
"db": "PACKETSTORM",
"id": "148524"
}
],
"trust": 0.4
},
"cve": "CVE-2016-6306",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2016-6306",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "High",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 5.9,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2016-6306",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-6306",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2016-6306",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-6306"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004992"
},
{
"db": "NVD",
"id": "CVE-2016-6306"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The certificate parser in OpenSSL before 1.0.1u and 1.0.2 before 1.0.2i might allow remote attackers to cause a denial of service (out-of-bounds read) via crafted certificate operations, related to s3_clnt.c and s3_srvr.c. Supplementary information : CWE Vulnerability type by CWE-125: Out-of-bounds Read ( Read out of bounds ) Has been identified. http://cwe.mitre.org/data/definitions/125.htmlService disruption through the manipulation of crafted certificates by third parties ( Read out of bounds ) There is a possibility of being put into a state. OpenSSL is prone to a local denial-of-service vulnerability. \nA local attacker can exploit this issue to cause a denial-of-service condition. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: openssl security update\nAdvisory ID: RHSA-2016:1940-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2016-1940.html\nIssue date: 2016-09-27\nCVE Names: CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 \n CVE-2016-2180 CVE-2016-2181 CVE-2016-2182 \n CVE-2016-6302 CVE-2016-6304 CVE-2016-6306 \n=====================================================================\n\n1. Summary:\n\nAn update for openssl is now available for Red Hat Enterprise Linux 6 and\nRed Hat Enterprise Linux 7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Desktop (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux HPC Node (v. 6) - x86_64\nRed Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64\nRed Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - x86_64\n\n3. Description:\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and\nTransport Layer Security (TLS) protocols, as well as a full-strength\ngeneral-purpose cryptography library. A remote attacker\ncould cause a TLS server using OpenSSL to consume an excessive amount of\nmemory and, possibly, exit unexpectedly after exhausting all available\nmemory, if it enabled OCSP stapling support. \n(CVE-2016-2178)\n\n* It was discovered that the Datagram TLS (DTLS) implementation could fail\nto release memory in certain cases. A malicious DTLS client could cause a\nDTLS server using OpenSSL to consume an excessive amount of memory and,\npossibly, exit unexpectedly after exhausting all available memory. A remote attacker could possibly use this flaw\nto make a DTLS server using OpenSSL to reject further packets sent from a\nDTLS client over an established DTLS connection. (CVE-2016-2181)\n\n* An out of bounds write flaw was discovered in the OpenSSL BN_bn2dec()\nfunction. (CVE-2016-2182)\n\n* A flaw was found in the DES/3DES cipher was used as part of the TLS/SSL\nprotocol. A man-in-the-middle attacker could use this flaw to recover some\nplaintext data by capturing large amounts of encrypted traffic between\nTLS/SSL server and client if the communication used a DES/3DES based\nciphersuite. (CVE-2016-2183)\n\nThis update mitigates the CVE-2016-2183 issue by lowering priority of DES\ncipher suites so they are not preferred over cipher suites using AES. For\ncompatibility reasons, DES cipher suites remain enabled by default and\nincluded in the set of cipher suites identified by the HIGH cipher string. \nFuture updates may move them to MEDIUM or not enable them by default. \n\n* An integer underflow flaw leading to a buffer over-read was found in the\nway OpenSSL parsed TLS session tickets. (CVE-2016-6302)\n\n* Multiple integer overflow flaws were found in the way OpenSSL performed\npointer arithmetic. A remote attacker could possibly use these flaws to\ncause a TLS/SSL server or client using OpenSSL to crash. (CVE-2016-2177)\n\n* An out of bounds read flaw was found in the way OpenSSL formatted Public\nKey Infrastructure Time-Stamp Protocol data for printing. An attacker could\npossibly cause an application using OpenSSL to crash if it printed time\nstamp data from the attacker. A remote attacker could\npossibly use these flaws to crash a TLS/SSL server or client using OpenSSL. \n(CVE-2016-6306)\n\nRed Hat would like to thank the OpenSSL project for reporting CVE-2016-6304\nand CVE-2016-6306 and OpenVPN for reporting CVE-2016-2183. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library\nmust be restarted, or the system rebooted. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1341705 - CVE-2016-2177 openssl: Possible integer overflow vulnerabilities in codebase\n1343400 - CVE-2016-2178 openssl: Non-constant time codepath followed for certain operations in DSA implementation\n1359615 - CVE-2016-2180 OpenSSL: OOB read in TS_OBJ_print_bio()\n1367340 - CVE-2016-2182 openssl: Out-of-bounds write caused by unchecked errors in BN_bn2dec()\n1369113 - CVE-2016-2181 openssl: DTLS replay protection bypass allows DoS against DTLS connection\n1369383 - CVE-2016-2183 SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)\n1369504 - CVE-2016-2179 openssl: DTLS memory exhaustion DoS when messages are not removed from fragment buffer\n1369855 - CVE-2016-6302 openssl: Insufficient TLS session ticket HMAC length checks\n1377594 - CVE-2016-6306 openssl: certificate message OOB reads\n1377600 - CVE-2016-6304 openssl: OCSP Status Request extension unbounded memory growth\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 6):\n\nSource:\nopenssl-1.0.1e-48.el6_8.3.src.rpm\n\ni386:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\n\nx86_64:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Optional (v. 6):\n\ni386:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-static-1.0.1e-48.el6_8.3.i686.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-static-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node (v. 6):\n\nSource:\nopenssl-1.0.1e-48.el6_8.3.src.rpm\n\nx86_64:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Optional (v. 6):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-static-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 6):\n\nSource:\nopenssl-1.0.1e-48.el6_8.3.src.rpm\n\ni386:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\n\nppc64:\nopenssl-1.0.1e-48.el6_8.3.ppc.rpm\nopenssl-1.0.1e-48.el6_8.3.ppc64.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.ppc.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.ppc64.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.ppc.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.ppc64.rpm\n\ns390x:\nopenssl-1.0.1e-48.el6_8.3.s390.rpm\nopenssl-1.0.1e-48.el6_8.3.s390x.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.s390.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.s390x.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.s390.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.s390x.rpm\n\nx86_64:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 6):\n\ni386:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-static-1.0.1e-48.el6_8.3.i686.rpm\n\nppc64:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.ppc64.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.ppc64.rpm\nopenssl-static-1.0.1e-48.el6_8.3.ppc64.rpm\n\ns390x:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.s390x.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.s390x.rpm\nopenssl-static-1.0.1e-48.el6_8.3.s390x.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-static-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 6):\n\nSource:\nopenssl-1.0.1e-48.el6_8.3.src.rpm\n\ni386:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\n\nx86_64:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 6):\n\ni386:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-static-1.0.1e-48.el6_8.3.i686.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-static-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nopenssl-1.0.1e-51.el7_2.7.src.rpm\n\nx86_64:\nopenssl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-static-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-static-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nopenssl-1.0.1e-51.el7_2.7.src.rpm\n\nx86_64:\nopenssl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-static-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-static-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nopenssl-1.0.1e-51.el7_2.7.src.rpm\n\nppc64:\nopenssl-1.0.1e-51.el7_2.7.ppc64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.ppc.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.ppc64.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.ppc.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.ppc64.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.ppc.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.ppc64.rpm\n\nppc64le:\nopenssl-1.0.1e-51.el7_2.7.ppc64le.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.ppc64le.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.ppc64le.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.ppc64le.rpm\n\ns390x:\nopenssl-1.0.1e-51.el7_2.7.s390x.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.s390.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.s390x.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.s390.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.s390x.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.s390.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.s390x.rpm\n\nx86_64:\nopenssl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.ppc.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.ppc64.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.ppc64.rpm\nopenssl-static-1.0.1e-51.el7_2.7.ppc.rpm\nopenssl-static-1.0.1e-51.el7_2.7.ppc64.rpm\n\nppc64le:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.ppc64le.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.ppc64le.rpm\nopenssl-static-1.0.1e-51.el7_2.7.ppc64le.rpm\n\ns390x:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.s390.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.s390x.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.s390x.rpm\nopenssl-static-1.0.1e-51.el7_2.7.s390.rpm\nopenssl-static-1.0.1e-51.el7_2.7.s390x.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-static-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-static-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nopenssl-1.0.1e-51.el7_2.7.src.rpm\n\nx86_64:\nopenssl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-static-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-static-1.0.1e-51.el7_2.7.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2016-2177\nhttps://access.redhat.com/security/cve/CVE-2016-2178\nhttps://access.redhat.com/security/cve/CVE-2016-2179\nhttps://access.redhat.com/security/cve/CVE-2016-2180\nhttps://access.redhat.com/security/cve/CVE-2016-2181\nhttps://access.redhat.com/security/cve/CVE-2016-2182\nhttps://access.redhat.com/security/cve/CVE-2016-6302\nhttps://access.redhat.com/security/cve/CVE-2016-6304\nhttps://access.redhat.com/security/cve/CVE-2016-6306\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://www.openssl.org/news/secadv/20160922.txt\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFX6nnFXlSAg2UNWIIRAqklAJ9uGMit/wxZ0CfuGjR7Vi2+AjmGMwCfTpEI\nxpTW7ApBLmKhVjs49DGYouI=\n=4VgY\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. Solution:\n\nThe References section of this erratum contains a download link (you must\nlog in to download the update). Before applying the update, back up your\nexisting Red Hat JBoss Web Server installation (including all applications\nand configuration files). \n\nAfter installing the updated packages, the httpd daemon will be restarted\nautomatically. Additional information can be found at\n https://www.openssl.org/blog/blog/2016/06/27/undefined-pointer-arithmetic/ \n\nCVE-2016-2178\n\n Cesar Pereida, Billy Brumley and Yuval Yarom discovered a timing\n leak in the DSA code. \n\nCVE-2016-2179 / CVE-2016-2181\n\n Quan Luo and the OCAP audit team discovered denial of service\n vulnerabilities in DTLS. \n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 1.0.1t-1+deb8u4. \n\nFor the unstable distribution (sid), these problems will be fixed soon. \n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201612-16\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: OpenSSL: Multiple vulnerabilities\n Date: December 07, 2016\n Bugs: #581234, #585142, #585276, #591454, #592068, #592074,\n #592082, #594500, #595186\n ID: 201612-16\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in OpenSSL, the worst of which\nallows attackers to conduct a time based side-channel attack. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 dev-libs/openssl \u003c 1.0.2j \u003e= 1.0.2j\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in OpenSSL. Please review\nthe CVE identifiers and the International Association for Cryptologic\nResearch\u0027s (IACR) paper, \"Make Sure DSA Signing Exponentiations Really\nare Constant-Time\" for further details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll OpenSSL users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-1.0.2j\"\n\nReferences\n==========\n\n[ 1 ] CVE-2016-2105\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2105\n[ 2 ] CVE-2016-2106\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2106\n[ 3 ] CVE-2016-2107\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2107\n[ 4 ] CVE-2016-2108\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2108\n[ 5 ] CVE-2016-2109\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2109\n[ 6 ] CVE-2016-2176\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2176\n[ 7 ] CVE-2016-2177\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2177\n[ 8 ] CVE-2016-2178\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2178\n[ 9 ] CVE-2016-2180\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2180\n[ 10 ] CVE-2016-2183\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2183\n[ 11 ] CVE-2016-6304\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6304\n[ 12 ] CVE-2016-6305\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6305\n[ 13 ] CVE-2016-6306\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6306\n[ 14 ] CVE-2016-7052\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7052\n[ 15 ] Make Sure DSA Signing Exponentiations Really are Constant-Time\n http://eprint.iacr.org/2016/594.pdf\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201612-16\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2016 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n\n. ==========================================================================\nUbuntu Security Notice USN-3087-1\nSeptember 22, 2016\n\nopenssl vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 16.04 LTS\n- Ubuntu 14.04 LTS\n- Ubuntu 12.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in OpenSSL. This\nissue has only been addressed in Ubuntu 16.04 LTS in this update. (CVE-2016-2178)\n\nQuan Luo discovered that OpenSSL did not properly restrict the lifetime\nof queue entries in the DTLS implementation. (CVE-2016-2181)\n\nShi Lei discovered that OpenSSL incorrectly validated division results. \n(CVE-2016-2182)\n\nKarthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES\nciphers were vulnerable to birthday attacks. \n(CVE-2016-2183)\n\nShi Lei discovered that OpenSSL incorrectly handled certain ticket lengths. (CVE-2016-6303)\n\nShi Lei discovered that OpenSSL incorrectly performed certain message\nlength checks. (CVE-2016-6306)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 16.04 LTS:\n libssl1.0.0 1.0.2g-1ubuntu4.4\n\nUbuntu 14.04 LTS:\n libssl1.0.0 1.0.1f-1ubuntu2.20\n\nUbuntu 12.04 LTS:\n libssl1.0.0 1.0.1-4ubuntu5.37\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. Description:\n\nThis release adds the new Apache HTTP Server 2.4.29 packages that are part\nof the JBoss Core Services offering. \n\nThis release serves as a replacement for Red Hat JBoss Core Services\nApache HTTP Server 2.4.23, and includes bug fixes and enhancements. Refer\nto the Release Notes for information on the most significant bug fixes,\nenhancements and component upgrades included in this release. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. JIRA issues fixed (https://issues.jboss.org/):\n\nJBCS-373 - Errata for httpd 2.4.29 GA RHEL 7\n\n7. \nOpenSSL Security Advisory [22 Sep 2016]\n========================================\n\nOCSP Status Request extension unbounded memory growth (CVE-2016-6304)\n=====================================================================\n\nSeverity: High\n\nA malicious client can send an excessively large OCSP Status Request extension. \nIf that client continually requests renegotiation, sending a large OCSP Status\nRequest extension each time, then there will be unbounded memory growth on the\nserver. This will eventually lead to a Denial Of Service attack through memory\nexhaustion. Servers with a default configuration are vulnerable even if they do\nnot support OCSP. Builds using the \"no-ocsp\" build time option are not affected. \n\nServers using OpenSSL versions prior to 1.0.1g are not vulnerable in a default\nconfiguration, instead only if an application explicitly enables OCSP stapling\nsupport. \n\nOpenSSL 1.1.0 users should upgrade to 1.1.0a\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 29th August 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL\ndevelopment team. \n\nSSL_peek() hang on empty record (CVE-2016-6305)\n===============================================\n\nSeverity: Moderate\n\nOpenSSL 1.1.0 SSL/TLS will hang during a call to SSL_peek() if the peer sends an\nempty record. This could be exploited by a malicious peer in a Denial Of Service\nattack. \n\nOpenSSL 1.1.0 users should upgrade to 1.1.0a\n\nThis issue was reported to OpenSSL on 10th September 2016 by Alex Gaynor. The\nfix was developed by Matt Caswell of the OpenSSL development team. \n\nSWEET32 Mitigation (CVE-2016-2183)\n==================================\n\nSeverity: Low\n\nSWEET32 (https://sweet32.info) is an attack on older block cipher algorithms\nthat use a block size of 64 bits. In mitigation for the SWEET32 attack DES based\nciphersuites have been moved from the HIGH cipherstring group to MEDIUM in\nOpenSSL 1.0.1 and OpenSSL 1.0.2. OpenSSL 1.1.0 since release has had these\nciphersuites disabled by default. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 16th August 2016 by Karthikeyan\nBhargavan and Gaetan Leurent (INRIA). The fix was developed by Rich Salz of the\nOpenSSL development team. \n\nOOB write in MDC2_Update() (CVE-2016-6303)\n==========================================\n\nSeverity: Low\n\nAn overflow can occur in MDC2_Update() either if called directly or\nthrough the EVP_DigestUpdate() function using MDC2. If an attacker\nis able to supply very large amounts of input data after a previous\ncall to EVP_EncryptUpdate() with a partial block then a length check\ncan overflow resulting in a heap corruption. \n\nThe amount of data needed is comparable to SIZE_MAX which is impractical\non most platforms. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 11th August 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL\ndevelopment team. \n\nMalformed SHA512 ticket DoS (CVE-2016-6302)\n===========================================\n\nSeverity: Low\n\nIf a server uses SHA512 for TLS session ticket HMAC it is vulnerable to a\nDoS attack where a malformed ticket will result in an OOB read which will\nultimately crash. \n\nThe use of SHA512 in TLS session tickets is comparatively rare as it requires\na custom server callback and ticket lookup mechanism. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 19th August 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL\ndevelopment team. \n\nOOB write in BN_bn2dec() (CVE-2016-2182)\n========================================\n\nSeverity: Low\n\nThe function BN_bn2dec() does not check the return value of BN_div_word(). \nThis can cause an OOB write if an application uses this function with an\noverly large BIGNUM. This could be a problem if an overly large certificate\nor CRL is printed out from an untrusted source. TLS is not affected because\nrecord limits will reject an oversized certificate before it is parsed. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 2nd August 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL\ndevelopment team. \n\nOOB read in TS_OBJ_print_bio() (CVE-2016-2180)\n==============================================\n\nSeverity: Low\n\nThe function TS_OBJ_print_bio() misuses OBJ_obj2txt(): the return value is\nthe total length the OID text representation would use and not the amount\nof data written. This will result in OOB reads when large OIDs are presented. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 21st July 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL\ndevelopment team. \n\nPointer arithmetic undefined behaviour (CVE-2016-2177)\n======================================================\n\nSeverity: Low\n\nAvoid some undefined pointer arithmetic\n\nA common idiom in the codebase is to check limits in the following manner:\n\"p + len \u003e limit\"\n\nWhere \"p\" points to some malloc\u0027d data of SIZE bytes and\nlimit == p + SIZE\n\n\"len\" here could be from some externally supplied data (e.g. from a TLS\nmessage). \n\nThe rules of C pointer arithmetic are such that \"p + len\" is only well\ndefined where len \u003c= SIZE. Therefore the above idiom is actually\nundefined behaviour. \n\nFor example this could cause problems if some malloc implementation\nprovides an address for \"p\" such that \"p + len\" actually overflows for\nvalues of len that are too big and therefore p + len \u003c limit. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 4th May 2016 by Guido Vranken. The\nfix was developed by Matt Caswell of the OpenSSL development team. \n\nConstant time flag not preserved in DSA signing (CVE-2016-2178)\n===============================================================\n\nSeverity: Low\n\nOperations in the DSA signing algorithm should run in constant time in order to\navoid side channel attacks. A flaw in the OpenSSL DSA implementation means that\na non-constant time codepath is followed for certain operations. This has been\ndemonstrated through a cache-timing attack to be sufficient for an attacker to\nrecover the private DSA key. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 23rd May 2016 by C\u00e9sar Pereida (Aalto\nUniversity), Billy Brumley (Tampere University of Technology), and Yuval Yarom\n(The University of Adelaide and NICTA). The fix was developed by C\u00e9sar Pereida. \n\nDTLS buffered message DoS (CVE-2016-2179)\n=========================================\n\nSeverity: Low\n\nIn a DTLS connection where handshake messages are delivered out-of-order those\nmessages that OpenSSL is not yet ready to process will be buffered for later\nuse. Under certain circumstances, a flaw in the logic means that those messages\ndo not get removed from the buffer even though the handshake has been completed. \nAn attacker could force up to approx. 15 messages to remain in the buffer when\nthey are no longer required. These messages will be cleared when the DTLS\nconnection is closed. The default maximum size for a message is 100k. Therefore\nthe attacker could force an additional 1500k to be consumed per connection. By\nopening many simulataneous connections an attacker could cause a DoS attack\nthrough memory exhaustion. \n\nOpenSSL 1.0.2 DTLS users should upgrade to 1.0.2i\nOpenSSL 1.0.1 DTLS users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 22nd June 2016 by Quan Luo. The fix was\ndeveloped by Matt Caswell of the OpenSSL development team. \n\nDTLS replay protection DoS (CVE-2016-2181)\n==========================================\n\nSeverity: Low\n\nA flaw in the DTLS replay attack protection mechanism means that records that\narrive for future epochs update the replay protection \"window\" before the MAC\nfor the record has been validated. This could be exploited by an attacker by\nsending a record for the next epoch (which does not have to decrypt or have a\nvalid MAC), with a very large sequence number. This means that all subsequent\nlegitimate packets are dropped causing a denial of service for a specific\nDTLS connection. \n\nOpenSSL 1.0.2 DTLS users should upgrade to 1.0.2i\nOpenSSL 1.0.1 DTLS users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 21st November 2015 by the OCAP audit team. \nThe fix was developed by Matt Caswell of the OpenSSL development team. \n\nCertificate message OOB reads (CVE-2016-6306)\n=============================================\n\nSeverity: Low\n\nIn OpenSSL 1.0.2 and earlier some missing message length checks can result in\nOOB reads of up to 2 bytes beyond an allocated buffer. There is a theoretical\nDoS risk but this has not been observed in practice on common platforms. \n\nThe messages affected are client certificate, client certificate request and\nserver certificate. As a result the attack can only be performed against\na client or a server which enables client authentication. \n\nOpenSSL 1.1.0 is not affected. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 22nd August 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL\ndevelopment team. \n\nExcessive allocation of memory in tls_get_message_header() (CVE-2016-6307)\n==========================================================================\n\nSeverity: Low\n\nA TLS message includes 3 bytes for its length in the header for the message. \nThis would allow for messages up to 16Mb in length. Messages of this length are\nexcessive and OpenSSL includes a check to ensure that a peer is sending\nreasonably sized messages in order to avoid too much memory being consumed to\nservice a connection. A flaw in the logic of version 1.1.0 means that memory for\nthe message is allocated too early, prior to the excessive message length\ncheck. Due to way memory is allocated in OpenSSL this could mean an attacker\ncould force up to 21Mb to be allocated to service a connection. This could lead\nto a Denial of Service through memory exhaustion. However, the excessive message\nlength check still takes place, and this would cause the connection to\nimmediately fail. Assuming that the application calls SSL_free() on the failed\nconneciton in a timely manner then the 21Mb of allocated memory will then be\nimmediately freed again. Therefore the excessive memory allocation will be\ntransitory in nature. This then means that there is only a security impact if:\n\n1) The application does not call SSL_free() in a timely manner in the\nevent that the connection fails\nor\n2) The application is working in a constrained environment where there\nis very little free memory\nor\n3) The attacker initiates multiple connection attempts such that there\nare multiple connections in a state where memory has been allocated for\nthe connection; SSL_free() has not yet been called; and there is\ninsufficient memory to service the multiple requests. \n\nExcept in the instance of (1) above any Denial Of Service is likely to\nbe transitory because as soon as the connection fails the memory is\nsubsequently freed again in the SSL_free() call. However there is an\nincreased risk during this period of application crashes due to the lack\nof memory - which would then mean a more serious Denial of Service. \n\nThis issue does not affect DTLS users. \n\nOpenSSL 1.1.0 TLS users should upgrade to 1.1.0a\n\nThis issue was reported to OpenSSL on 18th September 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL\ndevelopment team. \n\nExcessive allocation of memory in dtls1_preprocess_fragment() (CVE-2016-6308)\n=============================================================================\n\nSeverity: Low\n\nThis issue is very similar to CVE-2016-6307. The underlying defect is different\nbut the security analysis and impacts are the same except that it impacts DTLS. \n\nA DTLS message includes 3 bytes for its length in the header for the message. \nThis would allow for messages up to 16Mb in length. Messages of this length are\nexcessive and OpenSSL includes a check to ensure that a peer is sending\nreasonably sized messages in order to avoid too much memory being consumed to\nservice a connection. A flaw in the logic of version 1.1.0 means that memory for\nthe message is allocated too early, prior to the excessive message length\ncheck. Due to way memory is allocated in OpenSSL this could mean an attacker\ncould force up to 21Mb to be allocated to service a connection. This could lead\nto a Denial of Service through memory exhaustion. However, the excessive message\nlength check still takes place, and this would cause the connection to\nimmediately fail. Assuming that the application calls SSL_free() on the failed\nconneciton in a timely manner then the 21Mb of allocated memory will then be\nimmediately freed again. Therefore the excessive memory allocation will be\ntransitory in nature. This then means that there is only a security impact if:\n\n1) The application does not call SSL_free() in a timely manner in the\nevent that the connection fails\nor\n2) The application is working in a constrained environment where there\nis very little free memory\nor\n3) The attacker initiates multiple connection attempts such that there\nare multiple connections in a state where memory has been allocated for\nthe connection; SSL_free() has not yet been called; and there is\ninsufficient memory to service the multiple requests. \n\nExcept in the instance of (1) above any Denial Of Service is likely to\nbe transitory because as soon as the connection fails the memory is\nsubsequently freed again in the SSL_free() call. However there is an\nincreased risk during this period of application crashes due to the lack\nof memory - which would then mean a more serious Denial of Service. \n\nThis issue does not affect TLS users. \n\nOpenSSL 1.1.0 DTLS users should upgrade to 1.1.0a\n\nThis issue was reported to OpenSSL on 18th September 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL\ndevelopment team. \n\nNote\n====\n\nAs per our previous announcements and our Release Strategy\n(https://www.openssl.org/policies/releasestrat.html), support for OpenSSL\nversion 1.0.1 will cease on 31st December 2016. No security updates for that\nversion will be provided after that date. Users of 1.0.1 are advised to\nupgrade. \n\nSupport for versions 0.9.8 and 1.0.0 ended on 31st December 2015. Those\nversions are no longer receiving security updates. \n\nReferences\n==========\n\nURL for this Security Advisory:\nhttps://www.openssl.org/news/secadv/20160922.txt\n\nNote: the online version of the advisory may be updated with additional details\nover time. \n\nFor details of OpenSSL severity classifications please see:\nhttps://www.openssl.org/policies/secpolicy.html\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-6306"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004992"
},
{
"db": "BID",
"id": "93153"
},
{
"db": "VULMON",
"id": "CVE-2016-6306"
},
{
"db": "PACKETSTORM",
"id": "138870"
},
{
"db": "PACKETSTORM",
"id": "148521"
},
{
"db": "PACKETSTORM",
"id": "148525"
},
{
"db": "PACKETSTORM",
"id": "138817"
},
{
"db": "PACKETSTORM",
"id": "140056"
},
{
"db": "PACKETSTORM",
"id": "138820"
},
{
"db": "PACKETSTORM",
"id": "148524"
},
{
"db": "PACKETSTORM",
"id": "169633"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-6306",
"trust": 3.0
},
{
"db": "BID",
"id": "93153",
"trust": 1.4
},
{
"db": "MCAFEE",
"id": "SB10215",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1036885",
"trust": 1.1
},
{
"db": "TENABLE",
"id": "TNS-2016-16",
"trust": 1.1
},
{
"db": "TENABLE",
"id": "TNS-2016-21",
"trust": 1.1
},
{
"db": "TENABLE",
"id": "TNS-2016-20",
"trust": 1.1
},
{
"db": "PULSESECURE",
"id": "SA40312",
"trust": 1.1
},
{
"db": "SIEMENS",
"id": "SSA-412672",
"trust": 1.1
},
{
"db": "JUNIPER",
"id": "JSA10759",
"trust": 1.1
},
{
"db": "JVN",
"id": "JVNVU98667810",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004992",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-22-349-21",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-6306",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "138870",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148521",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148525",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "138817",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "140056",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "138820",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148524",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169633",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-6306"
},
{
"db": "BID",
"id": "93153"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004992"
},
{
"db": "PACKETSTORM",
"id": "138870"
},
{
"db": "PACKETSTORM",
"id": "148521"
},
{
"db": "PACKETSTORM",
"id": "148525"
},
{
"db": "PACKETSTORM",
"id": "138817"
},
{
"db": "PACKETSTORM",
"id": "140056"
},
{
"db": "PACKETSTORM",
"id": "138820"
},
{
"db": "PACKETSTORM",
"id": "148524"
},
{
"db": "PACKETSTORM",
"id": "169633"
},
{
"db": "NVD",
"id": "CVE-2016-6306"
}
]
},
"id": "VAR-201609-0592",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.39275403863636366
},
"last_update_date": "2024-07-04T21:32:12.934000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20160927-openssl",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160927-openssl"
},
{
"title": "hitachi-sec-2017-102",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/prod/comp/soft1/global/security/info/vuls/hitachi-sec-2017-102/index.html"
},
{
"title": "HPSBGN03658",
"trust": 0.8,
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05302448"
},
{
"title": "1995039",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039"
},
{
"title": "NV17-001",
"trust": 0.8,
"url": "http://jpn.nec.com/security-info/secinfo/nv17-001.html"
},
{
"title": "OpenSSL 1.0.2 Series Release Notes",
"trust": 0.8,
"url": "https://www.openssl.org/news/openssl-1.0.2-notes.html"
},
{
"title": "OpenSSL 1.0.1 Series Release Notes",
"trust": 0.8,
"url": "https://www.openssl.org/news/openssl-1.0.1-notes.html"
},
{
"title": "Security updates for all active release lines, September 2016",
"trust": 0.8,
"url": "https://nodejs.org/en/blog/vulnerability/september-2016-security-releases/"
},
{
"title": "Fix small OOB reads.",
"trust": 0.8,
"url": "https://git.openssl.org/?p=openssl.git;a=commit;h=52e623c4cb06fffa9d5e75c60b34b4bc130b12e9"
},
{
"title": "Certificate message OOB reads (CVE-2016-6306)",
"trust": 0.8,
"url": "https://www.openssl.org/news/secadv/20160922.txt"
},
{
"title": "SUSE-SU-2016:2470",
"trust": 0.8,
"url": "https://lists.opensuse.org/opensuse-security-announce/2016-10/msg00013.html"
},
{
"title": "Oracle Critical Patch Update Advisory - October 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"title": "Oracle Linux Bulletin - October 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html"
},
{
"title": "Oracle VM Server for x86 Bulletin - October 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html"
},
{
"title": "SA40312",
"trust": 0.8,
"url": "https://kb.pulsesecure.net/articles/pulse_security_advisories/sa40312"
},
{
"title": "SA132",
"trust": 0.8,
"url": "https://bto.bluecoat.com/security-advisory/sa132"
},
{
"title": "JSA10759",
"trust": 0.8,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10759"
},
{
"title": "TNS-2016-16",
"trust": 0.8,
"url": "https://www.tenable.com/security/tns-2016-16"
},
{
"title": "TLSA-2016-28",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2016/tlsa-2016-28j.html"
},
{
"title": "hitachi-sec-2017-102",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/prod/comp/soft1/security/info/vuls/hitachi-sec-2017-102/index.html"
},
{
"title": "Red Hat: Moderate: Red Hat JBoss Core Services Apache HTTP Server 2.4.29 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20182187 - security advisory"
},
{
"title": "Red Hat: Moderate: Red Hat JBoss Core Services Apache HTTP Server 2.4.29 RHEL 7 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20182185 - security advisory"
},
{
"title": "Red Hat: Important: openssl security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20161940 - security advisory"
},
{
"title": "Red Hat: Moderate: Red Hat JBoss Core Services Apache HTTP Server 2.4.29 RHEL 6 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20182186 - security advisory"
},
{
"title": "Arch Linux Issues: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=cve-2016-6306"
},
{
"title": "Red Hat: CVE-2016-6306",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2016-6306"
},
{
"title": "Ubuntu Security Notice: openssl regression",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3087-2"
},
{
"title": "Ubuntu Security Notice: openssl vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3087-1"
},
{
"title": "Amazon Linux AMI: ALAS-2016-755",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2016-755"
},
{
"title": "Arch Linux Advisories: [ASA-201609-23] openssl: multiple issues",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=asa-201609-23"
},
{
"title": "Arch Linux Advisories: [ASA-201609-24] lib32-openssl: multiple issues",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=asa-201609-24"
},
{
"title": "IBM: IBM Security Bulletin: Fabric OS firmware for Brocade 8Gb SAN Switch Module for BladeCenter is affected by vulnerabilities in OpenSSL and OpenSSH",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=b7f5b1e7edcafce07f28205855d4db49"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - January 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=69e9536e77203a3c76b24dd89f4f9300"
},
{
"title": "Forcepoint Security Advisories: CVE-2016-2180 to -2183, -6302 to -6309, -2179, -7052 OpenSSL Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=forcepoint_security_advisories\u0026qid=a9dd8a175d084c7432b7ad47715ac50c"
},
{
"title": "Tenable Security Advisories: [R7] Nessus 6.9 Fixes Multiple Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=tns-2016-16"
},
{
"title": "Symantec Security Advisories: SA132 : OpenSSL Vulnerabilities 22-Sep-2016 and 26-Sep-2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=1e6dcaf5dac6ef96a7d917a8c1393040"
},
{
"title": "Cisco: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: September 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20160927-openssl"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=05aabe19d38058b7814ef5514aab4c0c"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - July 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=ac5af5dd99788925425f5747ec672707"
},
{
"title": "Tenable Security Advisories: [R3] PVS 5.2.0 Fixes Multiple Third-party Library Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=tns-2016-20"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - July 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=586e6062440cdd312211d748e028164e"
},
{
"title": "Tenable Security Advisories: [R2] LCE 4.8.2 Fixes Multiple Third-party Library Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=tns-2016-21"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - October 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=6839c4d3fd328571c675c335d58b5591"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - July 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=2f446a7e1ea263c0c3a365776c6713f2"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - April 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=a31bff03e9909229fd67996884614fdf"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - January 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=e2a7f287e9acc8c64ab3df71130bc64d"
},
{
"title": "Oracle VM Server for x86 Bulletins: Oracle VM Server for x86 Bulletin - October 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_vm_server_for_x86_bulletins\u0026qid=21c0efa2643d707e2f50a501209eb75c"
},
{
"title": "Oracle Linux Bulletins: Oracle Linux Bulletin - October 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=13f3551b67d913fba90df4b2c0dae0bf"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - April 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=4019ca77f50c7a34e4d97833e6f3321e"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - April 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=143b3fb255063c81571469eaa3cf0a87"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=523d3f220a64ff01dd95e064bd37566a"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-6306 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/imhunterand/hackerone-publicy-disclosed "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-6306"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004992"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-125",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-004992"
},
{
"db": "NVD",
"id": "CVE-2016-6306"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://www.openssl.org/news/secadv/20160922.txt"
},
{
"trust": 1.4,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039"
},
{
"trust": 1.4,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/bid/93153"
},
{
"trust": 1.2,
"url": "https://security.gentoo.org/glsa/201612-16"
},
{
"trust": 1.2,
"url": "http://rhn.redhat.com/errata/rhsa-2016-1940.html"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2018:2187"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2018:2186"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2018:2185"
},
{
"trust": 1.2,
"url": "http://www.ubuntu.com/usn/usn-3087-1"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00013.html"
},
{
"trust": 1.1,
"url": "https://nodejs.org/en/blog/vulnerability/september-2016-security-releases/"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05302448"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html"
},
{
"trust": 1.1,
"url": "https://kb.pulsesecure.net/articles/pulse_security_advisories/sa40312"
},
{
"trust": 1.1,
"url": "https://bto.bluecoat.com/security-advisory/sa132"
},
{
"trust": 1.1,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10759"
},
{
"trust": 1.1,
"url": "https://www.tenable.com/security/tns-2016-16"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1036885"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"trust": 1.1,
"url": "https://www.tenable.com/security/tns-2016-21"
},
{
"trust": 1.1,
"url": "https://www.tenable.com/security/tns-2016-20"
},
{
"trust": 1.1,
"url": "https://security.freebsd.org/advisories/freebsd-sa-16:26.openssl.asc"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"trust": 1.1,
"url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03856en_us"
},
{
"trust": 1.1,
"url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
},
{
"trust": 1.1,
"url": "https://www.oracle.com/security-alerts/cpujan2020.html"
},
{
"trust": 1.1,
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
},
{
"trust": 1.1,
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"trust": 1.1,
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"trust": 1.1,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10215"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00005.html"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2016/dsa-3673"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00024.html"
},
{
"trust": 1.1,
"url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en\u0026docid=emr_na-hpesbhf03856en_us"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00010.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00029.html"
},
{
"trust": 1.1,
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1749-security-advisory-24"
},
{
"trust": 1.1,
"url": "https://support.f5.com/csp/article/k90492697"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00012.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00032.html"
},
{
"trust": 1.1,
"url": "http://www.ubuntu.com/usn/usn-3087-2"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00023.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00011.html"
},
{
"trust": 1.1,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170322-01-openssl-en"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00031.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00011.html"
},
{
"trust": 1.1,
"url": "http://seclists.org/fulldisclosure/2017/jul/31"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00021.html"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-c05302448"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00022.html"
},
{
"trust": 1.1,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
},
{
"trust": 1.1,
"url": "https://git.openssl.org/?p=openssl.git%3ba=commit%3bh=52e623c4cb06fffa9d5e75c60b34b4bc130b12e9"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-6306"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu98667810/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-6306"
},
{
"trust": 0.8,
"url": "http://www.bizmobile.co.jp/news_02.php?id=4069\u0026nc=1"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6306"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2182"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6302"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2178"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2177"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6304"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2180"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2179"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2016-6306"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2181"
},
{
"trust": 0.4,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2016-2182"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2016-6302"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2183"
},
{
"trust": 0.3,
"url": "http://openssl.org/"
},
{
"trust": 0.3,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160927-openssl"
},
{
"trust": 0.3,
"url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory21.asc"
},
{
"trust": 0.3,
"url": "https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-openssl-affect-ibm-worklight-and-ibm-mobilefirst-platform-foundation-2/"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1024394"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=isg3t1024401"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1024507"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1024648"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1021643"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
},
{
"trust": 0.3,
"url": "https://kc.mcafee.com/resources/sites/mcafee/content/live/product_documentation/27000/pd27128/en_us/meg_7_6_406_3402_103_release_notes_en_us.pdf"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21991896"
},
{
"trust": 0.3,
"url": "https://support.f5.com/kb/en-us/solutions/public/k/90/sol90492697.html?sr=59127107"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1009586"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1s1009648"
},
{
"trust": 0.3,
"url": "https://www-01.ibm.com/support/docview.wss?uid=swg21985392"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21991724"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21992348"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21992427"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21992681"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21992898"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21993061"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21993601"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21993856"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21993875"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995129"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995392"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995393"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995691"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-3731"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-7055"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-3738"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-3731"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-3737"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-3732"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-3738"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-3732"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_core_services/2.4.29/"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2016-7055"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-3737"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-3736"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-3736"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6303"
},
{
"trust": 0.2,
"url": "https://issues.jboss.org/):"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6305"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/125.html"
},
{
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-6306"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/3087-2/"
},
{
"trust": 0.1,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-21"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=49001"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2180"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2177"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2181"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-6304"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2179"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2178"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/blog/blog/2016/06/27/undefined-pointer-arithmetic/"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2107"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2109"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2106"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2105"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2183"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2107"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2178"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2176"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-7052"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-6304"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-6305"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2108"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2106"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2108"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7052"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2105"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2109"
},
{
"trust": 0.1,
"url": "http://eprint.iacr.org/2016/594.pdf"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2176"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2180"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2177"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-6306"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1-4ubuntu5.37"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu2.20"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.2g-1ubuntu4.4"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6308"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/policies/secpolicy.html"
},
{
"trust": 0.1,
"url": "https://sweet32.info)"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/policies/releasestrat.html),"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6307"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-6306"
},
{
"db": "BID",
"id": "93153"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004992"
},
{
"db": "PACKETSTORM",
"id": "138870"
},
{
"db": "PACKETSTORM",
"id": "148521"
},
{
"db": "PACKETSTORM",
"id": "148525"
},
{
"db": "PACKETSTORM",
"id": "138817"
},
{
"db": "PACKETSTORM",
"id": "140056"
},
{
"db": "PACKETSTORM",
"id": "138820"
},
{
"db": "PACKETSTORM",
"id": "148524"
},
{
"db": "PACKETSTORM",
"id": "169633"
},
{
"db": "NVD",
"id": "CVE-2016-6306"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2016-6306"
},
{
"db": "BID",
"id": "93153"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004992"
},
{
"db": "PACKETSTORM",
"id": "138870"
},
{
"db": "PACKETSTORM",
"id": "148521"
},
{
"db": "PACKETSTORM",
"id": "148525"
},
{
"db": "PACKETSTORM",
"id": "138817"
},
{
"db": "PACKETSTORM",
"id": "140056"
},
{
"db": "PACKETSTORM",
"id": "138820"
},
{
"db": "PACKETSTORM",
"id": "148524"
},
{
"db": "PACKETSTORM",
"id": "169633"
},
{
"db": "NVD",
"id": "CVE-2016-6306"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-09-26T00:00:00",
"db": "VULMON",
"id": "CVE-2016-6306"
},
{
"date": "2016-09-23T00:00:00",
"db": "BID",
"id": "93153"
},
{
"date": "2016-09-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-004992"
},
{
"date": "2016-09-27T19:32:00",
"db": "PACKETSTORM",
"id": "138870"
},
{
"date": "2018-07-12T21:45:18",
"db": "PACKETSTORM",
"id": "148521"
},
{
"date": "2018-07-12T21:48:57",
"db": "PACKETSTORM",
"id": "148525"
},
{
"date": "2016-09-22T22:22:00",
"db": "PACKETSTORM",
"id": "138817"
},
{
"date": "2016-12-07T16:37:31",
"db": "PACKETSTORM",
"id": "140056"
},
{
"date": "2016-09-22T22:25:00",
"db": "PACKETSTORM",
"id": "138820"
},
{
"date": "2018-07-12T21:48:49",
"db": "PACKETSTORM",
"id": "148524"
},
{
"date": "2016-09-22T12:12:12",
"db": "PACKETSTORM",
"id": "169633"
},
{
"date": "2016-09-26T19:59:02.910000",
"db": "NVD",
"id": "CVE-2016-6306"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2016-6306"
},
{
"date": "2017-12-19T22:37:00",
"db": "BID",
"id": "93153"
},
{
"date": "2017-07-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-004992"
},
{
"date": "2023-11-07T02:33:57.240000",
"db": "NVD",
"id": "CVE-2016-6306"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "138870"
},
{
"db": "PACKETSTORM",
"id": "148525"
},
{
"db": "PACKETSTORM",
"id": "138820"
},
{
"db": "PACKETSTORM",
"id": "148524"
}
],
"trust": 0.4
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL Denial of service in a certificate parser (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-004992"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Failure to Handle Exceptional Conditions",
"sources": [
{
"db": "BID",
"id": "93153"
}
],
"trust": 0.3
}
}
VAR-201406-0142
Vulnerability from variot - Updated: 2024-06-14 21:51The dtls1_get_message_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h allows remote attackers to cause a denial of service (recursion and client crash) via a DTLS hello message in an invalid DTLS handshake. OpenSSL is prone to a denial-of-service vulnerability. An attacker can exploit this issue to crash the affected application, denying service to legitimate users. OpenSSL prior to 0.9.8za,1.0.0m and 1.0.1h are vulnerable. These vulnerabilities include:
-
The SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" also known as "POODLE", which could be exploited remotely resulting in disclosure of information.
-
HP StoreVirtual VSA Software 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4130 600GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4130 600GB China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 1TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 450GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 1TB MDL China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 450GB China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 900GB China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 FC 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 FC 900GB China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 2TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 3TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 450GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 600GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4630 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4730 600GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4730 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4730 FC 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 450GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 900GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 1TB MDL SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 3TB MDL SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 450GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4335 China Hybrid Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4335 Hybrid Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 4TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4130 600GB China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4130 600GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 1TB MDL China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 1TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 1TB MDL SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 450GB China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 450GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 450GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 900GB China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 900GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 FC 900GB China SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4330 FC 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4335 China Hybrid SAN Solution 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4335 China Hybrid Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4335 Hybrid SAN Solution 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4335 Hybrid Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 2TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 3TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 3TB MDL SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 450GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 450GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 4TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 600GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4530 600GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4630 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4730 600GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4730 600GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4730 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4730 900GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5
- HP StoreVirtual 4730 FC 900GB SAS Storage 12.6, 12.5, 12.0, 11.5
BACKGROUND
CVSS Base Metrics ================= Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector
CVE-2010-5298
4.8 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
4.0 (AV:N/AC:H/Au:N/C:N/I:P/A:P)
CVE-2014-0076
4.0 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1.9 (AV:L/AC:M/Au:N/C:P/I:N/A:N)
CVE-2014-0195
7.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVE-2014-0198
5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
CVE-2014-0221
5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
CVE-2014-0224
6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVE-2014-3470
5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
CVE-2014-3566
3.1 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)
CVE-2016-0705
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Information on CVSS is documented in
HPE Customer Notice HPSN-2008-002 here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499
RESOLUTION
HPE recommends applying the following software updates to resolve the vulnerabilities in the impacted versions of HPE StoreVirtual products running HPE LeftHand OS.
LeftHand OS v11.5 - Patches 45019-00 and 45020 LeftHand OS v12.0 - Patches 50016-00 and 50017-00 LeftHand OS v12.5 - Patch 55016-00 LeftHand OS v12.6 - Patch 56002-00
Notes:
These patches enable TLSv1.2 protocol and upgrades the OpenSSL RPM revision to OpenSSL v1.0.1e 48. These patches migrate Certificate Authority Hashing Algorithm from a weak hashing algorithm SHA1 to the stronger hashing algorithm SHA256. ============================================================================ Ubuntu Security Notice USN-2232-1 June 05, 2014
openssl vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 LTS
- Ubuntu 13.10
- Ubuntu 12.04 LTS
- Ubuntu 10.04 LTS
Summary:
Several security issues were fixed in OpenSSL. This issue only affected Ubuntu 12.04 LTS, Ubuntu 13.10, and Ubuntu 14.04 LTS. This issue only affected Ubuntu 12.04 LTS, Ubuntu 13.10, and Ubuntu 14.04 LTS. (CVE-2014-3470)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 14.04 LTS: libssl1.0.0 1.0.1f-1ubuntu2.2
Ubuntu 13.10: libssl1.0.0 1.0.1e-3ubuntu1.4
Ubuntu 12.04 LTS: libssl1.0.0 1.0.1-4ubuntu5.14
Ubuntu 10.04 LTS: libssl0.9.8 0.9.8k-7ubuntu8.18
After a standard system update you need to reboot your computer to make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: openssl security update Advisory ID: RHSA-2014:0679-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0679.html Issue date: 2014-06-10 CVE Names: CVE-2010-5298 CVE-2014-0195 CVE-2014-0198 CVE-2014-0221 CVE-2014-0224 CVE-2014-3470 =====================================================================
- Summary:
Updated openssl packages that fix multiple security issues are now available for Red Hat Enterprise Linux 7.
The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
- Description:
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library.
It was found that OpenSSL clients and servers could be forced, via a specially crafted handshake packet, to use weak keying material for communication. A man-in-the-middle attacker could use this flaw to decrypt and modify traffic between a client and a server. (CVE-2014-0224)
Note: In order to exploit this flaw, both the server and the client must be using a vulnerable version of OpenSSL; the server must be using OpenSSL version 1.0.1 and above, and the client must be using any version of OpenSSL. For more information about this flaw, refer to: https://access.redhat.com/site/articles/904433
A buffer overflow flaw was found in the way OpenSSL handled invalid DTLS packet fragments. A remote attacker could possibly use this flaw to execute arbitrary code on a DTLS client or server. (CVE-2014-0195)
Multiple flaws were found in the way OpenSSL handled read and write buffers when the SSL_MODE_RELEASE_BUFFERS mode was enabled. A TLS/SSL client or server using OpenSSL could crash or unexpectedly drop connections when processing certain SSL traffic. (CVE-2010-5298, CVE-2014-0198)
A denial of service flaw was found in the way OpenSSL handled certain DTLS ServerHello requests. (CVE-2014-0221)
A NULL pointer dereference flaw was found in the way OpenSSL performed anonymous Elliptic Curve Diffie Hellman (ECDH) key exchange. A specially crafted handshake packet could cause a TLS/SSL client that has the anonymous ECDH cipher suite enabled to crash. (CVE-2014-3470)
Red Hat would like to thank the OpenSSL project for reporting these issues. Upstream acknowledges KIKUCHI Masashi of Lepidum as the original reporter of CVE-2014-0224, Jüri Aedla as the original reporter of CVE-2014-0195, Imre Rad of Search-Lab as the original reporter of CVE-2014-0221, and Felix Gröbert and Ivan Fratrić of Google as the original reporters of CVE-2014-3470.
All OpenSSL users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. For the update to take effect, all services linked to the OpenSSL library (such as httpd and other SSL-enabled services) must be restarted or the system rebooted.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1087195 - CVE-2010-5298 openssl: freelist misuse causing a possible use-after-free 1093837 - CVE-2014-0198 openssl: SSL_MODE_RELEASE_BUFFERS NULL pointer dereference in do_ssl3_write() 1103586 - CVE-2014-0224 openssl: SSL/TLS MITM vulnerability 1103593 - CVE-2014-0221 openssl: DoS when sending invalid DTLS handshake 1103598 - CVE-2014-0195 openssl: Buffer overflow via DTLS invalid fragment 1103600 - CVE-2014-3470 openssl: client-side denial of service when using anonymous ECDH
- Package List:
Red Hat Enterprise Linux Client (v. 7):
Source: openssl-1.0.1e-34.el7_0.3.src.rpm
x86_64: openssl-1.0.1e-34.el7_0.3.x86_64.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.x86_64.rpm openssl-libs-1.0.1e-34.el7_0.3.i686.rpm openssl-libs-1.0.1e-34.el7_0.3.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64: openssl-debuginfo-1.0.1e-34.el7_0.3.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.x86_64.rpm openssl-devel-1.0.1e-34.el7_0.3.i686.rpm openssl-devel-1.0.1e-34.el7_0.3.x86_64.rpm openssl-perl-1.0.1e-34.el7_0.3.x86_64.rpm openssl-static-1.0.1e-34.el7_0.3.i686.rpm openssl-static-1.0.1e-34.el7_0.3.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: openssl-1.0.1e-34.el7_0.3.src.rpm
x86_64: openssl-1.0.1e-34.el7_0.3.x86_64.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.x86_64.rpm openssl-libs-1.0.1e-34.el7_0.3.i686.rpm openssl-libs-1.0.1e-34.el7_0.3.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
x86_64: openssl-debuginfo-1.0.1e-34.el7_0.3.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.x86_64.rpm openssl-devel-1.0.1e-34.el7_0.3.i686.rpm openssl-devel-1.0.1e-34.el7_0.3.x86_64.rpm openssl-perl-1.0.1e-34.el7_0.3.x86_64.rpm openssl-static-1.0.1e-34.el7_0.3.i686.rpm openssl-static-1.0.1e-34.el7_0.3.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: openssl-1.0.1e-34.el7_0.3.src.rpm
ppc64: openssl-1.0.1e-34.el7_0.3.ppc64.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.ppc.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.ppc64.rpm openssl-devel-1.0.1e-34.el7_0.3.ppc.rpm openssl-devel-1.0.1e-34.el7_0.3.ppc64.rpm openssl-libs-1.0.1e-34.el7_0.3.ppc.rpm openssl-libs-1.0.1e-34.el7_0.3.ppc64.rpm
s390x: openssl-1.0.1e-34.el7_0.3.s390x.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.s390.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.s390x.rpm openssl-devel-1.0.1e-34.el7_0.3.s390.rpm openssl-devel-1.0.1e-34.el7_0.3.s390x.rpm openssl-libs-1.0.1e-34.el7_0.3.s390.rpm openssl-libs-1.0.1e-34.el7_0.3.s390x.rpm
x86_64: openssl-1.0.1e-34.el7_0.3.x86_64.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.x86_64.rpm openssl-devel-1.0.1e-34.el7_0.3.i686.rpm openssl-devel-1.0.1e-34.el7_0.3.x86_64.rpm openssl-libs-1.0.1e-34.el7_0.3.i686.rpm openssl-libs-1.0.1e-34.el7_0.3.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64: openssl-debuginfo-1.0.1e-34.el7_0.3.ppc.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.ppc64.rpm openssl-perl-1.0.1e-34.el7_0.3.ppc64.rpm openssl-static-1.0.1e-34.el7_0.3.ppc.rpm openssl-static-1.0.1e-34.el7_0.3.ppc64.rpm
s390x: openssl-debuginfo-1.0.1e-34.el7_0.3.s390.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.s390x.rpm openssl-perl-1.0.1e-34.el7_0.3.s390x.rpm openssl-static-1.0.1e-34.el7_0.3.s390.rpm openssl-static-1.0.1e-34.el7_0.3.s390x.rpm
x86_64: openssl-debuginfo-1.0.1e-34.el7_0.3.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.x86_64.rpm openssl-perl-1.0.1e-34.el7_0.3.x86_64.rpm openssl-static-1.0.1e-34.el7_0.3.i686.rpm openssl-static-1.0.1e-34.el7_0.3.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: openssl-1.0.1e-34.el7_0.3.src.rpm
x86_64: openssl-1.0.1e-34.el7_0.3.x86_64.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.x86_64.rpm openssl-devel-1.0.1e-34.el7_0.3.i686.rpm openssl-devel-1.0.1e-34.el7_0.3.x86_64.rpm openssl-libs-1.0.1e-34.el7_0.3.i686.rpm openssl-libs-1.0.1e-34.el7_0.3.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64: openssl-debuginfo-1.0.1e-34.el7_0.3.i686.rpm openssl-debuginfo-1.0.1e-34.el7_0.3.x86_64.rpm openssl-perl-1.0.1e-34.el7_0.3.x86_64.rpm openssl-static-1.0.1e-34.el7_0.3.i686.rpm openssl-static-1.0.1e-34.el7_0.3.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2010-5298.html https://www.redhat.com/security/data/cve/CVE-2014-0195.html https://www.redhat.com/security/data/cve/CVE-2014-0198.html https://www.redhat.com/security/data/cve/CVE-2014-0221.html https://www.redhat.com/security/data/cve/CVE-2014-0224.html https://www.redhat.com/security/data/cve/CVE-2014-3470.html https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/site/articles/904433 https://access.redhat.com/site/solutions/905793
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFTl161XlSAg2UNWIIRAiJlAKCiztPWPTBaVbDSJK/cEtvknFYpTACgur3t GHJznx5GNeKZ00848jTZ9hw= =48eV -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce. Description:
Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector (mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat Native library.
This release serves as a replacement for Red Hat JBoss Web Server 2.0.1, and includes several bug fixes. Refer to the Red Hat JBoss Web Server 2.1.0 Release Notes, linked to in the References section, for information on the most significant of these changes.
The following security issues are also fixed with this release:
A race condition flaw, leading to heap-based buffer overflows, was found in the mod_status httpd module. A remote attacker able to access a status page served by mod_status on a server using a threaded Multi-Processing Module (MPM) could send a specially crafted request that would cause the httpd child process to crash or, possibly, allow the attacker to execute arbitrary code with the privileges of the "apache" user. A remote attacker could submit a specially crafted request that would cause the httpd child process to hang indefinitely. (CVE-2014-0231)
It was found that several application-provided XML files, such as web.xml, content.xml, .tld, .tagx, and *.jspx, resolved external entities, permitting XML External Entity (XXE) attacks. An attacker able to deploy malicious applications to Tomcat could use this flaw to circumvent security restrictions set by the JSM, and gain access to sensitive information on the system. Note that this flaw only affected deployments in which Tomcat is running applications from untrusted sources, such as in a shared hosting environment. (CVE-2013-4590)
It was found that, in certain circumstances, it was possible for a malicious web application to replace the XML parsers used by Tomcat to process XSLTs for the default servlet, JSP documents, tag library descriptors (TLDs), and tag plug-in configuration files. The injected XML parser(s) could then bypass the limits imposed on XML external entities and/or gain access to the XML files processed for other web applications deployed on the same Tomcat instance. Solution:
The References section of this erratum contains a download link (you must log in to download the update). 5 client) - i386, x86_64
It was discovered that the OBJ_obj2txt() function could fail to properly NUL-terminate its output. This could possibly cause an application using OpenSSL functions to format fields of X.509 certificates to disclose portions of its memory.
Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patches/packages/openssl-1.0.1h-i486-1_slack14.1.txz: Upgraded. +--------------------------+
Where to find the new packages: +-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.
Updated packages for Slackware 13.0: ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-0.9.8za-i486-1_slack13.0.txz ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-solibs-0.9.8za-i486-1_slack13.0.txz
Updated packages for Slackware x86_64 13.0: ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-0.9.8za-x86_64-1_slack13.0.txz ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-solibs-0.9.8za-x86_64-1_slack13.0.txz
Updated packages for Slackware 13.1: ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-0.9.8za-i486-1_slack13.1.txz ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-solibs-0.9.8za-i486-1_slack13.1.txz
Updated packages for Slackware x86_64 13.1: ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-0.9.8za-x86_64-1_slack13.1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-solibs-0.9.8za-x86_64-1_slack13.1.txz
Updated packages for Slackware 13.37: ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-0.9.8za-i486-1_slack13.37.txz ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-solibs-0.9.8za-i486-1_slack13.37.txz
Updated packages for Slackware x86_64 13.37: ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-0.9.8za-x86_64-1_slack13.37.txz ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-solibs-0.9.8za-x86_64-1_slack13.37.txz
Updated packages for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-1.0.1h-i486-1_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-solibs-1.0.1h-i486-1_slack14.0.txz
Updated packages for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-1.0.1h-x86_64-1_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-solibs-1.0.1h-x86_64-1_slack14.0.txz
Updated packages for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-1.0.1h-i486-1_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-solibs-1.0.1h-i486-1_slack14.1.txz
Updated packages for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-1.0.1h-x86_64-1_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-solibs-1.0.1h-x86_64-1_slack14.1.txz
Updated packages for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-1.0.1h-i486-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-1.0.1h-i486-1.txz
Updated packages for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/openssl-solibs-1.0.1h-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssl-1.0.1h-x86_64-1.txz
MD5 signatures: +-------------+
Slackware 13.0 packages: 634b8ecc8abc6d3f249b73d0fefa5959 openssl-0.9.8za-i486-1_slack13.0.txz a2529f1243d42a3608f61b96236b5f60 openssl-solibs-0.9.8za-i486-1_slack13.0.txz
Slackware x86_64 13.0 packages: 2ddac651c5f2531f3a7f70d9f5823bd6 openssl-0.9.8za-x86_64-1_slack13.0.txz d7ffeb15713a587f642fbb3d5c310c75 openssl-solibs-0.9.8za-x86_64-1_slack13.0.txz
Slackware 13.1 packages: 0b84a6a1edf76cba83d4c52c54196baa openssl-0.9.8za-i486-1_slack13.1.txz dfd5d241b0e1703ae9d70d6ccda06179 openssl-solibs-0.9.8za-i486-1_slack13.1.txz
Slackware x86_64 13.1 packages: bd749622577a5f76a59d90b95aa922fd openssl-0.9.8za-x86_64-1_slack13.1.txz 35cf911dd9f0cc13f7f0056d9e1f4520 openssl-solibs-0.9.8za-x86_64-1_slack13.1.txz
Slackware 13.37 packages: 8f674defac9002c81265d284b1072f75 openssl-0.9.8za-i486-1_slack13.37.txz 48ce79e7714cb0c823d2b6ea4a88ba51 openssl-solibs-0.9.8za-i486-1_slack13.37.txz
Slackware x86_64 13.37 packages: efa09162c22782c15806bca99472c5be openssl-0.9.8za-x86_64-1_slack13.37.txz 8e3b8d1e3d3a740bd274fbe38dc10f96 openssl-solibs-0.9.8za-x86_64-1_slack13.37.txz
Slackware 14.0 packages: 8e2698d19f54c7e0cac8f998df23b782 openssl-1.0.1h-i486-1_slack14.0.txz cf6233bc169cf6dd192bb7210f779fc1 openssl-solibs-1.0.1h-i486-1_slack14.0.txz
Slackware x86_64 14.0 packages: 2b4f0610d5e46fa7bb27a0b39f0d6d33 openssl-1.0.1h-x86_64-1_slack14.0.txz 18fdd83dcf86204275508a689a017dea openssl-solibs-1.0.1h-x86_64-1_slack14.0.txz
Slackware 14.1 packages: 49aea7da42eef41da894f29762971863 openssl-1.0.1h-i486-1_slack14.1.txz 6f19f4fdc3f018b4e821c519d7bb1e5c openssl-solibs-1.0.1h-i486-1_slack14.1.txz
Slackware x86_64 14.1 packages: ccf5ff2b107c665a4f3bf98176937749 openssl-1.0.1h-x86_64-1_slack14.1.txz ea1aaba38c98b096186ca94ca541a793 openssl-solibs-1.0.1h-x86_64-1_slack14.1.txz
Slackware -current packages: db1ed7ded71ab503f567940fff39eb16 a/openssl-solibs-1.0.1h-i486-1.txz 0db4f91f9b568b2b2629950e5ab88b22 n/openssl-1.0.1h-i486-1.txz
Slackware x86_64 -current packages: d01aef33335bee27f36574241f54091f a/openssl-solibs-1.0.1h-x86_64-1.txz 95a743d21c58f39573845d6ec5270656 n/openssl-1.0.1h-x86_64-1.txz
Installation instructions: +------------------------+
Upgrade the packages as root:
upgradepkg openssl-1.0.1h-i486-1_slack14.1.txz openssl-solibs-1.0.1h-i486-1_slack14.1.txz
+-----+
Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com
+------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address.
HP Systems Insight Manager v7.3 Hotfix kit HP Systems Insight Manager v7.2 Hotfix kit (The HP Systems Insight Manager v7.2 Hotfix kit is currently unavailable, but will be released at a later date.
http://h18013.www1.hp.com/products/servers/management/hpsim/download.html
NOTE: No reboot of the system is required after applying the HP SIM Hotfix kit. HP System Management Homepage versions 7.3.2 and earlier for Linux and Windows. HP System Management Homepage v7.2.4.1 is available for Windows 2003 only.
HP System Management Homepage v7.2.4.1 for Windows x86: http://www.hp.com/swpublishing/MTX-d775367b0a28449ca05660778b ftp://ftp.hp.com/pub/softlib2/software1/sc-windows/p11160892/v98702
HP System Management Homepage v7.2.4.1 for Windows x64: http://www.hp.com/swpublishing/MTX-3a7aa5e233904ebe847a5e1555 ftp://ftp.hp.com/pub/softlib2/software1/sc-windows/p221526337/v98704
HP System Management Homepage v7.3.3.1 for Windows x86: http://www.hp.com/swpublishing/MTX-3395d737d98f42149125b9bb05 ftp://ftp.hp.com/pub/softlib2/software1/sc-windows/p11160892/v98696
HP System Management Homepage v7.3.3.1 for Windows x64: http://www.hp.com/swpublishing/MTX-e8076c2a35804685ad65b2b1ba ftp://ftp.hp.com/pub/softlib2/software1/sc-windows/p221526337/v98698
HP System Management Homepage v7.3.3.1 for Linux x86: http://www.hp.com/swpublishing/MTX-511c3e0b2f6f4f6bbc796fc619 ftp://ftp.hp.com/pub/softlib2/software1/pubsw-linux/p1980463820/v98694
HP System Management Homepage v7.3.3.1 for Linux x64: http://www.hp.com/swpublishing/MTX-bd9a1cf60e344c549c4888db93 ftp://ftp.hp.com/pub/softlib2/software1/pubsw-linux/p1507410135/v98693
NOTE: HP System Management Homepage v7.3.3.1 for Linux x86 still contains OpenSSL v1.0.0d. As long as all other products which SMH V7.3.3.1 for Linux x86 communicates with have been upgraded to the latest versions, it will not be vulnerable to the exploits described in CVE-2014-0224.
Release Date: 2014-07-09 Last Updated: 2014-07-09
Potential Security Impact: Remote denial of service (DoS), code execution, unauthorized access, disclosure of information
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP Software Operation Orchestration. The vulnerabilities could be exploited to allow remote code execution, denial of service (DoS) and disclosure of information. OpenSSL is a 3rd party product that is embedded with some HP Software products. This bulletin notifies HP Software customers about products affected by the OpenSSL vulnerabilities
References:
CVE-2014-0195 Remote Unauthorized Access CVE-2014-0221 Remote Unauthorized Access or Disclosure of Information CVE-2014-3470 Remote Code Execution or Unauthorized Access SSRT101635
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP Software Operation Orchestration, v9.X
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2014-0195 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2014-0221 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2014-3470 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has provided the following guideline for HP Operations Orchestration to resolve these vulnerabilities.
Guidelines and Patches can be downloaded from HP Software Support Online: http://support.openview.hp.com/selfsolve/document/LID/OO_00030
Bulletin Applicability: This security bulletin applies to each OpenSSL component that is embedded within the HP products listed in the security bulletin. The bulletin does not apply to any other 3rd party application (e.g. operating system, web server, or application server) that may be required to be installed by the customer according instructions in the product install guide.
HISTORY Version:1 (rev.1) - 9 July 2014 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2014 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Mandriva Linux Security Advisory MDVSA-2015:062 http://www.mandriva.com/en/support/security/
Package : openssl Date : March 27, 2015 Affected: Business Server 2.0
Problem Description:
Multiple vulnerabilities has been discovered and corrected in openssl:
Race condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, allows remote attackers to inject data across sessions or cause a denial of service (use-after-free and parsing error) via an SSL connection in a multithreaded environment (CVE-2010-5298).
The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack (CVE-2014-0076).
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug (CVE-2014-0160).
OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL communications, and consequently hijack sessions or obtain sensitive information, via a crafted TLS handshake, aka the CCS Injection vulnerability (CVE-2014-0224).
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the POODLE issue (CVE-2014-3566). NOTE: this issue became relevant after the CVE-2014-3568 fix (CVE-2014-3569).
The BN_sqr implementation in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not properly calculate the square of a BIGNUM value, which might make it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors, related to crypto/bn/asm/mips.pl, crypto/bn/asm/x86_64-gcc.c, and crypto/bn/bn_asm.c (CVE-2014-3570).
OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not enforce certain constraints on certificate data, which allows remote attackers to defeat a fingerprint-based certificate-blacklist protection mechanism by including crafted data within a certificate's unsigned portion, related to crypto/asn1/a_verify.c, crypto/dsa/dsa_asn1.c, crypto/ecdsa/ecs_vrf.c, and crypto/x509/x_all.c (CVE-2014-8275).
The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct RSA-to-EXPORT_RSA downgrade attacks and facilitate brute-force decryption by offering a weak ephemeral RSA key in a noncompliant role, related to the FREAK issue. NOTE: the scope of this CVE is only client code based on OpenSSL, not EXPORT_RSA issues associated with servers or other TLS implementations (CVE-2015-0204).
The ssl3_get_cert_verify function in s3_srvr.c in OpenSSL 1.0.0 before 1.0.0p and 1.0.1 before 1.0.1k accepts client authentication with a Diffie-Hellman (DH) certificate without requiring a CertificateVerify message, which allows remote attackers to obtain access without knowledge of a private key via crafted TLS Handshake Protocol traffic to a server that recognizes a Certification Authority with DH support (CVE-2015-0205).
The PKCS#7 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not properly handle a lack of outer ContentInfo, which allows attackers to cause a denial of service (NULL pointer dereference and application crash) by leveraging an application that processes arbitrary PKCS#7 data and providing malformed data with ASN.1 encoding, related to crypto/pkcs7/pk7_doit.c and crypto/pkcs7/pk7_lib.c (CVE-2015-0289).
The updated packages have been upgraded to the 1.0.1m version where these security flaws has been fixed.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5298 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0076 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0198 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0221 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3513 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3569 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3570 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3571 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3572 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8275 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0206 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0209 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0286 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0287 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0288 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0289 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0293 http://openssl.org/news/secadv_20150108.txt http://openssl.org/news/secadv_20150319.txt
Updated Packages:
Mandriva Business Server 2/X86_64: 324a85f7e1165ab02881e44dbddaf599 mbs2/x86_64/lib64openssl1.0.0-1.0.1m-1.mbs2.x86_64.rpm 9c0bfb6ebd43cb6d81872abf71b4f85f mbs2/x86_64/lib64openssl-devel-1.0.1m-1.mbs2.x86_64.rpm 58df54e72ca7270210c7d8dd23df402b mbs2/x86_64/lib64openssl-engines1.0.0-1.0.1m-1.mbs2.x86_64.rpm b5313ffb5baaa65aea05eb05486d309a mbs2/x86_64/lib64openssl-static-devel-1.0.1m-1.mbs2.x86_64.rpm a9890ce4c33630cb9e00f3b2910dd784 mbs2/x86_64/openssl-1.0.1m-1.mbs2.x86_64.rpm 521297a5fe26e2de0c1222d8d03382d1 mbs2/SRPMS/openssl-1.0.1m-1.mbs2.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/en/support/security/advisories/
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux)
iD8DBQFVFTm1mqjQ0CJFipgRAoYFAKCaubn00colzVNnUBFjSElyDptGMQCfaGoS kz0ex6eI6hA6qSwklA2NoXY= =GYjX -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201406-0142",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "openssl",
"scope": "lt",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8za"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "openssl",
"scope": "lt",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0m"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "*"
},
{
"model": "openssl",
"scope": "gte",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0"
},
{
"model": "openssl",
"scope": "gte",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "openssl",
"scope": "gte",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "20"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"model": "leap",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "42.1"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "19"
},
{
"model": "storage",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "linux enterprise software development kit",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"model": "mariadb",
"scope": "lt",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.0.13"
},
{
"model": "openssl",
"scope": "lt",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1h"
},
{
"model": "mariadb",
"scope": "gte",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.0.0"
},
{
"model": "linux enterprise workstation extension",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "13.2"
},
{
"model": "bladecenter advanced management module 3.66e",
"scope": null,
"trust": 0.9,
"vendor": "ibm",
"version": null
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "1.0.1a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "1.0.1b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "1.0.1e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "1.0.1c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "1.0.1d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "1.0.1f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "1.0.1g"
},
{
"model": "storevirtual 1tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3.3"
},
{
"model": "chrome for android",
"scope": "ne",
"trust": 0.3,
"vendor": "google",
"version": "35.0.1916.141"
},
{
"model": "tandberg mxp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8800"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5600v210.1"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.6.1"
},
{
"model": "computer telephony integration object server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ace application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "i v5r3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "proventia network security controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.470"
},
{
"model": "project openssl 1.0.0g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.1.3"
},
{
"model": "clustered data ontap antivirus connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3"
},
{
"model": "big-ip analytics",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip link controller",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "9.1-release-p15",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "upward integration modules for vmware vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "vpn client v100r001c02spc702",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "api management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "34.0"
},
{
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.1"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"model": "manageone v100r002c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "big-ip psm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "tivoli workload scheduler distributed ga level",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.2.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "10.0-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"model": "prime access registrar appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual vsa software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "12.6"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "tivoli netcool/system service monitor fp11",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "big-ip edge clients for mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "x7101"
},
{
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.0"
},
{
"model": "agile controller v100r001c00spc200",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl 1.0.0h",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "mds switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smart update manager for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.3.5"
},
{
"model": "big-ip gtm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.1"
},
{
"model": "telepresence tx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.2.2"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "cerberus",
"version": "7.0.0.2"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.1"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"model": "big-ip edge clients for apple ios",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "2.0.3"
},
{
"model": "big-ip asm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.40"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "updatexpress system packs installer",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.61"
},
{
"model": "usg5000 v300r001c10sph201",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip psm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "project openssl 0.9.8y",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "asg2000 v100r001c10sph001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.0"
},
{
"model": "vsm v200r002c00spc503",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "3.1.4"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "big-ip asm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32200"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "s5900 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "documentum content server p05",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"model": "jabber video for telepresence",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.5"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "tivoli workload scheduler distributed fp05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"model": "tivoli workload scheduler distributed fp01",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.0"
},
{
"model": "data ontap smi-s agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1"
},
{
"model": "snapdrive for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2"
},
{
"model": "big-iq device",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"model": "10.0-rc3-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "aura communication manager utility services sp",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.16.1.0.9.8"
},
{
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3200"
},
{
"model": "s2750\u0026s5700\u0026s6700 v100r006",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 3tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "ssl for openvms",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.4-453"
},
{
"model": "security network intrusion prevention system gx5208-v2",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"model": "blackberry enterprise service",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1.1"
},
{
"model": "9.2-release-p7",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "advanced settings utility",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.60"
},
{
"model": "9.1-release-p11",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0.0"
},
{
"model": "automation stratix",
"scope": "ne",
"trust": 0.3,
"vendor": "rockwell",
"version": "590015.6.3"
},
{
"model": "nexus series fabric extenders",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "20000"
},
{
"model": "intelligencecenter",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "3.2"
},
{
"model": "project openssl 1.0.1f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "storevirtual 600gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.0"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3.2"
},
{
"model": "documentum content server p02",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"model": "upward integration modules for microsoft system center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "oncommand workflow automation",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "big-ip link controller",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "desktop collaboration experience dx650",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "automation stratix",
"scope": "eq",
"trust": 0.3,
"vendor": "rockwell",
"version": "59000"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.00"
},
{
"model": "storevirtual hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433511.5"
},
{
"model": "telepresence system series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "tivoli workload scheduler for applications fp02",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4"
},
{
"model": "storevirtual hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.5"
},
{
"model": "storevirtual vsa software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "12.0"
},
{
"model": "telepresence ip gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "open systems snapvault 3.0.1p6",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "smart update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3.0"
},
{
"model": "tivoli netcool/system service monitor fp13",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "9.3-beta1-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"model": "tandberg mxp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7700"
},
{
"model": "cloudburst",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.0"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.1"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50000"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.6"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.1"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.3"
},
{
"model": "aura session manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "ddos secure",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "5.14.1-1"
},
{
"model": "9.3-beta1-p2",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"model": "vsm v200r002c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "powervu d9190 comditional access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 3tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "i v5r3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "10.0-release-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"model": "security network intrusion prevention system gx5008",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "storevirtual china hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.5"
},
{
"model": "softco v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "s2700\u0026s3700 v100r006c05+v100r06h",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "oceanstor s6800t v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1.1"
},
{
"model": "storevirtual 4tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "big-ip psm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "telepresence mcu series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.3.9.3"
},
{
"model": "asg2000 v100r001c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "idp 5.1r4",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security network intrusion prevention system gx4004",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "security network intrusion prevention system gv1000",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "nac manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "smc2.0 v100r002c01b017sp17",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "463012.6"
},
{
"model": "tivoli workload scheduler distributed",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89450"
},
{
"model": "icewall sso dfw",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.0"
},
{
"model": "usg2000 v300r001c10sph201",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "big-ip apm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.0"
},
{
"model": "big-ip asm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.5"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.00"
},
{
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.2"
},
{
"model": "enterprise content management system monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "storevirtual 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2.6"
},
{
"model": "ecns600 v100r002c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "espace u19** v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl 1.0.0c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "spa112 2-port phone adapter",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "universal small cell series software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70003.4.20"
},
{
"model": "oceanstor s5600t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual china hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.5"
},
{
"model": "toolscenter suite",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.53"
},
{
"model": "unified communications series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"model": "8.4-release-p12",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "netcool/system service monitor fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.014"
},
{
"model": "tivoli management framework",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.1"
},
{
"model": "big-ip edge clients for apple ios",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.0"
},
{
"model": "security information and event management hf11",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.3.2"
},
{
"model": "snapdrive for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.12"
},
{
"model": "big-ip edge clients for apple ios",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.0.2"
},
{
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "aura experience portal sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.1"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6.5"
},
{
"model": "storevirtual 3tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "3.1.12"
},
{
"model": "tivoli netcool/system service monitor fp9",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.2"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "svn2200 v200r001c01hp0001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual fc 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"model": "usg9500 v300r001c01spc300",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.2"
},
{
"model": "storevirtual 1tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "storevirtual 450gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "open systems snapvault",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.6"
},
{
"model": "8.4-release-p4",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "storevirtual 1tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "ecns610 v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "9.2-release-p8",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "proventia network security controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.913"
},
{
"model": "oceanstor s5600t v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "espace iad v300r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "telepresence server on virtual machine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.5-2"
},
{
"model": "open systems snapvault",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.6.1"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "oceanstor s5800t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "security network intrusion prevention system gx4002",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "oceanstor s5800t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "icewall sso dfw r3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0"
},
{
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.7.0"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "big-ip edge clients for android",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "2.0.5"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.2"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.2"
},
{
"model": "storevirtual 3tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "tandberg mxp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9900"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.2"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.3"
},
{
"model": "d9036 modular encoding platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "10.0-rc1-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.0.92743"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "tivoli netcool/system service monitor fp7",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "sterling b2b integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "tssc",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.15"
},
{
"model": "icewall mcrp",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"model": "guardium database activity monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "31.0.1650.59"
},
{
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "project openssl 0.9.8s",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"model": "telepresence serial gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "elog v100r003c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "ata series analog telephone adaptor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1900"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.5"
},
{
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.0.9.8"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89610"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "storevirtual hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.5"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "prime lan management solution",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5"
},
{
"model": "big-ip edge clients for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "7080"
},
{
"model": "cms r17ac.h",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "3.1.1"
},
{
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "storevirtual 1tb mdl china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.0.10"
},
{
"model": "ucs central",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip edge clients for apple ios",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "1.0.5"
},
{
"model": "dynamic system analysis",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.60"
},
{
"model": "s7700\u0026s9700 v200r003",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.3"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "1.0.6"
},
{
"model": "proventia network security controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1768"
},
{
"model": "nac guest server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "dsr-1000n 1.09.b61",
"scope": "ne",
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "unity connection",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project metasploit framework",
"scope": "eq",
"trust": 0.3,
"vendor": "metasploit",
"version": "4.1.0"
},
{
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.1"
},
{
"model": "oceanstor s2200t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"model": "icewall sso dfw r1",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0"
},
{
"model": "security enterprise scanner",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3"
},
{
"model": "spa232d multi-line dect ata",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "policy center v100r003c00spc305",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5600v19.7"
},
{
"model": "solaris",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1.20.5.0"
},
{
"model": "infosphere guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"model": "ios software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "i v5r4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "ios xe software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32400"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1"
},
{
"model": "10.0-release-p5",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "oncommand unified manager core package",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1"
},
{
"model": "storevirtual 600gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413011.5"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "storevirtual 2tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "anyconnect secure mobility client for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "dsr-500n 1.09.b61",
"scope": "ne",
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "unified contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "video surveillance series ip camera",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40000"
},
{
"model": "anyconnect secure mobility client for desktop platforms",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "filenet system monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"model": "spa510 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "idp 4.1r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual vsa software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.5"
},
{
"model": "storevirtual 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "usg9500 v200r001c01sph902",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "data ontap smi-s agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "enterprise linux server eus 6.5.z",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "business server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "1"
},
{
"model": "prime performance manager for sps",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"model": "storevirtual 4tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "clustered data ontap antivirus connector",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.2"
},
{
"model": "s7700\u0026s9700 v200r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "87100"
},
{
"model": "aura application server sip core",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.0"
},
{
"model": "sterling file gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "s3900 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.3.0.3"
},
{
"model": "unified communications widgets click to call",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "softco v100r003",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "telepresence t series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "unified attendant console advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "cerberus",
"version": "7.0.0.1"
},
{
"model": "proventia network security controller 1.0.3352m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5600v310.1"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10000"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.4"
},
{
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "fastsetup",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.11"
},
{
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32100"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1"
},
{
"model": "tivoli workload scheduler distributed",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.5-3"
},
{
"model": "jabber for ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security information and event management",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.4"
},
{
"model": "project openssl 0.9.8n",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "security network intrusion prevention system gx5208",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.14"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "operations analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2.4"
},
{
"model": "upward integration modules for microsoft system center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "manageone v100r001c02",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 1tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "tivoli netcool/system service monitor fp2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "s7700\u0026s9700 v100r006",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"model": "s6900 v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ucs b-series servers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "storevirtual hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.6"
},
{
"model": "universal small cell series software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50003.4.2.0"
},
{
"model": "cloudburst",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9"
},
{
"model": "documentum content server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "storevirtual 4tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "security analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "7.0"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "77109.7"
},
{
"model": "guardium database activity monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "quantum policy suite",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.5"
},
{
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.0"
},
{
"model": "tivoli netcool/system service monitor fp10",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "tssc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "463012.0"
},
{
"model": "storevirtual china hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.6"
},
{
"model": "telepresence mxp series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "blackberry enterprise service",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1.2"
},
{
"model": "infosphere balanced warehouse c4000",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "upward integration modules for vmware vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.2"
},
{
"model": "project metasploit framework",
"scope": "eq",
"trust": 0.3,
"vendor": "metasploit",
"version": "4.9.1"
},
{
"model": "smart update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.4"
},
{
"model": "telepresence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70100"
},
{
"model": "srg1200\u00262200\u00263200 v100r002c02spc800",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "infosphere guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.5"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.2"
},
{
"model": "prime data center network manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 1tb mdl china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "infosphere balanced warehouse d5100",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "cc v200r001c31",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "s12700 v200r005+v200r005hp0",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "xenmobile app controller",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "2.10"
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.0.10648"
},
{
"model": "xenmobile app controller",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "2.9"
},
{
"model": "oceanstor s5500t v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "software development kit",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual china hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.6"
},
{
"model": "security information and event management hf3",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.1.4"
},
{
"model": "documentum content server sp2 p13",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "enterprise server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "icewall sso dfw r2",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0"
},
{
"model": "agent desktop for cisco unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "i v5r4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "smart update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0.0"
},
{
"model": "one-x client enablement services sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "s2750\u0026s5700\u0026s6700 v200r005+v200r005hp0",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "anyconnect secure mobility client",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "documentum content server sp2 p14",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.3.8.3"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.1"
},
{
"model": "ecns600 v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "web gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.4.2.1"
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.3"
},
{
"model": "jabber voice for iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "9.3-prerelease",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "unified ip conference phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"model": "project openssl 1.0.0e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"model": "storevirtual 450gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "hardware management console release",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v77.8"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.5"
},
{
"model": "8.4-releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "infosphere balanced warehouse c3000",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "security network intrusion prevention system gx7800",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "security manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"model": "storevirtual 1tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "storevirtual hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.0"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.2.0.9"
},
{
"model": "puredata system for operational analytics a1791",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "dsm v100r002c05spc615",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "project openssl 0.9.8t",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "hosted collaboration mediation fulfillment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "icewall sso certd r3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "storevirtual vsa software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "12.5"
},
{
"model": "paging server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "data ontap smi-s agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.2"
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"model": "ace application control engine module ace20",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"model": "hyperdp oceanstor n8500 v200r001c09",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1"
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.2"
},
{
"model": "agent desktop for cisco unified contact center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11000"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "14.04"
},
{
"model": "hyperdp v200r001c91spc201",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "unified attendant console",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "dsr-500 1.09.b61",
"scope": "ne",
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "s3900 v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "oceanstor s5600t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1"
},
{
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.3"
},
{
"model": "storevirtual 2tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "ace application control engine module ace10",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5600v110.1"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "aura system manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "tivoli workload scheduler distributed fp07",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4"
},
{
"model": "smart update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3.1"
},
{
"model": "manageone v100r002c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "463011.5"
},
{
"model": "esight-ewl v300r001c10spc300",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ave2000 v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip edge clients for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "7080"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1"
},
{
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "tivoli workload scheduler distributed fp02",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"model": "telepresence integrator c series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "8.4-prerelease",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"model": "usg9300 v200r001c01sph902",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "anyoffice v200r002c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "digital media players series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "43000"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"model": "aura session manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "13.10"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.0.0"
},
{
"model": "9.1-release-p6",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "snapdrive for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "usg9500 usg9500 v300r001c20",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "espace u2990 v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip pem",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "telepresence isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32410"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.2.3"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "telepresence ex series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "oceanstor s6800t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "manageone v100r001c02 spc901",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "security information and event management",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.2"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"model": "oceanstor s2600t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "isoc v200r001c02spc202",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "9000"
},
{
"model": "storevirtual 2tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "9.2-release-p4",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "ons series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154000"
},
{
"model": "unified intelligent contact management enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "anyconnect secure mobility client for ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"model": "9.1-release-p14",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.1-release-p3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3"
},
{
"model": "aura system manager sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "policy center v100r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.0"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1"
},
{
"model": "colorqube ps",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "88704.76.0"
},
{
"model": "updatexpress system packs installer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.60"
},
{
"model": "video surveillance 4300e/4500e high-definition ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smart update manager",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "6.4.1"
},
{
"model": "jabber video for ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip edge clients for apple ios",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "1.0.6"
},
{
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.5"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2.2"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"model": "webex connect client for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"model": "cognos planning fp3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"model": "big-ip edge clients for mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "x7080"
},
{
"model": "softco v200r001c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.6"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "5.1"
},
{
"model": "agile controller v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "nip2000\u00265000 v100r002c10hp0001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "tapi service provider",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "3.1"
},
{
"model": "telepresence isdn gw mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83210"
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smc2.0 v100r002c01b017sp16",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "blackberry link",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "1.2"
},
{
"model": "physical access gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "session border controller enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89410"
},
{
"model": "project openssl 0.9.8u",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "isoc v200r001c01spc101",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "5000"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1"
},
{
"model": "prime network registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3.1"
},
{
"model": "10.0-beta",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"model": "documentum content server p06",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"model": "project openssl 1.0.0d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "prime network analysis module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6"
},
{
"model": "project openssl 1.0.1e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "isoc v200r001c00spc202",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "3000"
},
{
"model": "one-x client enablement services sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "small business isa500 series integrated security appliances",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.28"
},
{
"model": "storevirtual hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433511.5"
},
{
"model": "systems insight manager 7.3.0a",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"model": "9.1-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "big-iq device",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"model": "idp 4.1r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "usg9500 usg9500 v300r001c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "tandberg codian mse model",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83200"
},
{
"model": "big-ip pem",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "uma v200r001c00spc200",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip ltm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "isoc v200r001c00",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "3000"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "eupp v100r001c10spc002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl 0.9.8m",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "5.0"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "rational application developer for websphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "stunnel",
"scope": "ne",
"trust": 0.3,
"vendor": "stunnel",
"version": "5.02"
},
{
"model": "flex system fc5022",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.0"
},
{
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "storevirtual china hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433511.5"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "oceanstor s5500t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "videoscape anyres live",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 450gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "documentum content server p07",
"scope": "ne",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"model": "wag310g wireless-g adsl2+ gateway with voip",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.4"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"model": "jabber for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified wireless ip phone series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "29200"
},
{
"model": "storevirtual 1tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "ida pro",
"scope": "eq",
"trust": 0.3,
"vendor": "hex ray",
"version": "6.5"
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "31.0"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"model": "upward integration modules for vmware vsphere",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5"
},
{
"model": "prime optical for sps",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.2"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "icewall sso agent option",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.02007"
},
{
"model": "open systems snapvault",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "security network intrusion prevention system gx4004-v2",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "documentum content server",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "smart call home",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "oncommand unified manager core package",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "project openssl beta5",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.0"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.0"
},
{
"model": "storevirtual 3tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "big-ip afm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "ecns610 v100r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.3"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"model": "documentum content server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "18.0.1025308"
},
{
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "storevirtual china hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433511.5"
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "32.0.1700.99"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.13"
},
{
"model": "hardware management console release",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v77.9"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"model": "8.4-release-p8",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "colorqube ps",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "85704.76.0"
},
{
"model": "oceanstor s6800t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "snapdrive for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "33.0"
},
{
"model": "project openssl 0.9.8m beta1",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"model": "project openssl 0.9.8q",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "manageone v100r002c10 spc320",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "svn2200 v200r001c01spc600",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "rational application developer for websphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.0.1"
},
{
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "jabber software development kit",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ssl for openvms",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.4-467"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"model": "eupp v100r001c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2"
},
{
"model": "security network intrusion prevention system gx6116",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "13000"
},
{
"model": "uma-db v2r1coospc101",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "security information and event management hf6",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.2.2"
},
{
"model": "project openssl 0.9.8g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "telepresence exchange system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "usg9300 usg9300 v100r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "7"
},
{
"model": "sterling file gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"model": "oncommand unified manager core package 5.2.1p1",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7600-"
},
{
"model": "blackberry enterprise service",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1.3"
},
{
"model": "espace u2990 v200r001c02",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.1"
},
{
"model": "storevirtual 3tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "9.1-release-p7",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "dsr-1000n rev. a1",
"scope": null,
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "svn5500 v200r001c01spc600",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.2.0.1055"
},
{
"model": "tivoli netcool/system service monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "snapdrive for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.2"
},
{
"model": "jabber voice for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "onepk all-in-one vm",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip ltm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "idp 4.2r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"model": "tivoli netcool/system service monitor fp6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "8.4-rc1-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "isoc v200r001c02",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "9000"
},
{
"model": "aura system manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "lotus foundations start",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2"
},
{
"model": "security information and event management",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.1"
},
{
"model": "10.0-release-p4",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"model": "ddos secure",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.1"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "security network intrusion prevention system gx5108",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "storevirtual fc 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5"
},
{
"model": "fortiap",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "0"
},
{
"model": "tivoli workload scheduler for applications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"model": "storevirtual 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "i v5r3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "webex messenger service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "hardware management console release",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v77.7"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"model": "big-ip afm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8x"
},
{
"model": "logcenter v200r003c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "dynamic system analysis",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.61"
},
{
"model": "telepresence supervisor mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "80500"
},
{
"model": "big-ip edge clients for android",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "1.0.0"
},
{
"model": "storevirtual 3tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"model": "s7700\u0026s9700 v200r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "application networking manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "oceanstor s2600t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "tivoli workload scheduler distributed fp03",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "project openssl 1.0.1h",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "jabber for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.3"
},
{
"model": "telepresence video communication server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "3.1.10"
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1.0.2354"
},
{
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.1"
},
{
"model": "project openssl 1.0.0f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "99710"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"model": "ftp server",
"scope": "ne",
"trust": 0.3,
"vendor": "cerberus",
"version": "7.0.0.3"
},
{
"model": "ata analog telephone adaptor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1870"
},
{
"model": "project openssl 1.0.0b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.1"
},
{
"model": "expressway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "57100"
},
{
"model": "storevirtual 1tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "proventia network security controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1209"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.1.2"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"model": "aura system manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "clustered data ontap antivirus connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0"
},
{
"model": "security information and event management ga",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.4.0"
},
{
"model": "8.4-beta1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "tsm v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.5-1"
},
{
"model": "usg9500 v300r001c20sph102",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip edge clients for android",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.0.4"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"model": "asa cx context-aware security",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 1.0.1d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.5"
},
{
"model": "unified im and presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "security network intrusion prevention system gv200",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "elog v100r003c01spc503",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "hardware management console release",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v77.6"
},
{
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3100"
},
{
"model": "s5900 v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "s6900 v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.5"
},
{
"model": "storevirtual 3tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "storevirtual fc 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.1"
},
{
"model": "fusionsphere v100r003",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "tsm v100r002c07spc219",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3"
},
{
"model": "espace iad v300r002c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "documentum content server sp1 p28",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"model": "prime collaboration provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5"
},
{
"model": "security network intrusion prevention system gx7412-10",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.5"
},
{
"model": "big-ip apm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.0"
},
{
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1.0.9"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "s2750\u0026s5700\u0026s6700 v200r003",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"model": "aura application server sip core",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53003.0"
},
{
"model": "big-ip analytics",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "unified series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "79000"
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"model": "aura experience portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "tivoli netcool/system service monitor fp3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "hyperdp v200r001c09spc501",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "toolscenter suite",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.52"
},
{
"model": "telepresence",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "13100"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "project openssl 1.0.1b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.0k",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "aura system platform sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "project metasploit framework",
"scope": "ne",
"trust": 0.3,
"vendor": "metasploit",
"version": "4.9.3"
},
{
"model": "usg2000 v300r001c10spc200",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "aura conferencing",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"model": "project metasploit framework",
"scope": "eq",
"trust": 0.3,
"vendor": "metasploit",
"version": "4.9.2"
},
{
"model": "storevirtual 600gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.5"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "aura system platform sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "6"
},
{
"model": "10.0-stable",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.7"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10500"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "8.4-release-p7",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "operations analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "clustered data ontap antivirus connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.6"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "blackberry enterprise service",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.2.0"
},
{
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.1"
},
{
"model": "unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"model": "big-ip gtm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "svn5500 v200r001c01hp0001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.0"
},
{
"model": "8.4-release-p3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "agent desktop for cisco unified contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "oceanstor s5500t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "telepresence profile series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "espace iad v300r001c07",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.5"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "dsr-1000 rev. a1",
"scope": null,
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.4"
},
{
"model": "documentum content server sp2 p16",
"scope": "ne",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "project openssl 1.0.0a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "proactive network operations center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 1tb mdl china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "algo audit and compliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0.2"
},
{
"model": "project openssl 0.9.8f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "big-ip pem",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "ip video phone e20",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"model": "blackberry enterprise service",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1.2.6"
},
{
"model": "storevirtual 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "mate products",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 1.0.1a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "storevirtual 4tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "3.1.9"
},
{
"model": "srg1200\u00262200\u00263200 v100r002c02hp0001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "security network intrusion prevention system gx3002",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "56000"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "jabber guest",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "8.4-release-p9",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "77009.7"
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "s2750\u0026s5700\u0026s6700 v200r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.3"
},
{
"model": "espace u19** v100r001c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "content security management appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3.1"
},
{
"model": "uma v200r001c00spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "telepresence content server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "oceanstor s6800t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "aura system platform sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "project openssl 0.9.8w",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "digital media players series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44000"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "project openssl 1.0.1g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "big-ip edge clients for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "7101"
},
{
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.4"
},
{
"model": "big-ip analytics",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "storevirtual 600gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.6"
},
{
"model": "ips",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "espace usm v100r001 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 1tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "oncommand unified manager core package",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5"
},
{
"model": "tivoli netcool/system service monitor fp12",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"model": "nexus switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "31640"
},
{
"model": "fusionsphere v100r003c10spc600",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "telepresence advanced media gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"model": "security analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.0"
},
{
"model": "tivoli workload scheduler distributed fp03",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6.0"
},
{
"model": "smc2.0 v100r002c01b025sp07",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "s2700\u0026s3700 v100r006",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl 0.9.8r",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "espace cc v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "isoc v200r001c01",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "5000"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"model": "project openssl beta4",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.0"
},
{
"model": "esight-ewl v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "hyperdp oceanstor n8500 v200r001c91",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "guardium database activity monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "storevirtual hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.0"
},
{
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.11"
},
{
"model": "project openssl 1.0.0l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "9.1-release-p12",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"model": "oic v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.3"
},
{
"model": "icewall sso dfw certd",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.0"
},
{
"model": "spa300 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "upward integration modules for microsoft system center",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5"
},
{
"model": "project openssl 0.9.8p",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "big-ip gtm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "telepresence isdn link",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "3.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.4"
},
{
"model": "storevirtual fc 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.2"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.1"
},
{
"model": "virtualization experience media engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jabber im for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"model": "small cell factory recovery root filesystem",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.99.4"
},
{
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "cerberus",
"version": "7.0"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.4"
},
{
"model": "storevirtual china hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.0"
},
{
"model": "espace vtm v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "spa122 ata with router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.00"
},
{
"model": "big-ip ltm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "infosphere guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "project openssl 1.0.1c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "32.0"
},
{
"model": "spa525 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "data ontap smi-s agent",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.4.0.15"
},
{
"model": "advanced settings utility",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.52"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8v"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.4.0"
},
{
"model": "oncommand workflow automation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"model": "algo audit and compliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "espace u2980 v100r001c02",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.4"
},
{
"model": "identity service engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "9.2-release-p3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "s12700 v200r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "8.4-release-p11",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "tivoli workload scheduler distributed fp04",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "oceanstor s2200t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.0"
},
{
"model": "s2900 v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5600v39.7"
},
{
"model": "open source security information management",
"scope": "ne",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.10"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.6"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"model": "usg5000 v300r001c10spc200",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual china hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.9"
},
{
"model": "big-ip apm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.1.5.1"
},
{
"model": "stunnel",
"scope": "eq",
"trust": 0.3,
"vendor": "stunnel",
"version": "5.00"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.5.0.15"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.0.4"
},
{
"model": "s5900 v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "esight v2r3c10spc201",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.4"
},
{
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"model": "project openssl 0.9.8l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "big-ip afm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "s3900 v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "adaptive security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "anyoffice emm",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "2.6.0601.0090"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "tssc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.12"
},
{
"model": "ssl for openvms",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "1.4-476"
},
{
"model": "project openssl 1.0.0i",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "security network intrusion prevention system gx7412",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "i v5r4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "storevirtual 1tb mdl china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "usg9500 usg9500 v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "tssc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3"
},
{
"model": "s2750\u0026s5700\u0026s6700 v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.3"
},
{
"model": "enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "prime network services controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "oic v100r001c00spc402",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "documentum content server",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.0"
},
{
"model": "icewall sso dfw",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0"
},
{
"model": "s7700\u0026s9700 v200r005+v200r005hp0",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "business server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "1x8664"
},
{
"model": "dsr-1000 1.09.b61",
"scope": "ne",
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.10"
},
{
"model": "aura collaboration environment",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "1.0.4"
},
{
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1.2"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "vtm v100r001c30",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"model": "oceanstor s5500t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.4.1"
},
{
"model": "storevirtual 2tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "99510"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"model": "espace u2980 v100r001 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "cloudburst",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"model": "tivoli netcool/system service monitor fp8",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.0"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"model": "8.4-rc2-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.2"
},
{
"model": "spa500 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "20500"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.4.1"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.1.5.2"
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1.0.1880"
},
{
"model": "8.4-stable",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "telepresence ip vcr series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence sx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "documentum content server sp1 p26",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "18.0"
},
{
"model": "tivoli netcool/system service monitor fp4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "project openssl 1.0.0j",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "eupp v100r001c01spc101",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ecns600 v100r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"model": "oceanstor s2600t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ssl for openvms",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.4-471"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5600v29.7"
},
{
"model": "security information and event management",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.3"
},
{
"model": "aura presence services sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"model": "ave2000 v100r001c00sph001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "tivoli netcool/system service monitor fp5",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "documentum content server sp2 p15",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "tivoli workload scheduler for applications fp01",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "9.2-release-p5",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "10.0-rc2-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.4.13"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "463012.5"
},
{
"model": "nac appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vpn client v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "metro ethernet series access devices",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12000"
},
{
"model": "prime network",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "5"
},
{
"model": "blackberry enterprise service",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1.0"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "prime infrastructure",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "ace application control engine appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "stunnel",
"scope": "eq",
"trust": 0.3,
"vendor": "stunnel",
"version": "5.01"
},
{
"model": "tivoli network manager ip edition fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.94"
},
{
"model": "project openssl 1.0.0m",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "dsr-500n rev. a1",
"scope": null,
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "security network intrusion prevention system gx5008-v2",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "ios xr software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip apm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413011.5"
},
{
"model": "nip2000\u00265000 v100r002c10spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.8.0"
},
{
"model": "sterling b2b integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "33.0.1750.166"
},
{
"model": "eupp v100r001c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.0.3"
},
{
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"model": "dsr-500 rev. a1",
"scope": null,
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "guardium database activity monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "project openssl 0.9.8o",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "oceanstor s5800t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1"
},
{
"model": "jabber for mac",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "unified series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "69000"
},
{
"model": "tivoli netcool/system service monitor fp1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "oceanstor s5600t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "unified communications manager session management edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance ptz ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "snapdrive for unix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"model": "big-ip edge clients for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "7101"
},
{
"model": "9.1-release-p10",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "security module for cisco network registar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "open systems snapvault",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"model": "project openssl 0.9.8za",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500-320"
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "35.0"
},
{
"model": "security network intrusion prevention system gx5108-v2",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "s6900 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "proventia network security controller 1.0.3350m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "big-ip edge clients for apple ios",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.0.1"
},
{
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"model": "dsm v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "telepresence mx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"model": "css series content services switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "115000"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500-370"
},
{
"model": "tivoli workload scheduler distributed fp04",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "oceanstor s5800t v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "web gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2.10"
},
{
"model": "security network intrusion prevention system gx7412-05",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "icewall mcrp",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0"
},
{
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "storevirtual 450gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "s7700\u0026s9700 v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"model": "9.3-beta1",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "security analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "7.1"
},
{
"model": "espace usm v100r001c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip link controller",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
}
],
"sources": [
{
"db": "BID",
"id": "67901"
},
{
"db": "CNNVD",
"id": "CNNVD-201406-079"
},
{
"db": "NVD",
"id": "CVE-2014-0221"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.0.0m",
"versionStartIncluding": "1.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.0.1h",
"versionStartIncluding": "1.0.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "0.9.8za",
"versionStartIncluding": "0.9.8",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:storage:2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.0.13",
"versionStartIncluding": "10.0.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0221"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HP",
"sources": [
{
"db": "PACKETSTORM",
"id": "127421"
},
{
"db": "PACKETSTORM",
"id": "127159"
},
{
"db": "PACKETSTORM",
"id": "127362"
},
{
"db": "PACKETSTORM",
"id": "127266"
},
{
"db": "PACKETSTORM",
"id": "127608"
},
{
"db": "PACKETSTORM",
"id": "140720"
},
{
"db": "PACKETSTORM",
"id": "128001"
}
],
"trust": 0.7
},
"cve": "CVE-2014-0221",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2014-0221",
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-0221",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201406-079",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2014-0221",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-0221"
},
{
"db": "CNNVD",
"id": "CNNVD-201406-079"
},
{
"db": "NVD",
"id": "CVE-2014-0221"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The dtls1_get_message_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h allows remote attackers to cause a denial of service (recursion and client crash) via a DTLS hello message in an invalid DTLS handshake. OpenSSL is prone to a denial-of-service vulnerability. \nAn attacker can exploit this issue to crash the affected application, denying service to legitimate users. \nOpenSSL prior to 0.9.8za,1.0.0m and 1.0.1h are vulnerable. These vulnerabilities include: \n\n* The SSLv3 vulnerability known as \"Padding Oracle on Downgraded Legacy\nEncryption\" also known as \"POODLE\", which could be exploited remotely\nresulting in disclosure of information. \n\n - HP StoreVirtual VSA Software 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4130 600GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4130 600GB China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 1TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 450GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 1TB MDL China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 450GB China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 900GB China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 FC 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 FC 900GB China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 2TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 3TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 450GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 600GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4630 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4730 600GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4730 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4730 FC 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 450GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 900GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 1TB MDL SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 3TB MDL SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 450GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4335 China Hybrid Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4335 Hybrid Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 4TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4130 600GB China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4130 600GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 1TB MDL China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 1TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 1TB MDL SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 450GB China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 450GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 450GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 900GB China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 900GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 FC 900GB China SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4330 FC 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4335 China Hybrid SAN Solution 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4335 China Hybrid Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4335 Hybrid SAN Solution 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4335 Hybrid Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 2TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 3TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 3TB MDL SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 450GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 450GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 4TB MDL SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 600GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4530 600GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4630 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4730 600GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4730 600GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4730 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4730 900GB SAS Storage/S-Buy 12.6, 12.5, 12.0, 11.5\n - HP StoreVirtual 4730 FC 900GB SAS Storage 12.6, 12.5, 12.0, 11.5\n\nBACKGROUND\n\n CVSS Base Metrics\n =================\n Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector\n\n CVE-2010-5298\n 4.8 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L\n 4.0 (AV:N/AC:H/Au:N/C:N/I:P/A:P)\n\n CVE-2014-0076\n 4.0 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\n 1.9 (AV:L/AC:M/Au:N/C:P/I:N/A:N)\n\n CVE-2014-0195\n 7.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L\n 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n\n CVE-2014-0198\n 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\n 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)\n\n CVE-2014-0221\n 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\n 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)\n\n CVE-2014-0224\n 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L\n 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n\n CVE-2014-3470\n 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\n 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)\n\n CVE-2014-3566\n 3.1 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N\n 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n CVE-2016-0705\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n Information on CVSS is documented in\n HPE Customer Notice HPSN-2008-002 here:\n\nhttps://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499\n\nRESOLUTION\n\nHPE recommends applying the following software updates to resolve the\nvulnerabilities in the impacted versions of HPE StoreVirtual products running\nHPE LeftHand OS. \n\nLeftHand OS v11.5 - Patches 45019-00 and 45020 \nLeftHand OS v12.0 - Patches 50016-00 and 50017-00 \nLeftHand OS v12.5 - Patch 55016-00 \nLeftHand OS v12.6 - Patch 56002-00 \n\n**Notes:**\n\nThese patches enable TLSv1.2 protocol and upgrades the OpenSSL RPM revision\nto OpenSSL v1.0.1e 48. \nThese patches migrate Certificate Authority Hashing Algorithm from a weak\nhashing algorithm SHA1 to the stronger hashing algorithm SHA256. ============================================================================\nUbuntu Security Notice USN-2232-1\nJune 05, 2014\n\nopenssl vulnerabilities\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 14.04 LTS\n- Ubuntu 13.10\n- Ubuntu 12.04 LTS\n- Ubuntu 10.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in OpenSSL. This issue only affected Ubuntu 12.04 LTS, Ubuntu 13.10, and\nUbuntu 14.04 LTS. This issue only\naffected Ubuntu 12.04 LTS, Ubuntu 13.10, and Ubuntu 14.04 LTS. \n(CVE-2014-3470)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 14.04 LTS:\n libssl1.0.0 1.0.1f-1ubuntu2.2\n\nUbuntu 13.10:\n libssl1.0.0 1.0.1e-3ubuntu1.4\n\nUbuntu 12.04 LTS:\n libssl1.0.0 1.0.1-4ubuntu5.14\n\nUbuntu 10.04 LTS:\n libssl0.9.8 0.9.8k-7ubuntu8.18\n\nAfter a standard system update you need to reboot your computer to make all\nthe necessary changes. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: openssl security update\nAdvisory ID: RHSA-2014:0679-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2014-0679.html\nIssue date: 2014-06-10\nCVE Names: CVE-2010-5298 CVE-2014-0195 CVE-2014-0198 \n CVE-2014-0221 CVE-2014-0224 CVE-2014-3470 \n=====================================================================\n\n1. Summary:\n\nUpdated openssl packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 7. \n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - ppc64, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - x86_64\n\n3. Description:\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library. \n\nIt was found that OpenSSL clients and servers could be forced, via a\nspecially crafted handshake packet, to use weak keying material for\ncommunication. A man-in-the-middle attacker could use this flaw to decrypt\nand modify traffic between a client and a server. (CVE-2014-0224)\n\nNote: In order to exploit this flaw, both the server and the client must be\nusing a vulnerable version of OpenSSL; the server must be using OpenSSL\nversion 1.0.1 and above, and the client must be using any version of\nOpenSSL. For more information about this flaw, refer to:\nhttps://access.redhat.com/site/articles/904433\n\nA buffer overflow flaw was found in the way OpenSSL handled invalid DTLS\npacket fragments. A remote attacker could possibly use this flaw to execute\narbitrary code on a DTLS client or server. (CVE-2014-0195)\n\nMultiple flaws were found in the way OpenSSL handled read and write buffers\nwhen the SSL_MODE_RELEASE_BUFFERS mode was enabled. A TLS/SSL client or\nserver using OpenSSL could crash or unexpectedly drop connections when\nprocessing certain SSL traffic. (CVE-2010-5298, CVE-2014-0198)\n\nA denial of service flaw was found in the way OpenSSL handled certain DTLS\nServerHello requests. (CVE-2014-0221)\n\nA NULL pointer dereference flaw was found in the way OpenSSL performed\nanonymous Elliptic Curve Diffie Hellman (ECDH) key exchange. A specially\ncrafted handshake packet could cause a TLS/SSL client that has the\nanonymous ECDH cipher suite enabled to crash. (CVE-2014-3470)\n\nRed Hat would like to thank the OpenSSL project for reporting these issues. \nUpstream acknowledges KIKUCHI Masashi of Lepidum as the original reporter\nof CVE-2014-0224, J\u00fcri Aedla as the original reporter of CVE-2014-0195,\nImre Rad of Search-Lab as the original reporter of CVE-2014-0221, and Felix\nGr\u00f6bert and Ivan Fratri\u0107 of Google as the original reporters of\nCVE-2014-3470. \n\nAll OpenSSL users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. For the update to take\neffect, all services linked to the OpenSSL library (such as httpd and other\nSSL-enabled services) must be restarted or the system rebooted. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1087195 - CVE-2010-5298 openssl: freelist misuse causing a possible use-after-free\n1093837 - CVE-2014-0198 openssl: SSL_MODE_RELEASE_BUFFERS NULL pointer dereference in do_ssl3_write()\n1103586 - CVE-2014-0224 openssl: SSL/TLS MITM vulnerability\n1103593 - CVE-2014-0221 openssl: DoS when sending invalid DTLS handshake\n1103598 - CVE-2014-0195 openssl: Buffer overflow via DTLS invalid fragment\n1103600 - CVE-2014-3470 openssl: client-side denial of service when using anonymous ECDH\n\n6. Package List:\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nopenssl-1.0.1e-34.el7_0.3.src.rpm\n\nx86_64:\nopenssl-1.0.1e-34.el7_0.3.x86_64.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.3.i686.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.3.x86_64.rpm\nopenssl-libs-1.0.1e-34.el7_0.3.i686.rpm\nopenssl-libs-1.0.1e-34.el7_0.3.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-34.el7_0.3.i686.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.3.x86_64.rpm\nopenssl-devel-1.0.1e-34.el7_0.3.i686.rpm\nopenssl-devel-1.0.1e-34.el7_0.3.x86_64.rpm\nopenssl-perl-1.0.1e-34.el7_0.3.x86_64.rpm\nopenssl-static-1.0.1e-34.el7_0.3.i686.rpm\nopenssl-static-1.0.1e-34.el7_0.3.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nopenssl-1.0.1e-34.el7_0.3.src.rpm\n\nx86_64:\nopenssl-1.0.1e-34.el7_0.3.x86_64.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.3.i686.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.3.x86_64.rpm\nopenssl-libs-1.0.1e-34.el7_0.3.i686.rpm\nopenssl-libs-1.0.1e-34.el7_0.3.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-34.el7_0.3.i686.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.3.x86_64.rpm\nopenssl-devel-1.0.1e-34.el7_0.3.i686.rpm\nopenssl-devel-1.0.1e-34.el7_0.3.x86_64.rpm\nopenssl-perl-1.0.1e-34.el7_0.3.x86_64.rpm\nopenssl-static-1.0.1e-34.el7_0.3.i686.rpm\nopenssl-static-1.0.1e-34.el7_0.3.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nopenssl-1.0.1e-34.el7_0.3.src.rpm\n\nppc64:\nopenssl-1.0.1e-34.el7_0.3.ppc64.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.3.ppc.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.3.ppc64.rpm\nopenssl-devel-1.0.1e-34.el7_0.3.ppc.rpm\nopenssl-devel-1.0.1e-34.el7_0.3.ppc64.rpm\nopenssl-libs-1.0.1e-34.el7_0.3.ppc.rpm\nopenssl-libs-1.0.1e-34.el7_0.3.ppc64.rpm\n\ns390x:\nopenssl-1.0.1e-34.el7_0.3.s390x.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.3.s390.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.3.s390x.rpm\nopenssl-devel-1.0.1e-34.el7_0.3.s390.rpm\nopenssl-devel-1.0.1e-34.el7_0.3.s390x.rpm\nopenssl-libs-1.0.1e-34.el7_0.3.s390.rpm\nopenssl-libs-1.0.1e-34.el7_0.3.s390x.rpm\n\nx86_64:\nopenssl-1.0.1e-34.el7_0.3.x86_64.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.3.i686.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.3.x86_64.rpm\nopenssl-devel-1.0.1e-34.el7_0.3.i686.rpm\nopenssl-devel-1.0.1e-34.el7_0.3.x86_64.rpm\nopenssl-libs-1.0.1e-34.el7_0.3.i686.rpm\nopenssl-libs-1.0.1e-34.el7_0.3.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64:\nopenssl-debuginfo-1.0.1e-34.el7_0.3.ppc.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.3.ppc64.rpm\nopenssl-perl-1.0.1e-34.el7_0.3.ppc64.rpm\nopenssl-static-1.0.1e-34.el7_0.3.ppc.rpm\nopenssl-static-1.0.1e-34.el7_0.3.ppc64.rpm\n\ns390x:\nopenssl-debuginfo-1.0.1e-34.el7_0.3.s390.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.3.s390x.rpm\nopenssl-perl-1.0.1e-34.el7_0.3.s390x.rpm\nopenssl-static-1.0.1e-34.el7_0.3.s390.rpm\nopenssl-static-1.0.1e-34.el7_0.3.s390x.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-34.el7_0.3.i686.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.3.x86_64.rpm\nopenssl-perl-1.0.1e-34.el7_0.3.x86_64.rpm\nopenssl-static-1.0.1e-34.el7_0.3.i686.rpm\nopenssl-static-1.0.1e-34.el7_0.3.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nopenssl-1.0.1e-34.el7_0.3.src.rpm\n\nx86_64:\nopenssl-1.0.1e-34.el7_0.3.x86_64.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.3.i686.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.3.x86_64.rpm\nopenssl-devel-1.0.1e-34.el7_0.3.i686.rpm\nopenssl-devel-1.0.1e-34.el7_0.3.x86_64.rpm\nopenssl-libs-1.0.1e-34.el7_0.3.i686.rpm\nopenssl-libs-1.0.1e-34.el7_0.3.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-34.el7_0.3.i686.rpm\nopenssl-debuginfo-1.0.1e-34.el7_0.3.x86_64.rpm\nopenssl-perl-1.0.1e-34.el7_0.3.x86_64.rpm\nopenssl-static-1.0.1e-34.el7_0.3.i686.rpm\nopenssl-static-1.0.1e-34.el7_0.3.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2010-5298.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-0195.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-0198.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-0221.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-0224.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-3470.html\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/site/articles/904433\nhttps://access.redhat.com/site/solutions/905793\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2014 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFTl161XlSAg2UNWIIRAiJlAKCiztPWPTBaVbDSJK/cEtvknFYpTACgur3t\nGHJznx5GNeKZ00848jTZ9hw=\n=48eV\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce. Description:\n\nRed Hat JBoss Web Server is a fully integrated and certified set of\ncomponents for hosting Java web applications. It is comprised of the Apache\nHTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector\n(mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat\nNative library. \n\nThis release serves as a replacement for Red Hat JBoss Web Server 2.0.1,\nand includes several bug fixes. Refer to the Red Hat JBoss Web Server 2.1.0\nRelease Notes, linked to in the References section, for information on the\nmost significant of these changes. \n\nThe following security issues are also fixed with this release:\n\nA race condition flaw, leading to heap-based buffer overflows, was found in\nthe mod_status httpd module. A remote attacker able to access a status page\nserved by mod_status on a server using a threaded Multi-Processing Module\n(MPM) could send a specially crafted request that would cause the httpd\nchild process to crash or, possibly, allow the attacker to execute\narbitrary code with the privileges of the \"apache\" user. \nA remote attacker could submit a specially crafted request that would cause\nthe httpd child process to hang indefinitely. (CVE-2014-0231)\n\nIt was found that several application-provided XML files, such as web.xml,\ncontent.xml, *.tld, *.tagx, and *.jspx, resolved external entities,\npermitting XML External Entity (XXE) attacks. An attacker able to deploy\nmalicious applications to Tomcat could use this flaw to circumvent security\nrestrictions set by the JSM, and gain access to sensitive information on\nthe system. Note that this flaw only affected deployments in which Tomcat\nis running applications from untrusted sources, such as in a shared hosting\nenvironment. (CVE-2013-4590)\n\nIt was found that, in certain circumstances, it was possible for a\nmalicious web application to replace the XML parsers used by Tomcat to\nprocess XSLTs for the default servlet, JSP documents, tag library\ndescriptors (TLDs), and tag plug-in configuration files. The injected XML\nparser(s) could then bypass the limits imposed on XML external entities\nand/or gain access to the XML files processed for other web applications\ndeployed on the same Tomcat instance. Solution:\n\nThe References section of this erratum contains a download link (you must\nlog in to download the update). 5 client) - i386, x86_64\n\n3. \n\nIt was discovered that the OBJ_obj2txt() function could fail to properly\nNUL-terminate its output. This could possibly cause an application using\nOpenSSL functions to format fields of X.509 certificates to disclose\nportions of its memory. \n\n\nHere are the details from the Slackware 14.1 ChangeLog:\n+--------------------------+\npatches/packages/openssl-1.0.1h-i486-1_slack14.1.txz: Upgraded. \n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated packages for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-0.9.8za-i486-1_slack13.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-solibs-0.9.8za-i486-1_slack13.0.txz\n\nUpdated packages for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-0.9.8za-x86_64-1_slack13.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-solibs-0.9.8za-x86_64-1_slack13.0.txz\n\nUpdated packages for Slackware 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-0.9.8za-i486-1_slack13.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-solibs-0.9.8za-i486-1_slack13.1.txz\n\nUpdated packages for Slackware x86_64 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-0.9.8za-x86_64-1_slack13.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-solibs-0.9.8za-x86_64-1_slack13.1.txz\n\nUpdated packages for Slackware 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-0.9.8za-i486-1_slack13.37.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-solibs-0.9.8za-i486-1_slack13.37.txz\n\nUpdated packages for Slackware x86_64 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-0.9.8za-x86_64-1_slack13.37.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-solibs-0.9.8za-x86_64-1_slack13.37.txz\n\nUpdated packages for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-1.0.1h-i486-1_slack14.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-solibs-1.0.1h-i486-1_slack14.0.txz\n\nUpdated packages for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-1.0.1h-x86_64-1_slack14.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-solibs-1.0.1h-x86_64-1_slack14.0.txz\n\nUpdated packages for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-1.0.1h-i486-1_slack14.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-solibs-1.0.1h-i486-1_slack14.1.txz\n\nUpdated packages for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-1.0.1h-x86_64-1_slack14.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-solibs-1.0.1h-x86_64-1_slack14.1.txz\n\nUpdated packages for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-1.0.1h-i486-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-1.0.1h-i486-1.txz\n\nUpdated packages for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/openssl-solibs-1.0.1h-x86_64-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssl-1.0.1h-x86_64-1.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 13.0 packages:\n634b8ecc8abc6d3f249b73d0fefa5959 openssl-0.9.8za-i486-1_slack13.0.txz\na2529f1243d42a3608f61b96236b5f60 openssl-solibs-0.9.8za-i486-1_slack13.0.txz\n\nSlackware x86_64 13.0 packages:\n2ddac651c5f2531f3a7f70d9f5823bd6 openssl-0.9.8za-x86_64-1_slack13.0.txz\nd7ffeb15713a587f642fbb3d5c310c75 openssl-solibs-0.9.8za-x86_64-1_slack13.0.txz\n\nSlackware 13.1 packages:\n0b84a6a1edf76cba83d4c52c54196baa openssl-0.9.8za-i486-1_slack13.1.txz\ndfd5d241b0e1703ae9d70d6ccda06179 openssl-solibs-0.9.8za-i486-1_slack13.1.txz\n\nSlackware x86_64 13.1 packages:\nbd749622577a5f76a59d90b95aa922fd openssl-0.9.8za-x86_64-1_slack13.1.txz\n35cf911dd9f0cc13f7f0056d9e1f4520 openssl-solibs-0.9.8za-x86_64-1_slack13.1.txz\n\nSlackware 13.37 packages:\n8f674defac9002c81265d284b1072f75 openssl-0.9.8za-i486-1_slack13.37.txz\n48ce79e7714cb0c823d2b6ea4a88ba51 openssl-solibs-0.9.8za-i486-1_slack13.37.txz\n\nSlackware x86_64 13.37 packages:\nefa09162c22782c15806bca99472c5be openssl-0.9.8za-x86_64-1_slack13.37.txz\n8e3b8d1e3d3a740bd274fbe38dc10f96 openssl-solibs-0.9.8za-x86_64-1_slack13.37.txz\n\nSlackware 14.0 packages:\n8e2698d19f54c7e0cac8f998df23b782 openssl-1.0.1h-i486-1_slack14.0.txz\ncf6233bc169cf6dd192bb7210f779fc1 openssl-solibs-1.0.1h-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 packages:\n2b4f0610d5e46fa7bb27a0b39f0d6d33 openssl-1.0.1h-x86_64-1_slack14.0.txz\n18fdd83dcf86204275508a689a017dea openssl-solibs-1.0.1h-x86_64-1_slack14.0.txz\n\nSlackware 14.1 packages:\n49aea7da42eef41da894f29762971863 openssl-1.0.1h-i486-1_slack14.1.txz\n6f19f4fdc3f018b4e821c519d7bb1e5c openssl-solibs-1.0.1h-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 packages:\nccf5ff2b107c665a4f3bf98176937749 openssl-1.0.1h-x86_64-1_slack14.1.txz\nea1aaba38c98b096186ca94ca541a793 openssl-solibs-1.0.1h-x86_64-1_slack14.1.txz\n\nSlackware -current packages:\ndb1ed7ded71ab503f567940fff39eb16 a/openssl-solibs-1.0.1h-i486-1.txz\n0db4f91f9b568b2b2629950e5ab88b22 n/openssl-1.0.1h-i486-1.txz\n\nSlackware x86_64 -current packages:\nd01aef33335bee27f36574241f54091f a/openssl-solibs-1.0.1h-x86_64-1.txz\n95a743d21c58f39573845d6ec5270656 n/openssl-1.0.1h-x86_64-1.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the packages as root:\n# upgradepkg openssl-1.0.1h-i486-1_slack14.1.txz openssl-solibs-1.0.1h-i486-1_slack14.1.txz\n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list: |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message: |\n| |\n| unsubscribe slackware-security |\n| |\n| You will get a confirmation message back containing instructions to |\n| complete the process. Please do not reply to this email address. \n\nHP Systems Insight Manager v7.3 Hotfix kit\nHP Systems Insight Manager v7.2 Hotfix kit (The HP Systems Insight Manager\nv7.2 Hotfix kit is currently unavailable, but will be released at a later\ndate. \n\nhttp://h18013.www1.hp.com/products/servers/management/hpsim/download.html\n\nNOTE: No reboot of the system is required after applying the HP SIM Hotfix\nkit. \nHP System Management Homepage versions 7.3.2 and earlier for Linux and\nWindows. HP System Management Homepage v7.2.4.1 is available for\nWindows 2003 only. \n\nHP System Management Homepage v7.2.4.1 for Windows x86:\nhttp://www.hp.com/swpublishing/MTX-d775367b0a28449ca05660778b\nftp://ftp.hp.com/pub/softlib2/software1/sc-windows/p11160892/v98702\n\nHP System Management Homepage v7.2.4.1 for Windows x64:\nhttp://www.hp.com/swpublishing/MTX-3a7aa5e233904ebe847a5e1555\nftp://ftp.hp.com/pub/softlib2/software1/sc-windows/p221526337/v98704\n\nHP System Management Homepage v7.3.3.1 for Windows x86:\nhttp://www.hp.com/swpublishing/MTX-3395d737d98f42149125b9bb05\nftp://ftp.hp.com/pub/softlib2/software1/sc-windows/p11160892/v98696\n\nHP System Management Homepage v7.3.3.1 for Windows x64:\nhttp://www.hp.com/swpublishing/MTX-e8076c2a35804685ad65b2b1ba\nftp://ftp.hp.com/pub/softlib2/software1/sc-windows/p221526337/v98698\n\nHP System Management Homepage v7.3.3.1 for Linux x86:\nhttp://www.hp.com/swpublishing/MTX-511c3e0b2f6f4f6bbc796fc619\nftp://ftp.hp.com/pub/softlib2/software1/pubsw-linux/p1980463820/v98694\n\nHP System Management Homepage v7.3.3.1 for Linux x64:\nhttp://www.hp.com/swpublishing/MTX-bd9a1cf60e344c549c4888db93\nftp://ftp.hp.com/pub/softlib2/software1/pubsw-linux/p1507410135/v98693\n\nNOTE: HP System Management Homepage v7.3.3.1 for Linux x86 still contains\nOpenSSL v1.0.0d. As long as all other products which SMH V7.3.3.1 for Linux\nx86 communicates with have been upgraded to the latest versions, it will not\nbe vulnerable to the exploits described in CVE-2014-0224. \n\nRelease Date: 2014-07-09\nLast Updated: 2014-07-09\n\nPotential Security Impact: Remote denial of service (DoS), code execution,\nunauthorized access, disclosure of information\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with HP Software\nOperation Orchestration. The vulnerabilities could be exploited to allow\nremote code execution, denial of service (DoS) and disclosure of information. \nOpenSSL is a 3rd party product that is embedded with some HP Software\nproducts. This bulletin notifies HP Software customers about products\naffected by the OpenSSL vulnerabilities\n\nReferences:\n\nCVE-2014-0195 Remote Unauthorized Access\nCVE-2014-0221 Remote Unauthorized Access or Disclosure of Information\nCVE-2014-3470 Remote Code Execution or Unauthorized Access\nSSRT101635\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP Software Operation Orchestration, v9.X\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2014-0195 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2014-0221 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2014-3470 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has provided the following guideline for HP Operations Orchestration to\nresolve these vulnerabilities. \n\nGuidelines and Patches can be downloaded from HP Software Support Online:\nhttp://support.openview.hp.com/selfsolve/document/LID/OO_00030\n\nBulletin Applicability: This security bulletin applies to each OpenSSL\ncomponent that is embedded within the HP products listed in the security\nbulletin. The bulletin does not apply to any other 3rd party application\n(e.g. operating system, web server, or application server) that may be\nrequired to be installed by the customer according instructions in the\nproduct install guide. \n\nHISTORY\nVersion:1 (rev.1) - 9 July 2014 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2014 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n _______________________________________________________________________\n\n Mandriva Linux Security Advisory MDVSA-2015:062\n http://www.mandriva.com/en/support/security/\n _______________________________________________________________________\n\n Package : openssl\n Date : March 27, 2015\n Affected: Business Server 2.0\n _______________________________________________________________________\n\n Problem Description:\n\n Multiple vulnerabilities has been discovered and corrected in openssl:\n \n Race condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL\n through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, allows\n remote attackers to inject data across sessions or cause a denial of\n service (use-after-free and parsing error) via an SSL connection in\n a multithreaded environment (CVE-2010-5298). \n \n The Montgomery ladder implementation in OpenSSL through 1.0.0l does\n not ensure that certain swap operations have a constant-time behavior,\n which makes it easier for local users to obtain ECDSA nonces via a\n FLUSH+RELOAD cache side-channel attack (CVE-2014-0076). \n \n The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before\n 1.0.1g do not properly handle Heartbeat Extension packets, which allows\n remote attackers to obtain sensitive information from process memory\n via crafted packets that trigger a buffer over-read, as demonstrated\n by reading private keys, related to d1_both.c and t1_lib.c, aka the\n Heartbleed bug (CVE-2014-0160). \n \n OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before\n 1.0.1h does not properly restrict processing of ChangeCipherSpec\n messages, which allows man-in-the-middle attackers to trigger use of a\n zero-length master key in certain OpenSSL-to-OpenSSL communications,\n and consequently hijack sessions or obtain sensitive information,\n via a crafted TLS handshake, aka the CCS Injection vulnerability\n (CVE-2014-0224). \n \n The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other\n products, uses nondeterministic CBC padding, which makes it easier\n for man-in-the-middle attackers to obtain cleartext data via a\n padding-oracle attack, aka the POODLE issue (CVE-2014-3566). NOTE: this issue\n became relevant after the CVE-2014-3568 fix (CVE-2014-3569). \n \n The BN_sqr implementation in OpenSSL before 0.9.8zd, 1.0.0 before\n 1.0.0p, and 1.0.1 before 1.0.1k does not properly calculate the square\n of a BIGNUM value, which might make it easier for remote attackers to\n defeat cryptographic protection mechanisms via unspecified vectors,\n related to crypto/bn/asm/mips.pl, crypto/bn/asm/x86_64-gcc.c, and\n crypto/bn/bn_asm.c (CVE-2014-3570). \n \n OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k\n does not enforce certain constraints on certificate data, which allows\n remote attackers to defeat a fingerprint-based certificate-blacklist\n protection mechanism by including crafted data within a\n certificate\u0026#039;s unsigned portion, related to crypto/asn1/a_verify.c,\n crypto/dsa/dsa_asn1.c, crypto/ecdsa/ecs_vrf.c, and crypto/x509/x_all.c\n (CVE-2014-8275). \n \n The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before\n 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL\n servers to conduct RSA-to-EXPORT_RSA downgrade attacks and facilitate\n brute-force decryption by offering a weak ephemeral RSA key in a\n noncompliant role, related to the FREAK issue. NOTE: the scope of\n this CVE is only client code based on OpenSSL, not EXPORT_RSA issues\n associated with servers or other TLS implementations (CVE-2015-0204). \n \n The ssl3_get_cert_verify function in s3_srvr.c in OpenSSL 1.0.0 before\n 1.0.0p and 1.0.1 before 1.0.1k accepts client authentication with a\n Diffie-Hellman (DH) certificate without requiring a CertificateVerify\n message, which allows remote attackers to obtain access without\n knowledge of a private key via crafted TLS Handshake Protocol traffic\n to a server that recognizes a Certification Authority with DH support\n (CVE-2015-0205). \n \n The PKCS#7 implementation in OpenSSL before 0.9.8zf, 1.0.0 before\n 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not\n properly handle a lack of outer ContentInfo, which allows attackers to\n cause a denial of service (NULL pointer dereference and application\n crash) by leveraging an application that processes arbitrary PKCS#7\n data and providing malformed data with ASN.1 encoding, related to\n crypto/pkcs7/pk7_doit.c and crypto/pkcs7/pk7_lib.c (CVE-2015-0289). \n \n The updated packages have been upgraded to the 1.0.1m version where\n these security flaws has been fixed. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5298\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0076\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0195\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0198\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0221\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3513\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3569\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3570\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3571\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3572\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8275\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0204\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0206\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0209\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0286\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0287\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0288\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0289\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0293\n http://openssl.org/news/secadv_20150108.txt\n http://openssl.org/news/secadv_20150319.txt\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Business Server 2/X86_64:\n 324a85f7e1165ab02881e44dbddaf599 mbs2/x86_64/lib64openssl1.0.0-1.0.1m-1.mbs2.x86_64.rpm\n 9c0bfb6ebd43cb6d81872abf71b4f85f mbs2/x86_64/lib64openssl-devel-1.0.1m-1.mbs2.x86_64.rpm\n 58df54e72ca7270210c7d8dd23df402b mbs2/x86_64/lib64openssl-engines1.0.0-1.0.1m-1.mbs2.x86_64.rpm\n b5313ffb5baaa65aea05eb05486d309a mbs2/x86_64/lib64openssl-static-devel-1.0.1m-1.mbs2.x86_64.rpm\n a9890ce4c33630cb9e00f3b2910dd784 mbs2/x86_64/openssl-1.0.1m-1.mbs2.x86_64.rpm \n 521297a5fe26e2de0c1222d8d03382d1 mbs2/SRPMS/openssl-1.0.1m-1.mbs2.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/en/support/security/advisories/\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.12 (GNU/Linux)\n\niD8DBQFVFTm1mqjQ0CJFipgRAoYFAKCaubn00colzVNnUBFjSElyDptGMQCfaGoS\nkz0ex6eI6hA6qSwklA2NoXY=\n=GYjX\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0221"
},
{
"db": "BID",
"id": "67901"
},
{
"db": "PACKETSTORM",
"id": "140720"
},
{
"db": "PACKETSTORM",
"id": "126925"
},
{
"db": "PACKETSTORM",
"id": "127042"
},
{
"db": "PACKETSTORM",
"id": "128001"
},
{
"db": "PACKETSTORM",
"id": "127958"
},
{
"db": "PACKETSTORM",
"id": "127016"
},
{
"db": "PACKETSTORM",
"id": "127862"
},
{
"db": "VULMON",
"id": "CVE-2014-0221"
},
{
"db": "PACKETSTORM",
"id": "126976"
},
{
"db": "PACKETSTORM",
"id": "127608"
},
{
"db": "PACKETSTORM",
"id": "127266"
},
{
"db": "PACKETSTORM",
"id": "127362"
},
{
"db": "PACKETSTORM",
"id": "127159"
},
{
"db": "PACKETSTORM",
"id": "127421"
},
{
"db": "PACKETSTORM",
"id": "131044"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-0221",
"trust": 3.4
},
{
"db": "BID",
"id": "67901",
"trust": 2.0
},
{
"db": "MCAFEE",
"id": "SB10075",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "59659",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "58977",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59310",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59189",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59721",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59221",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "58337",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59491",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59300",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "60571",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59287",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "58939",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59162",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59449",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59364",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59192",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59990",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59167",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "58945",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59126",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "61254",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59175",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59655",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59451",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59429",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59306",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59518",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59490",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "60687",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59120",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59666",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59514",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59784",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "58615",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59460",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59284",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59495",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59413",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59027",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "58713",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "58714",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59365",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59441",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59454",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59450",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59301",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59895",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59342",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59669",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59437",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59528",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1030337",
"trust": 1.7
},
{
"db": "JUNIPER",
"id": "JSA10629",
"trust": 1.7
},
{
"db": "LENOVO",
"id": "LEN-24443",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.0696",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201406-079",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-17-094-04",
"trust": 0.4
},
{
"db": "DLINK",
"id": "SAP10045",
"trust": 0.3
},
{
"db": "VULMON",
"id": "CVE-2014-0221",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127421",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127159",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127362",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127266",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127608",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126976",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "131044",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "140720",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127862",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127016",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127958",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128001",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127042",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126925",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-0221"
},
{
"db": "BID",
"id": "67901"
},
{
"db": "PACKETSTORM",
"id": "127421"
},
{
"db": "PACKETSTORM",
"id": "127159"
},
{
"db": "PACKETSTORM",
"id": "127362"
},
{
"db": "PACKETSTORM",
"id": "127266"
},
{
"db": "PACKETSTORM",
"id": "127608"
},
{
"db": "PACKETSTORM",
"id": "126976"
},
{
"db": "PACKETSTORM",
"id": "131044"
},
{
"db": "PACKETSTORM",
"id": "140720"
},
{
"db": "PACKETSTORM",
"id": "127862"
},
{
"db": "PACKETSTORM",
"id": "127016"
},
{
"db": "PACKETSTORM",
"id": "127958"
},
{
"db": "PACKETSTORM",
"id": "128001"
},
{
"db": "PACKETSTORM",
"id": "127042"
},
{
"db": "PACKETSTORM",
"id": "126925"
},
{
"db": "CNNVD",
"id": "CNNVD-201406-079"
},
{
"db": "NVD",
"id": "CVE-2014-0221"
}
]
},
"id": "VAR-201406-0142",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.4065201389473685
},
"last_update_date": "2024-06-14T21:51:12.928000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "openssl-1.0.1h",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=51081"
},
{
"title": "openssl-1.0.0m",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=51080"
},
{
"title": "openssl-0.9.8za",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=51079"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2014/07/10/fireeye_patches_os_torpedo_exploitdb_disclosure/"
},
{
"title": "Red Hat: CVE-2014-0221",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2014-0221"
},
{
"title": "Ubuntu Security Notice: openssl vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-2232-4"
},
{
"title": "Ubuntu Security Notice: openssl regression",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-2232-3"
},
{
"title": "Ubuntu Security Notice: openssl vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-2232-1"
},
{
"title": "Ubuntu Security Notice: openssl regression",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-2232-2"
},
{
"title": "Debian Security Advisories: DSA-2950-1 openssl -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=909292f2afe623fbec51f7ab6b32f790"
},
{
"title": "Debian CVElist Bug Report Logs: openssl: CVE-2014-0224, CVE-2014-0221, CVE-2014-0195, CVE-2014-0198, CVE-2010-5298, CVE-2014-3470",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=07d14df4883f21063a053cea8d2239c6"
},
{
"title": "Amazon Linux AMI: ALAS-2014-349",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2014-349"
},
{
"title": "Debian CVElist Bug Report Logs: virtualbox: CVE-2014-6588 CVE-2014-6589 CVE-2014-6590 CVE-2014-6595 CVE-2015-0418 CVE-2015-0427",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=eee4d8c3e2b11de5b15ee65d96af6c60"
},
{
"title": "Symantec Security Advisories: SA80 : OpenSSL Security Advisory 05-Jun-2014",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=dd4667746d163d08265dfdd4c98e4201"
},
{
"title": "Citrix Security Bulletins: Citrix Security Advisory for OpenSSL Vulnerabilities (June 2014)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins\u0026qid=afbd3a710e98424e558b1b21482abad6"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - January 2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=4a692d6d60aa31507cb101702b494c51"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=523d3f220a64ff01dd95e064bd37566a"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2014-0221 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/potterxma/linux-deployment-standard "
},
{
"title": "wormhole",
"trust": 0.1,
"url": "https://github.com/jumanjihouse/wormhole "
},
{
"title": "oval",
"trust": 0.1,
"url": "https://github.com/jumanjihouse/oval "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/hrbrmstr/internetdb "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-0221"
},
{
"db": "CNNVD",
"id": "CNNVD-201406-079"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0221"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://support.citrix.com/article/ctx140876"
},
{
"trust": 2.3,
"url": "http://www.openssl.org/news/secadv_20140605.txt"
},
{
"trust": 2.3,
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm"
},
{
"trust": 2.3,
"url": "http://www.vmware.com/security/advisories/vmsa-2014-0012.html"
},
{
"trust": 2.3,
"url": "http://www.vmware.com/security/advisories/vmsa-2014-0006.html"
},
{
"trust": 2.3,
"url": "http://www.securityfocus.com/bid/67901"
},
{
"trust": 2.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg24037783"
},
{
"trust": 2.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21676793"
},
{
"trust": 2.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21676356"
},
{
"trust": 2.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21676226"
},
{
"trust": 2.0,
"url": "https://kb.bluecoat.com/index?page=content\u0026id=sa80"
},
{
"trust": 2.0,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20140605-openssl"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676035"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677695"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677828"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676062"
},
{
"trust": 2.0,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10075"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676419"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678167"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21673137"
},
{
"trust": 2.0,
"url": "http://www.fortiguard.com/advisory/fg-ir-14-018/"
},
{
"trust": 2.0,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095757"
},
{
"trust": 2.0,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095756"
},
{
"trust": 2.0,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095755"
},
{
"trust": 2.0,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095754"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683332"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676879"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676071"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21675821"
},
{
"trust": 2.0,
"url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc"
},
{
"trust": 1.7,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1103593"
},
{
"trust": 1.7,
"url": "http://www.blackberry.com/btsc/kb36051"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59301"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59450"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59491"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59721"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59655"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59659"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59162"
},
{
"trust": 1.7,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678289"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59120"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59528"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/58939"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59666"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59126"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59490"
},
{
"trust": 1.7,
"url": "http://www.novell.com/support/kb/doc.php?id=7015300"
},
{
"trust": 1.7,
"url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026id=6060\u0026myns=phmc\u0026mync=e"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59514"
},
{
"trust": 1.7,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677527"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59495"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59669"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59413"
},
{
"trust": 1.7,
"url": "http://www.novell.com/support/kb/doc.php?id=7015264"
},
{
"trust": 1.7,
"url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026id=6061\u0026myns=phmc\u0026mync=e"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59300"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59895"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59342"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59451"
},
{
"trust": 1.7,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001843"
},
{
"trust": 1.7,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001841"
},
{
"trust": 1.7,
"url": "http://rhn.redhat.com/errata/rhsa-2014-1021.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59990"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59221"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/60571"
},
{
"trust": 1.7,
"url": "http://linux.oracle.com/errata/elsa-2014-1053.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/60687"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59784"
},
{
"trust": 1.7,
"url": "http://support.apple.com/kb/ht6443"
},
{
"trust": 1.7,
"url": "http://seclists.org/fulldisclosure/2014/dec/23"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2015:062"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=140431828824371\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=140499827729550\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=140266410314613\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=140448122410568\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=140491231331543\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=140621259019789\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=140482916501310\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=140389274407904\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=140317760000786\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=140904544427729\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=140389355508263\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=140752315422991\u0026w=2"
},
{
"trust": 1.7,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05301946"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html"
},
{
"trust": 1.7,
"url": "https://www.novell.com/support/kb/doc.php?id=7015271"
},
{
"trust": 1.7,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676889"
},
{
"trust": 1.7,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1020163"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1030337"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2014:106"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2014:105"
},
{
"trust": 1.7,
"url": "http://security.gentoo.org/glsa/glsa-201407-05.xml"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/61254"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59518"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59460"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59454"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59449"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59441"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59437"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59429"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59365"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59364"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59310"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59306"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59287"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59284"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59192"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59189"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59175"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59167"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59027"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/58977"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/58945"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/58714"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/58713"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/58615"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/58337"
},
{
"trust": 1.7,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-august/136473.html"
},
{
"trust": 1.7,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-august/136470.html"
},
{
"trust": 1.7,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10629"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0221"
},
{
"trust": 1.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3470"
},
{
"trust": 1.1,
"url": "https://git.openssl.org/gitweb/?p=openssl.git%3ba=commit%3bh=d3152655d5319ce883c8e3ac4b99f8de4c59d846"
},
{
"trust": 1.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0195"
},
{
"trust": 1.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0224"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0198"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-5298"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0076"
},
{
"trust": 0.6,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/"
},
{
"trust": 0.6,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
},
{
"trust": 0.6,
"url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
},
{
"trust": 0.6,
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=d3152655d5319ce883c8e3ac4b99f8de4c59d846"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
},
{
"trust": 0.6,
"url": "https://support.lenovo.com/us/en/solutions/len-24443"
},
{
"trust": 0.4,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-094-04"
},
{
"trust": 0.4,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05301946"
},
{
"trust": 0.3,
"url": "https://blogs.oracle.com/sunsecurity/entry/cve_2014_0221_resource_management"
},
{
"trust": 0.3,
"url": "http://securityadvisories.dlink.com/security/publication.aspx?name=sap10045"
},
{
"trust": 0.3,
"url": "http://www.cerberusftp.com/products/releasenotes.html"
},
{
"trust": 0.3,
"url": "http://googlechromereleases.blogspot.com/2014/06/chrome-for-android-update.html"
},
{
"trust": 0.3,
"url": "http://blogs.citrix.com/2014/06/06/citrix-security-advisory-for-openssl-vulnerabilities-june-2014/"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2014/aug/att-93/esa-2014-079.txt"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21678123"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21678073"
},
{
"trust": 0.3,
"url": "http://www.openssl.org"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100181245"
},
{
"trust": 0.3,
"url": "http://www8.hp.com/us/en/software-solutions/operations-analytics-operations-analysis/"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21686583"
},
{
"trust": 0.3,
"url": "https://community.rapid7.com/community/metasploit/blog/2014/06/05/security-advisory-openssl-vulnerabilities-cve-2014-0224-cve-2014-0221-in-metasploit"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685551"
},
{
"trust": 0.3,
"url": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15343.html"
},
{
"trust": 0.3,
"url": "http://www.marshut.com/ixwnpv/stunnel-5-02-released.html"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100181099"
},
{
"trust": 0.3,
"url": "http://btsc.webapps.blackberry.com/btsc/viewdocument.do;jsessionid=98ec479ee69ccb916d2ea4b09943faf5?nocount=true\u0026externalid=kb36051\u0026sliceid=1\u0026cmd=\u0026forward=nonthreadedkc\u0026command=show\u0026kcid=kb36051\u0026viewe"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04355095"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04343424"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04345210"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04349175"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04349789"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04349897"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04363613"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04368523"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04378799"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04379485"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04337774"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04336637"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21678356"
},
{
"trust": 0.3,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095940"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678413"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21676889"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676673"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21678660"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676041"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676128"
},
{
"trust": 0.3,
"url": "https://www.xerox.com/download/security/security-bulletin/33a01-5228bdf5d027e/cert_security_mini-_bulletin_xrx15ao_for_cq8570-cq8870_v1-0.pdf"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100182784"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=nas8n1020200"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676356"
},
{
"trust": 0.3,
"url": "https://rhn.redhat.com/errata/rhsa-2014-0625.html"
},
{
"trust": 0.3,
"url": "http://forums.alienvault.com/discussion/3054/security-advisory-alienvault-v4-10-0-addresses-several-vulnerabilities"
},
{
"trust": 0.3,
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/archive/hw-345106.htm"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676793"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1021009"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676840"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=nas8n1020163"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678104"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676226"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682023"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682026"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682025"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682024"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21678289"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=ssg1s1004695"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1020976"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1020952"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1007987"
},
{
"trust": 0.3,
"url": "http://www.ubuntu.com/usn/usn-2232-4/"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0224"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3470"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0221"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.3,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0221.html"
},
{
"trust": 0.2,
"url": "http://h18013.www1.hp.com/products/servers/management/hpsim/download.html"
},
{
"trust": 0.2,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_n"
},
{
"trust": 0.2,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_"
},
{
"trust": 0.2,
"url": "http://h17007.www1.hp.com/us/en/enterprise/servers/solutions/info-library/ind"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0195"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-5298"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0198"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/en/support/security/"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/en/support/security/advisories/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3566"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2014-0221"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=34547"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-0221"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/2232-4/"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/oo_00030"
},
{
"trust": 0.1,
"url": "http://h71000.www7.hp.com/openvms/products/ssl/ssl.html"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-511c3e0b2f6f4f6bbc796fc619"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-bd9a1cf60e344c549c4888db93"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-3395d737d98f42149125b9bb05"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-3a7aa5e233904ebe847a5e1555"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-d775367b0a28449ca05660778b"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-e8076c2a35804685ad65b2b1ba"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-2c54f23c6dbc4d598e86fdef95"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-4480df0f6d544779b0143f5c3b"
},
{
"trust": 0.1,
"url": "http://slackware.com"
},
{
"trust": 0.1,
"url": "http://osuosl.org)"
},
{
"trust": 0.1,
"url": "http://slackware.com/gpg-key"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0289"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0288"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0287"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0209"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0160"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3571"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3566"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0287"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0160"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0286"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3513"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8275"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3572"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0209"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0289"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3513"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0204"
},
{
"trust": 0.1,
"url": "http://openssl.org/news/secadv_20150319.txt"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3570"
},
{
"trust": 0.1,
"url": "http://openssl.org/news/secadv_20150108.txt"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0204"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3571"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0076"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0288"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0206"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0205"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0293"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3570"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0205"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8275"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3572"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3569"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0286"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3569"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0293"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-0206"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/support/security_bulletin_archive"
},
{
"trust": 0.1,
"url": "https://www.hpe.com/info/report-security-vulnerability"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c01345499"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0705"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/support/subscriber_choice"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-3505.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-3506.html"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/news/secadv_20140806.txt"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-3508.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3505"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-3510.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3508"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3510"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2014-1053.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3506"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0118"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0226"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0226.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?downloadtype=distributions\u0026product=webserver\u0026version=2.1.0"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0119"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/jboss_enterprise_web_server/2.1/html/2.1.0_release_notes/index.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-4590.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-4590"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0119.html"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2014-1086.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0118.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0231"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0231.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/site/solutions/905793"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0224.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/site/articles/11258"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0198.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/site/articles/904433"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2014-0679.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2010-5298.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-3470.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0195.html"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu2.2"
},
{
"trust": 0.1,
"url": "http://www.ubuntu.com/usn/usn-2232-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1e-3ubuntu1.4"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/0.9.8k-7ubuntu8.18"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1-4ubuntu5.14"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-0221"
},
{
"db": "BID",
"id": "67901"
},
{
"db": "PACKETSTORM",
"id": "127421"
},
{
"db": "PACKETSTORM",
"id": "127159"
},
{
"db": "PACKETSTORM",
"id": "127362"
},
{
"db": "PACKETSTORM",
"id": "127266"
},
{
"db": "PACKETSTORM",
"id": "127608"
},
{
"db": "PACKETSTORM",
"id": "126976"
},
{
"db": "PACKETSTORM",
"id": "131044"
},
{
"db": "PACKETSTORM",
"id": "140720"
},
{
"db": "PACKETSTORM",
"id": "127862"
},
{
"db": "PACKETSTORM",
"id": "127016"
},
{
"db": "PACKETSTORM",
"id": "127958"
},
{
"db": "PACKETSTORM",
"id": "128001"
},
{
"db": "PACKETSTORM",
"id": "127042"
},
{
"db": "PACKETSTORM",
"id": "126925"
},
{
"db": "CNNVD",
"id": "CNNVD-201406-079"
},
{
"db": "NVD",
"id": "CVE-2014-0221"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2014-0221"
},
{
"db": "BID",
"id": "67901"
},
{
"db": "PACKETSTORM",
"id": "127421"
},
{
"db": "PACKETSTORM",
"id": "127159"
},
{
"db": "PACKETSTORM",
"id": "127362"
},
{
"db": "PACKETSTORM",
"id": "127266"
},
{
"db": "PACKETSTORM",
"id": "127608"
},
{
"db": "PACKETSTORM",
"id": "126976"
},
{
"db": "PACKETSTORM",
"id": "131044"
},
{
"db": "PACKETSTORM",
"id": "140720"
},
{
"db": "PACKETSTORM",
"id": "127862"
},
{
"db": "PACKETSTORM",
"id": "127016"
},
{
"db": "PACKETSTORM",
"id": "127958"
},
{
"db": "PACKETSTORM",
"id": "128001"
},
{
"db": "PACKETSTORM",
"id": "127042"
},
{
"db": "PACKETSTORM",
"id": "126925"
},
{
"db": "CNNVD",
"id": "CNNVD-201406-079"
},
{
"db": "NVD",
"id": "CVE-2014-0221"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-06-05T00:00:00",
"db": "VULMON",
"id": "CVE-2014-0221"
},
{
"date": "2014-06-05T00:00:00",
"db": "BID",
"id": "67901"
},
{
"date": "2014-07-11T21:04:18",
"db": "PACKETSTORM",
"id": "127421"
},
{
"date": "2014-06-19T23:12:50",
"db": "PACKETSTORM",
"id": "127159"
},
{
"date": "2014-07-06T18:53:39",
"db": "PACKETSTORM",
"id": "127362"
},
{
"date": "2014-06-27T18:43:56",
"db": "PACKETSTORM",
"id": "127266"
},
{
"date": "2014-07-24T23:48:05",
"db": "PACKETSTORM",
"id": "127608"
},
{
"date": "2014-06-06T23:46:36",
"db": "PACKETSTORM",
"id": "126976"
},
{
"date": "2015-03-27T20:42:44",
"db": "PACKETSTORM",
"id": "131044"
},
{
"date": "2017-01-25T21:54:44",
"db": "PACKETSTORM",
"id": "140720"
},
{
"date": "2014-08-14T02:25:06",
"db": "PACKETSTORM",
"id": "127862"
},
{
"date": "2014-06-10T17:33:47",
"db": "PACKETSTORM",
"id": "127016"
},
{
"date": "2014-08-21T19:34:55",
"db": "PACKETSTORM",
"id": "127958"
},
{
"date": "2014-08-26T11:11:00",
"db": "PACKETSTORM",
"id": "128001"
},
{
"date": "2014-06-11T00:10:53",
"db": "PACKETSTORM",
"id": "127042"
},
{
"date": "2014-06-05T15:14:53",
"db": "PACKETSTORM",
"id": "126925"
},
{
"date": "2014-06-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201406-079"
},
{
"date": "2014-06-05T21:55:06.207000",
"db": "NVD",
"id": "CVE-2014-0221"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2014-0221"
},
{
"date": "2017-05-23T16:25:00",
"db": "BID",
"id": "67901"
},
{
"date": "2022-08-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201406-079"
},
{
"date": "2023-11-07T02:18:12.593000",
"db": "NVD",
"id": "CVE-2014-0221"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "127421"
},
{
"db": "PACKETSTORM",
"id": "127862"
},
{
"db": "PACKETSTORM",
"id": "127016"
},
{
"db": "PACKETSTORM",
"id": "126925"
},
{
"db": "CNNVD",
"id": "CNNVD-201406-079"
}
],
"trust": 1.0
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL Resource Management Error Vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201406-079"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201406-079"
}
],
"trust": 0.6
}
}
VAR-201406-0117
Vulnerability from variot - Updated: 2024-06-13 23:00The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h, when an anonymous ECDH cipher suite is used, allows remote attackers to cause a denial of service (NULL pointer dereference and client crash) by triggering a NULL certificate value. Supplementary information : CWE Vulnerability type by CWE-476: NULL Pointer Dereference (NULL Pointer dereference ) Has been identified. OpenSSL is prone to a denial-of-service vulnerability. An attacker may exploit this issue to crash the application, resulting in denial-of-service conditions. OpenSSL prior to 0.9.8za, 1.0.0m, and 1.0.1h are vulnerable. As long as all other products which SMH V7.3.3.1 for Linux x86 communicates with have been upgraded to the latest versions, it will not be vulnerable to the exploits described in CVE-2014-0224. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
ESA-2014-079: EMC Documentum Content Server Multiple Vulnerabilities
EMC Identifier: ESA-2014-079
CVE Identifier: See below for individual CVEs
Severity Rating: CVSS v2 Base Score: See below for individual CVSS score for each CVE
Affected products:
\x95 All EMC Documentum Content Server versions of 7.1 prior to P07
\x95 All EMC Documentum Content Server versions of 7.0
\x95 All EMC Documentum Content Server versions of 6.7 SP2 prior to P16
\x95 All EMC Documentum Content Server versions of 6.7 SP1
\x95 All EMC Documentum Content Server versions prior to 6.7 SP1
Summary:
EMC Documentum Content Server contains fixes for multiple vulnerabilities which also include vulnerabilities disclosed by the OpenSSL project on June 5, 2014 in OpenSSL.
Details: EMC Documentum Content Server may be susceptible to the following vulnerabilities:
\x95 Arbitrary Code Execution (CVE-2014-4618): Authenticated non-privileged users can potentially execute Documentum methods with higher level privileges (up to and including superuser privileges) due to improper authorization checks being performed on user-created system objects. CVSS v2 Base Score: 8.2 (AV:N/AC:M/Au:S/C:C/I:C/A:P)
\x95 DQL Injection (CVE-2014-2520): Certain DQL hints in EMC Documentum Content Server may be potentially exploited by an authenticated non-privileged malicious user to conduct DQL injection attacks and read the database contents. This issue only affects Content Server running on Oracle database. CVSS v2 Base Score: 6.3 (AV:N/AC:M/Au:S/C:C/I:N/A:N)
\x95 Information Disclosure (CVE-2014-2521): Authenticated non-privileged users are allowed to retrieve meta-data of unauthorized system objects due to improper authorization checks being performed on certain RPC commands in Content Server. CVSS v2 Base Score: 6.3 (AV:N/AC:M/Au:S/C:C/I:N/A:N)
\x95 Multiple OpenSSL vulnerabilities (See individual CVEs below and refer to NVD for each of their scores): SSL/TLS Man-in-the-middle (MITM) vulnerability (CVE-2014-0224) DTLS recursion flaw (CVE-2014-0221) DTLS invalid fragment vulnerability (CVE-2014-0195) SSL_MODE_RELEASE_BUFFERS NULL pointer deference (CVE-2014-0198) SSL_MODE_RELEASE_BUFFERS session injection or denial of service (CVE-2010-5298) Anonymous ECDH denial of service (CVE-2014-3470) FLUSH + RELOAD cache side-channel attack (CVE-2014-0076) For more information about these vulnerabilities, please visit the original OpenSSL advisory https://www.openssl.org/news/secadv_20140605.txt
Resolution: The following versions contain the resolution for these issues: \x95 EMC Documentum Content Server version 7.1 P07 and later \x95 EMC Documentum Content Server version 7.0: Hotfixes are available for Windows & Linux. Contact EMC Support to obtain them. For Solaris and AIX, contact EMC Support to open Hotfix requests. \x95 EMC Documentum Content Server version 6.7 SP2 P16 and later \x95 EMC Documentum Content Server version 6.7 SP1: Hotfixes are available for Windows & Linux. Contact EMC Support to obtain them. For Solaris and AIX, contact EMC Support to open Hotfix requests.
EMC recommends all customers to upgrade to one of the above versions at the earliest opportunity.
Link to remedies: Registered EMC Online Support customers can download patches and software from support.emc.com at: https://support.emc.com/downloads/2732_Documentum-Server
For Hotfix, contact EMC Support.
Read and use the information in this EMC Security Advisory to assist in avoiding any situation that might arise from the problems described herein. If you have any questions regarding this product alert, contact EMC Software Technical Support at 1-877-534-2867.
For an explanation of Severity Ratings, refer to EMC Knowledgebase solution emc218831. EMC recommends all customers take into account both the base score and any relevant temporal and environmental scores which may impact the potential severity associated with particular security vulnerability.
EMC Corporation distributes EMC Security Advisories, in order to bring to the attention of users of the affected EMC products, important security information. EMC recommends that all users determine the applicability of this information to their individual situations and take appropriate action. EMC disclaims all warranties, either express or implied, including the warranties of merchantability, fitness for a particular purpose, title and non-infringement. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages, so the foregoing limitation may not apply. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
[slackware-security] openssl (SSA:2014-156-03)
New openssl packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues.
Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patches/packages/openssl-1.0.1h-i486-1_slack14.1.txz: Upgraded. For more information, see: http://www.openssl.org/news/secadv_20140605.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5298 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0198 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0221 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470 ( Security fix ) patches/packages/openssl-solibs-1.0.1h-i486-1_slack14.1.txz: Upgraded. +--------------------------+
Where to find the new packages: +-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.
Updated packages for Slackware 13.0: ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-0.9.8za-i486-1_slack13.0.txz ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-solibs-0.9.8za-i486-1_slack13.0.txz
Updated packages for Slackware x86_64 13.0: ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-0.9.8za-x86_64-1_slack13.0.txz ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-solibs-0.9.8za-x86_64-1_slack13.0.txz
Updated packages for Slackware 13.1: ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-0.9.8za-i486-1_slack13.1.txz ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-solibs-0.9.8za-i486-1_slack13.1.txz
Updated packages for Slackware x86_64 13.1: ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-0.9.8za-x86_64-1_slack13.1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-solibs-0.9.8za-x86_64-1_slack13.1.txz
Updated packages for Slackware 13.37: ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-0.9.8za-i486-1_slack13.37.txz ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-solibs-0.9.8za-i486-1_slack13.37.txz
Updated packages for Slackware x86_64 13.37: ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-0.9.8za-x86_64-1_slack13.37.txz ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-solibs-0.9.8za-x86_64-1_slack13.37.txz
Updated packages for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-1.0.1h-i486-1_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-solibs-1.0.1h-i486-1_slack14.0.txz
Updated packages for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-1.0.1h-x86_64-1_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-solibs-1.0.1h-x86_64-1_slack14.0.txz
Updated packages for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-1.0.1h-i486-1_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-solibs-1.0.1h-i486-1_slack14.1.txz
Updated packages for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-1.0.1h-x86_64-1_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-solibs-1.0.1h-x86_64-1_slack14.1.txz
Updated packages for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-1.0.1h-i486-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-1.0.1h-i486-1.txz
Updated packages for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/openssl-solibs-1.0.1h-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssl-1.0.1h-x86_64-1.txz
MD5 signatures: +-------------+
Slackware 13.0 packages: 634b8ecc8abc6d3f249b73d0fefa5959 openssl-0.9.8za-i486-1_slack13.0.txz a2529f1243d42a3608f61b96236b5f60 openssl-solibs-0.9.8za-i486-1_slack13.0.txz
Slackware x86_64 13.0 packages: 2ddac651c5f2531f3a7f70d9f5823bd6 openssl-0.9.8za-x86_64-1_slack13.0.txz d7ffeb15713a587f642fbb3d5c310c75 openssl-solibs-0.9.8za-x86_64-1_slack13.0.txz
Slackware 13.1 packages: 0b84a6a1edf76cba83d4c52c54196baa openssl-0.9.8za-i486-1_slack13.1.txz dfd5d241b0e1703ae9d70d6ccda06179 openssl-solibs-0.9.8za-i486-1_slack13.1.txz
Slackware x86_64 13.1 packages: bd749622577a5f76a59d90b95aa922fd openssl-0.9.8za-x86_64-1_slack13.1.txz 35cf911dd9f0cc13f7f0056d9e1f4520 openssl-solibs-0.9.8za-x86_64-1_slack13.1.txz
Slackware 13.37 packages: 8f674defac9002c81265d284b1072f75 openssl-0.9.8za-i486-1_slack13.37.txz 48ce79e7714cb0c823d2b6ea4a88ba51 openssl-solibs-0.9.8za-i486-1_slack13.37.txz
Slackware x86_64 13.37 packages: efa09162c22782c15806bca99472c5be openssl-0.9.8za-x86_64-1_slack13.37.txz 8e3b8d1e3d3a740bd274fbe38dc10f96 openssl-solibs-0.9.8za-x86_64-1_slack13.37.txz
Slackware 14.0 packages: 8e2698d19f54c7e0cac8f998df23b782 openssl-1.0.1h-i486-1_slack14.0.txz cf6233bc169cf6dd192bb7210f779fc1 openssl-solibs-1.0.1h-i486-1_slack14.0.txz
Slackware x86_64 14.0 packages: 2b4f0610d5e46fa7bb27a0b39f0d6d33 openssl-1.0.1h-x86_64-1_slack14.0.txz 18fdd83dcf86204275508a689a017dea openssl-solibs-1.0.1h-x86_64-1_slack14.0.txz
Slackware 14.1 packages: 49aea7da42eef41da894f29762971863 openssl-1.0.1h-i486-1_slack14.1.txz 6f19f4fdc3f018b4e821c519d7bb1e5c openssl-solibs-1.0.1h-i486-1_slack14.1.txz
Slackware x86_64 14.1 packages: ccf5ff2b107c665a4f3bf98176937749 openssl-1.0.1h-x86_64-1_slack14.1.txz ea1aaba38c98b096186ca94ca541a793 openssl-solibs-1.0.1h-x86_64-1_slack14.1.txz
Slackware -current packages: db1ed7ded71ab503f567940fff39eb16 a/openssl-solibs-1.0.1h-i486-1.txz 0db4f91f9b568b2b2629950e5ab88b22 n/openssl-1.0.1h-i486-1.txz
Slackware x86_64 -current packages: d01aef33335bee27f36574241f54091f a/openssl-solibs-1.0.1h-x86_64-1.txz 95a743d21c58f39573845d6ec5270656 n/openssl-1.0.1h-x86_64-1.txz
Installation instructions: +------------------------+
Upgrade the packages as root:
upgradepkg openssl-1.0.1h-i486-1_slack14.1.txz openssl-solibs-1.0.1h-i486-1_slack14.1.txz
+-----+
Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com
+------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04355095
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c04355095 Version: 1
HPSBMU03062 rev.1 - HP Insight Control server deployment on Linux and Windows running OpenSSL, Multiple Vulnerabilities
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2014-08-08 Last Updated: 2014-08-08
Potential Security Impact: Remote denial of service (DoS), code execution, unauthorized access, disclosure of information
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP System Management Homepage (SMH), HP Smart Update Manager (SUM), and HP Version Control Agent (VCA) running on Linux and Windows. These components of HP Insight Control server deployment could be exploited remotely resulting in denial of service (DoS), code execution, unauthorized access, or disclosure of information.
HP Insight Control server deployment packages HP System Management Homepage (SMH) and HP Version Control Agent (VCA), and HP Smart Update Manager (SUM) and deploys them through the following components. This bulletin provides the information needed to update the HP Insight Control server deployment solution.
Install HP Management Agents for Windows x86/x64 Install HP Management Agents for RHEL 5 x64 Install HP Management Agents for RHEL 6 x64 Install HP Management Agents for SLES 10 x64 Install HP Management Agents for SLES 11 x64 Upgrade Proliant Firmware
References:
CVE-2010-5298 Remote Denial of Service CVE-2014-0076 Unauthorized Disclosure of Information CVE-2014-0195 Remote Unauthorized Access CVE-2014-0198 Remote Denial of Service CVE-2014-0221 Remote Denial of Service (DoS) CVE-2014-0224 Remote Unauthorized Access or Disclosure of Information CVE-2014-3470 Remote Code Execution or Unauthorized Access SSRT101628
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP Insight Control server deployment v7.1.2, v7.2.0, v7.2.1, v7.2.2, v7.3.1
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2010-5298 (AV:N/AC:H/Au:N/C:N/I:P/A:P) 4.0 CVE-2014-0076 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2014-0195 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2014-0198 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2014-0221 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2014-0224 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2014-3470 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has provided the following updates to v7.3.1 of HP Insight Control server deployment to resolve this vulnerability. HP has provided manual update steps if a version upgrade is not possible; if users wish to remain at v7.1.2, v7.2.0, or v7.2.1.
Note: It is important to check your current running version of HP Insight Control server deployment and to follow the correct steps listed below. For HP Insight Control server deployment v7.2.2, users must upgrade to v7.3.1 and follow the steps below to remove the vulnerability. The vulnerability known as Heartbleed (CVE-2014-0160) was fixed in HP Insight Control server deployment v7.3.1. That Security Bulletin with instructions on how to upgrade to v7.3.1 can be found here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_n a-c04267749
HP Insight Control server deployment users of v7.1.2, v7.2.0, v7.2.1 should take the following steps to remove this vulnerability.
Delete the files smhamd64-.exe/smhx86-.exe" from Component Copy Location listed in the following table, rows 1 and 2. Delete the files "vcax86-.exe/vcaamd64-.exe from Component Copy Location listed in the following table, rows 3 and 4. Delete the files hpsmh-7.*.rpm" from Component Copy Location listed in row 5. In sequence, perform the steps from left to right in the following table. First, download components from Download Link; Second, rename the component as suggested in Rename to. Third, copy the component to the location specified in Component Copy Location. Table Row Number Download Link Rename to Component Copy Location
1 http://www.hp.com/swpublishing/MTX-e8076c2a35804685ad65b2b1ba smhamd64-ccp023716.exe \express\hpfeatures\hpagents-ws\components\Win2008
2 http://www.hp.com/swpublishing/MTX-3395d737d98f42149125b9bb05 smhx86-cp023715.exe \express\hpfeatures\hpagents-ws\components\Win2008
3 http://www.hp.com/swpublishing/MTX-8aefeaf490284a7691eca97d13 vcax86-cp023742.exe \express\hpfeatures\hpagents-ws\components\Win2008
4 http://www.hp.com/swpublishing/MTX-c0d32bac154a4d93839d8cd1f2 vcaamd64-cp023743.exe \express\hpfeatures\hpagents-ws\components\Win2008
5 http://www.hp.com/swpublishing/MTX-bd9a1cf60e344c549c4888db93 Do not rename the downloaded component for this step. \express\hpfeatures\hpagents-sles11-x64\components \express\hpfeatures\hpagents-sles10-x64\components \express\hpfeatures\hpagents-rhel5-x64\components \express\hpfeatures\hpagents-rhel6-x64\components
Download and extract the HPSUM 5.3.6 component from ftp://ftp.hp.com/pub/softlib2/software1/pubsw-windows/p750586112/v99793
Copy all content from extracted ZIP folder and paste into \eXpress\hpfeatures\fw-proLiant\components Initiate Install HP Management Agents for SLES 11 x64 on targets running SLES11 x64. Initiate Install HP Management Agents for SLES 10 x64 on targets running SLES10 x64. Initiate Install HP Management Agents for RHEL 6 x64 on targets running RHEL 6 x64. Initiate Install HP Management Agents for RHEL 5 x64 on targets running RHEL 5 x64. Initiate Install HP Management Agents for Windows x86/x64 on targets running Windows.
HP Insight Control server deployment users with v7.2.2:
Please upgrade to Insight Control server deployment v7.3.1 and follow the steps below for v7.3.1.
HP Insight Control server deployment users with v7.3.1:
Perform steps 1 - 4 as outlined above for users with HP Insight Control server deployment v7.1.2, v7.2.0, and v7.2.1. Download the HP SUM ZIP file from http://www.hp.com/swpublishing/MTX-f6c141a7feeb4a358bbb28300f
Extract the contents from the HP SUM ZIP file to \eXpress\hpfeatures\fw-proLiant\components location on the Insight Control server deployment server
Related security bulletins:
For System Management Homepage please see Security bulletin HPSBMU03051 https ://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c04 345210
For HP Version Control Agent please see Security bulletin HPSBMU03057 https:/ /h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c0434 9897
HISTORY Version:1 (rev.1) - 8 August 2014 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2014 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux)
iEYEARECAAYFAlPk9ewACgkQ4B86/C0qfVn1/gCfR2U/mZZXYwPms9ptZcBTua/5 MoQAn1qlQ3kmLRs7YFN5GzwBTRfSK5Go =r0qe -----END PGP SIGNATURE----- . ============================================================================ Ubuntu Security Notice USN-2232-2 June 12, 2014
openssl regression
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 LTS
- Ubuntu 13.10
- Ubuntu 12.04 LTS
Summary:
USN-2232-1 introduced a regression in OpenSSL.
Software Description: - openssl: Secure Socket Layer (SSL) cryptographic library and tools
Details:
USN-2232-1 fixed vulnerabilities in OpenSSL. The upstream fix for CVE-2014-0224 caused a regression for certain applications that use tls_session_secret_cb, such as wpa_supplicant. This update fixes the problem.
Original advisory details:
J=C3=BCri Aedla discovered that OpenSSL incorrectly handled invalid DTLS fragments. This issue only affected Ubuntu 12.04 LTS, Ubuntu 13.10, and Ubuntu 14.04 LTS. (CVE-2014-0195) Imre Rad discovered that OpenSSL incorrectly handled DTLS recursions. (CVE-2014-0221) KIKUCHI Masashi discovered that OpenSSL incorrectly handled certain handshakes. A remote attacker could use this flaw to perform a man-in-the-middle attack and possibly decrypt and modify traffic. (CVE-2014-0224) Felix Gr=C3=B6bert and Ivan Fratri=C4=87 discovered that OpenSSL incorrectly handled anonymous ECDH ciphersuites. This issue only affected Ubuntu 12.04 LTS, Ubuntu 13.10, and Ubuntu 14.04 LTS. (CVE-2014-3470)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 14.04 LTS: libssl1.0.0 1.0.1f-1ubuntu2.3
Ubuntu 13.10: libssl1.0.0 1.0.1e-3ubuntu1.5
Ubuntu 12.04 LTS: libssl1.0.0 1.0.1-4ubuntu5.15
After a standard system update you need to reboot your computer to make all the necessary changes.
References: http://www.ubuntu.com/usn/usn-2232-2 http://www.ubuntu.com/usn/usn-2232-1 https://launchpad.net/bugs/1329297
Package Information: https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu2.3 https://launchpad.net/ubuntu/+source/openssl/1.0.1e-3ubuntu1.5 https://launchpad.net/ubuntu/+source/openssl/1.0.1-4ubuntu5.15 .
OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL communications, and consequently hijack sessions or obtain sensitive information, via a crafted TLS handshake, aka the CCS Injection vulnerability (CVE-2014-0224).
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0221 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470 http://www.openssl.org/news/secadv_20140605.txt
Updated Packages:
Mandriva Enterprise Server 5: ef1687f8f4d68dd34149dbb04f3fccda mes5/i586/libopenssl0.9.8-0.9.8h-3.18mdvmes5.2.i586.rpm 3e46ee354bd0add0234eaf873f0a076c mes5/i586/libopenssl0.9.8-devel-0.9.8h-3.18mdvmes5.2.i586.rpm 0cc60393474d11a3786965d780e39ebc mes5/i586/libopenssl0.9.8-static-devel-0.9.8h-3.18mdvmes5.2.i586.rpm 16d367fe394b2f16b9f022ea7ba75a54 mes5/i586/openssl-0.9.8h-3.18mdvmes5.2.i586.rpm 223a4a6b80f1b2eb3cbfaf99473423f3 mes5/SRPMS/openssl-0.9.8h-3.18mdvmes5.2.src.rpm
Mandriva Enterprise Server 5/X86_64: 85a51b41a45f6905ea778347d8b236c1 mes5/x86_64/lib64openssl0.9.8-0.9.8h-3.18mdvmes5.2.x86_64.rpm d0bf9ef6c6e33d0c6158add14cbe04b8 mes5/x86_64/lib64openssl0.9.8-devel-0.9.8h-3.18mdvmes5.2.x86_64.rpm 707842b93162409157667f696996f4fc mes5/x86_64/lib64openssl0.9.8-static-devel-0.9.8h-3.18mdvmes5.2.x86_64.rpm 70f4de1608d99c970afa1786595a761d mes5/x86_64/openssl-0.9.8h-3.18mdvmes5.2.x86_64.rpm 223a4a6b80f1b2eb3cbfaf99473423f3 mes5/SRPMS/openssl-0.9.8h-3.18mdvmes5.2.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201406-0117",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "enterprise linux",
"scope": "eq",
"trust": 1.6,
"vendor": "redhat",
"version": "5"
},
{
"model": "storage",
"scope": "eq",
"trust": 1.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "2.3"
},
{
"model": "openssl",
"scope": "lt",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8za"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "openssl",
"scope": "lt",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0m"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "*"
},
{
"model": "openssl",
"scope": "gte",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0"
},
{
"model": "openssl",
"scope": "gte",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "20"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"model": "leap",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "42.1"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "19"
},
{
"model": "linux enterprise software development kit",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"model": "mariadb",
"scope": "lt",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.0.13"
},
{
"model": "openssl",
"scope": "lt",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1h"
},
{
"model": "mariadb",
"scope": "gte",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.0.0"
},
{
"model": "linux enterprise workstation extension",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "13.2"
},
{
"model": "bladecenter advanced management module 3.66e",
"scope": null,
"trust": 0.9,
"vendor": "ibm",
"version": null
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.9,
"vendor": "redhat",
"version": "6"
},
{
"model": "fedora",
"scope": null,
"trust": 0.8,
"vendor": "fedora",
"version": null
},
{
"model": "api management",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "3.0 (ibm pureapplication system and xen)"
},
{
"model": "api management",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "3.0 (vmware)"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7 release 7.6.0 sp3"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7 release 7.7.0 sp3"
},
{
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "patient hub 10.0"
},
{
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "provider hub 10.0"
},
{
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "standard/advanced edition 11.0"
},
{
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "standard/advanced edition 11.3"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "10.0"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "9.2"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "9.5"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "9.7"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "patient hub 9.5"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "patient hub 9.7"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "provider hub 9.5"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "provider hub 9.7"
},
{
"model": "mobile messaging \u0026 m2m",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "client pack (linux and windows for platforms eclipse paho mqtt c client library ) of support pac ma9b"
},
{
"model": "sdk,",
"scope": "lte",
"trust": 0.8,
"vendor": "ibm",
"version": "for node.js 1.1.0.3"
},
{
"model": "security access manager for mobile the appliance",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "security access manager for web the appliance",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "security access manager for web the appliance",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "smartcloud orchestrator",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "2.3"
},
{
"model": "smartcloud orchestrator",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "2.3 fp1"
},
{
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "2.1 for ibm provided software virtual appliance"
},
{
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "2.3 fp1"
},
{
"model": "tivoli management framework",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "4.1.1 (linux-ix86 and linux-s390)"
},
{
"model": "tivoli workload scheduler",
"scope": "lte",
"trust": 0.8,
"vendor": "ibm",
"version": "distributed 8.4.0 fp07"
},
{
"model": "tivoli workload scheduler",
"scope": "lte",
"trust": 0.8,
"vendor": "ibm",
"version": "distributed 8.5.0 fp04"
},
{
"model": "tivoli workload scheduler",
"scope": "lte",
"trust": 0.8,
"vendor": "ibm",
"version": "distributed 8.5.1 fp05"
},
{
"model": "tivoli workload scheduler",
"scope": "lte",
"trust": 0.8,
"vendor": "ibm",
"version": "distributed 8.6.0 fp03"
},
{
"model": "tivoli workload scheduler",
"scope": "lte",
"trust": 0.8,
"vendor": "ibm",
"version": "distributed 9.1.0 fp01"
},
{
"model": "tivoli workload scheduler",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "distributed 9.2.0 ga level"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.1 (linux and windows for platforms paho mqtt c client library )"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.5 (linux and windows for platforms paho mqtt c client library )"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "for hp nonstop server 5.3.1"
},
{
"model": "tivoli composite application manager",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "for transactions 7.2"
},
{
"model": "tivoli composite application manager",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "for transactions 7.3"
},
{
"model": "tivoli composite application manager",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "for transactions 7.4"
},
{
"model": "openssl",
"scope": "lt",
"trust": 0.8,
"vendor": "openssl",
"version": "0.9.8 thats all 0.9.8za"
},
{
"model": "openssl",
"scope": "lt",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.0 thats all 1.0.0m"
},
{
"model": "openssl",
"scope": "lt",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.1 thats all 1.0.1h"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "10.7.5"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "10.8.5"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "10.9 to 10.9.4"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "10.7.5"
},
{
"model": "virtualization",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "of oracle secure global desktop 4.63"
},
{
"model": "virtualization",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "of oracle secure global desktop 4.71"
},
{
"model": "virtualization",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "of oracle secure global desktop 5.0"
},
{
"model": "virtualization",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "of oracle secure global desktop 5.1"
},
{
"model": "vm virtualbox",
"scope": "lt",
"trust": 0.8,
"vendor": "oracle",
"version": "3.2.24"
},
{
"model": "vm virtualbox",
"scope": "lt",
"trust": 0.8,
"vendor": "oracle",
"version": "4.0.26"
},
{
"model": "vm virtualbox",
"scope": "lt",
"trust": 0.8,
"vendor": "oracle",
"version": "4.1.34"
},
{
"model": "vm virtualbox",
"scope": "lt",
"trust": 0.8,
"vendor": "oracle",
"version": "4.2.26"
},
{
"model": "vm virtualbox",
"scope": "lt",
"trust": 0.8,
"vendor": "oracle",
"version": "4.3.14"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "storage",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1"
},
{
"model": "l20/300",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "lto6 drive",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "lx/30a",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "integrated system ha database ready",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "symfoware",
"scope": "eq",
"trust": 0.8,
"vendor": "fujitsu",
"version": "analytics server"
},
{
"model": "symfoware",
"scope": "eq",
"trust": 0.8,
"vendor": "fujitsu",
"version": "server"
},
{
"model": "project openssl 1.0.0a",
"scope": null,
"trust": 0.6,
"vendor": "openssl",
"version": null
},
{
"model": "one-x mobile sip for ios",
"scope": "eq",
"trust": 0.6,
"vendor": "avaya",
"version": "6.2.2"
},
{
"model": "project openssl 0.9.8m",
"scope": null,
"trust": 0.6,
"vendor": "openssl",
"version": null
},
{
"model": "one-x mobile sip for ios",
"scope": "eq",
"trust": 0.6,
"vendor": "avaya",
"version": "6.2.5"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "0.9.8v"
},
{
"model": "one-x mobile sip for ios",
"scope": "eq",
"trust": 0.6,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "project openssl 0.9.8n",
"scope": null,
"trust": 0.6,
"vendor": "openssl",
"version": null
},
{
"model": "one-x mobile sip for ios",
"scope": "eq",
"trust": 0.6,
"vendor": "avaya",
"version": "6.2.3"
},
{
"model": "one-x mobile sip for ios",
"scope": "eq",
"trust": 0.6,
"vendor": "avaya",
"version": "6.2.4"
},
{
"model": "one-x mobile sip for ios",
"scope": "eq",
"trust": 0.6,
"vendor": "avaya",
"version": "6.2.1"
},
{
"model": "project openssl 0.9.8o",
"scope": null,
"trust": 0.6,
"vendor": "openssl",
"version": null
},
{
"model": "storevirtual 1tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3.3"
},
{
"model": "chrome for android",
"scope": "ne",
"trust": 0.3,
"vendor": "google",
"version": "35.0.1916.141"
},
{
"model": "tandberg mxp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8800"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.6"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5600v210.1"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"model": "arx",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "6.1"
},
{
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.1.0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.6.1"
},
{
"model": "cp1543-1",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "computer telephony integration object server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ace application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "i v5r3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "proventia network security controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.470"
},
{
"model": "project openssl 1.0.0g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.1.3"
},
{
"model": "clustered data ontap antivirus connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3"
},
{
"model": "point software check point security gateway r71",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.0"
},
{
"model": "9.1-release-p15",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "upward integration modules for vmware vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.7"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "vpn client v100r001c02spc702",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "api management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "34.0"
},
{
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.1"
},
{
"model": "one-x communicator for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "31005.1.2"
},
{
"model": "release-p4",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.1"
},
{
"model": "manageone v100r002c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0"
},
{
"model": "firepass",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "6.0"
},
{
"model": "tivoli workload scheduler distributed ga level",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.2.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "10.0-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"model": "prime access registrar appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual vsa software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "12.6"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"model": "tivoli netcool/system service monitor fp11",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "agile controller v100r001c00spc200",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl 1.0.0h",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "9.1--releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "smart update manager for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.3.5"
},
{
"model": "mds switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "client applications",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.3"
},
{
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.6"
},
{
"model": "telepresence tx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.2.2"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "cerberus",
"version": "7.0.0.2"
},
{
"model": "db2 workgroup server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.5"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.211"
},
{
"model": "updatexpress system packs installer",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.61"
},
{
"model": "usg5000 v300r001c10sph201",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.3"
},
{
"model": "project openssl 0.9.8y",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "asg2000 v100r001c10sph001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "client applications",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.0"
},
{
"model": "vsm v200r002c00spc503",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"model": "big-ip edge gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "3.1.4"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32200"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "security access manager for web appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "s5900 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "watson explorer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0"
},
{
"model": "documentum content server p05",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"model": "jabber video for telepresence",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.5"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "tivoli workload scheduler distributed fp05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"model": "tivoli workload scheduler distributed fp01",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.0"
},
{
"model": "data ontap smi-s agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1"
},
{
"model": "snapdrive for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2"
},
{
"model": "10.0-rc3-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "one-x communicator for mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "x1.0.5"
},
{
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3200"
},
{
"model": "s2750\u0026s5700\u0026s6700 v100r006",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "linerate",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "1.6.1"
},
{
"model": "storevirtual 3tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "ssl for openvms",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.4-453"
},
{
"model": "security network intrusion prevention system gx5208-v2",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"model": "9.2-release-p7",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "advanced settings utility",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.60"
},
{
"model": "9.1-release-p11",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "automation stratix",
"scope": "ne",
"trust": 0.3,
"vendor": "rockwell",
"version": "590015.6.3"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.5"
},
{
"model": "nexus series fabric extenders",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "20000"
},
{
"model": "intelligencecenter",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "3.2"
},
{
"model": "project openssl 1.0.1f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "storevirtual 600gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3.2"
},
{
"model": "documentum content server p02",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"model": "upward integration modules for microsoft system center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "big-iq cloud",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"model": "communicator for android",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "oncommand workflow automation",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "enterprise manager",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "3.0"
},
{
"model": "desktop collaboration experience dx650",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "automation stratix",
"scope": "eq",
"trust": 0.3,
"vendor": "rockwell",
"version": "59000"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "big-iq security",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"model": "storevirtual hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433511.5"
},
{
"model": "communicator for android",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0.2"
},
{
"model": "client applications",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.2"
},
{
"model": "telepresence system series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "one-x communicator for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.9"
},
{
"model": "tivoli workload scheduler for applications fp02",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4"
},
{
"model": "enterprise manager",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "3.1"
},
{
"model": "storevirtual hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.5"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.5"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "41005.1.21"
},
{
"model": "storevirtual vsa software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "12.0"
},
{
"model": "telepresence ip gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "open systems snapvault 3.0.1p6",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "smart update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3.0"
},
{
"model": "key",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "0"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "51005.2"
},
{
"model": "worklight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.0"
},
{
"model": "tivoli netcool/system service monitor fp13",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "9.3-beta1-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"model": "tandberg mxp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7700"
},
{
"model": "client applications",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "cloudburst",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.0"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.1"
},
{
"model": "operations orchestration",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.05"
},
{
"model": "firepass",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "6.1"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50000"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.6"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.1"
},
{
"model": "ddos secure",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "5.14.1-1"
},
{
"model": "9.3-beta1-p2",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"model": "vsm v200r002c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "powervu d9190 comditional access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 3tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "i v5r3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "10.0-release-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"model": "security network intrusion prevention system gx5008",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "storevirtual china hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.5"
},
{
"model": "softco v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "s2700\u0026s3700 v100r006c05+v100r06h",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "oceanstor s6800t v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 4tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "telepresence mcu series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "asg2000 v100r001c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "idp 5.1r4",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security network intrusion prevention system gx4004",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "security network intrusion prevention system gv1000",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "nac manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "db2 connect unlimited advanced edition for system z",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.5"
},
{
"model": "smc2.0 v100r002c01b017sp17",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "463012.6"
},
{
"model": "one-x communicator for mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "x1.0.4"
},
{
"model": "tivoli workload scheduler distributed",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89450"
},
{
"model": "icewall sso dfw",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.0"
},
{
"model": "usg2000 v300r001c10sph201",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.9"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.5"
},
{
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.2"
},
{
"model": "enterprise content management system monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "storevirtual 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2.6"
},
{
"model": "ecns600 v100r002c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "espace u19** v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl 1.0.0c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "sbr carrier",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.5"
},
{
"model": "spa112 2-port phone adapter",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "universal small cell series software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70003.4.20"
},
{
"model": "oceanstor s5600t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "one-x communicator for mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "x1.0.2"
},
{
"model": "db2 connect enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.5"
},
{
"model": "storevirtual china hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.5"
},
{
"model": "psb email and server security",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "10.00"
},
{
"model": "toolscenter suite",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.53"
},
{
"model": "unified communications series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"model": "8.4-release-p12",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "netcool/system service monitor fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.014"
},
{
"model": "bbm for android",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "0"
},
{
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.6.0"
},
{
"model": "tivoli management framework",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.1"
},
{
"model": "security information and event management hf11",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.3.2"
},
{
"model": "operations orchestration",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.02"
},
{
"model": "snapdrive for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.12"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.4"
},
{
"model": "linerate",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.2.1"
},
{
"model": "aura experience portal sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "one-x communicator for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.5"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6.5"
},
{
"model": "storevirtual 3tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "3.1.12"
},
{
"model": "tivoli netcool/system service monitor fp9",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "communicator for ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0.1"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.3"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "svn2200 v200r001c01hp0001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual fc 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "db2 connect application server advanced edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"model": "usg9500 v300r001c01spc300",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.7"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.2"
},
{
"model": "client applications",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1"
},
{
"model": "storevirtual 1tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "storevirtual 450gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "open systems snapvault",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.6"
},
{
"model": "8.4-release-p4",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "storevirtual 1tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "arx",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "6.2"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "ecns610 v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "9.2-release-p8",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "protection service for email",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "7.5"
},
{
"model": "proventia network security controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.913"
},
{
"model": "oceanstor s5600t v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "espace iad v300r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "telepresence server on virtual machine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "db2 connect application server edition fp7",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.5"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.5-2"
},
{
"model": "big-ip wom",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"model": "open systems snapvault",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.6.1"
},
{
"model": "oceanstor s5800t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.2"
},
{
"model": "security network intrusion prevention system gx4002",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "oceanstor s5800t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "vdi communicator",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0.2"
},
{
"model": "operations orchestration",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.7.4"
},
{
"model": "icewall sso dfw r3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0"
},
{
"model": "release-p5",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.1"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.7.0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.2"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.2"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.25"
},
{
"model": "storevirtual 3tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "tandberg mxp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9900"
},
{
"model": "d9036 modular encoding platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "10.0-rc1-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.0.92743"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "tivoli netcool/system service monitor fp7",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "sterling b2b integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "icewall mcrp",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"model": "guardium database activity monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "31.0.1650.59"
},
{
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.2.1"
},
{
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "project openssl 0.9.8s",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "telepresence serial gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linerate",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "1.6"
},
{
"model": "elog v100r003c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2"
},
{
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.3.0"
},
{
"model": "ata series analog telephone adaptor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1900"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.5"
},
{
"model": "flare experience for ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.2.1"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89610"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "storevirtual hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.5"
},
{
"model": "worklight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.1"
},
{
"model": "9.2-prerelease",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "prime lan management solution",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cms r17ac.h",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "storevirtual 1tb mdl china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "db2 enterprise server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "db2 connect application server advanced edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.5"
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.0.10"
},
{
"model": "ucs central",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "dynamic system analysis",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.60"
},
{
"model": "s7700\u0026s9700 v200r003",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "1.0.6"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.3"
},
{
"model": "freedome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "0"
},
{
"model": "proventia network security controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1768"
},
{
"model": "nac guest server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "dsr-1000n 1.09.b61",
"scope": "ne",
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "simatic wincc oa p002",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "3.12"
},
{
"model": "unity connection",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.1"
},
{
"model": "oceanstor s2200t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "icewall sso dfw r1",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0"
},
{
"model": "db2 advanced enterprise server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.5"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.1"
},
{
"model": "db2 express edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "security enterprise scanner",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3"
},
{
"model": "spa232d multi-line dect ata",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "policy center v100r003c00spc305",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5600v19.7"
},
{
"model": "solaris",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1.20.5.0"
},
{
"model": "infosphere guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"model": "sbr carrier",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "ios software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "i v5r4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "ios xe software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32400"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1"
},
{
"model": "10.0-release-p5",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "oncommand unified manager core package",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1"
},
{
"model": "storevirtual 600gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413011.5"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "storevirtual 2tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "anyconnect secure mobility client for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "dsr-500n 1.09.b61",
"scope": "ne",
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "unified contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance series ip camera",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40000"
},
{
"model": "anyconnect secure mobility client for desktop platforms",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "filenet system monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"model": "spa510 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "idp 4.1r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual vsa software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.5"
},
{
"model": "storevirtual 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "usg9500 v200r001c01sph902",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "data ontap smi-s agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "enterprise linux server eus 6.5.z",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "business server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "1"
},
{
"model": "prime performance manager for sps",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 4tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "clustered data ontap antivirus connector",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.2"
},
{
"model": "s7700\u0026s9700 v200r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "87100"
},
{
"model": "sterling file gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "s3900 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "collaboration services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "unified communications widgets click to call",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "softco v100r003",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "telepresence t series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified attendant console advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "cerberus",
"version": "7.0.0.1"
},
{
"model": "proventia network security controller 1.0.3352m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5600v310.1"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10000"
},
{
"model": "fastsetup",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.11"
},
{
"model": "flare experience for ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.2"
},
{
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32100"
},
{
"model": "db2 connect unlimited edition for system i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.5"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1"
},
{
"model": "tivoli workload scheduler distributed",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.5-3"
},
{
"model": "client applications",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.1"
},
{
"model": "jabber for ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security information and event management",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.4"
},
{
"model": "security network intrusion prevention system gx5208",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.14"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "operations analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2.4"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.213"
},
{
"model": "upward integration modules for microsoft system center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "manageone v100r001c02",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "one-x communicator for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.7"
},
{
"model": "storevirtual 1tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "tivoli netcool/system service monitor fp2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "s7700\u0026s9700 v100r006",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "31005.2"
},
{
"model": "point software check point security gateway r77",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "s6900 v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ucs b-series servers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.29"
},
{
"model": "linerate",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.2"
},
{
"model": "client applications",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.28"
},
{
"model": "storevirtual hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.6"
},
{
"model": "universal small cell series software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50003.4.2.0"
},
{
"model": "big-iq device",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"model": "cloudburst",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "big-ip webaccelerator",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "10.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9"
},
{
"model": "documentum content server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "storevirtual 4tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "security analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "7.0"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "77109.7"
},
{
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.4.1"
},
{
"model": "guardium database activity monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "quantum policy suite",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "9.2-rc2-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "point software check point security gateway r70",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.0"
},
{
"model": "tivoli netcool/system service monitor fp10",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "463012.0"
},
{
"model": "storevirtual china hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.6"
},
{
"model": "telepresence mxp series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "infosphere balanced warehouse c4000",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "upward integration modules for vmware vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.2"
},
{
"model": "smart update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.4"
},
{
"model": "flare experience for ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.2.2"
},
{
"model": "communicator for ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "telepresence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70100"
},
{
"model": "srg1200\u00262200\u00263200 v100r002c02spc800",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.2"
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "infosphere guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.5"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.2"
},
{
"model": "prime data center network manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 1tb mdl china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "infosphere balanced warehouse d5100",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "cc v200r001c31",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "s12700 v200r005+v200r005hp0",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "xenmobile app controller",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "2.10"
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.0.10648"
},
{
"model": "xenmobile app controller",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "2.9"
},
{
"model": "oceanstor s5500t v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "software development kit",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual china hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.6"
},
{
"model": "security information and event management hf3",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.1.4"
},
{
"model": "documentum content server sp2 p13",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "enterprise server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "icewall sso dfw r2",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0"
},
{
"model": "agent desktop for cisco unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "messaging secure gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "7.1"
},
{
"model": "i v5r4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "smart update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0.0"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "s2750\u0026s5700\u0026s6700 v200r005+v200r005hp0",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "41005.1.2"
},
{
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "point software check point security gateway r75",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "anyconnect secure mobility client",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.3"
},
{
"model": "documentum content server sp2 p14",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.1"
},
{
"model": "ecns600 v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "web gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.4.2.1"
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.3"
},
{
"model": "jabber voice for iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "9.3-prerelease",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "unified ip conference phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"model": "project openssl 1.0.0e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"model": "storevirtual 450gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "hardware management console release",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v77.8"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.5"
},
{
"model": "8.4-releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "infosphere balanced warehouse c3000",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "big-ip edge gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "security network intrusion prevention system gx7800",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "security manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"model": "storevirtual 1tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "storevirtual hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.0"
},
{
"model": "operations orchestration",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.03"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.2.0.9"
},
{
"model": "puredata system for operational analytics a1791",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "dsm v100r002c05spc615",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl 0.9.8t",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "vdi communicator",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "hosted collaboration mediation fulfillment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip edge gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "10.1"
},
{
"model": "icewall sso certd r3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "storevirtual vsa software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "12.5"
},
{
"model": "paging server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "data ontap smi-s agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.2"
},
{
"model": "ace application control engine module ace20",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"model": "hyperdp oceanstor n8500 v200r001c09",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.2"
},
{
"model": "agent desktop for cisco unified contact center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11000"
},
{
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "14.04"
},
{
"model": "ape",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "hyperdp v200r001c91spc201",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "unified attendant console",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "dsr-500 1.09.b61",
"scope": "ne",
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "s3900 v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "oceanstor s5600t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 2tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "ace application control engine module ace10",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5600v110.1"
},
{
"model": "rox",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "20"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "tivoli workload scheduler distributed fp07",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4"
},
{
"model": "smart update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3.1"
},
{
"model": "manageone v100r002c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "463011.5"
},
{
"model": "arx",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "6.4"
},
{
"model": "esight-ewl v300r001c10spc300",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ave2000 v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1"
},
{
"model": "tivoli workload scheduler distributed fp02",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"model": "telepresence integrator c series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.1"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"model": "usg9300 v200r001c01sph902",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "anyoffice v200r002c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "digital media players series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "43000"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"model": "big-ip wom",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "31005.1.1"
},
{
"model": "bbm for android",
"scope": "ne",
"trust": 0.3,
"vendor": "rim",
"version": "2.2.1.40"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "13.10"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.0.0"
},
{
"model": "snapdrive for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.1"
},
{
"model": "usg9500 usg9500 v300r001c20",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "espace u2990 v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip edge gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "telepresence isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32410"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.2.3"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.4.0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.8"
},
{
"model": "telepresence ex series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "one-x mobile ces for iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"model": "big-ip webaccelerator",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.00"
},
{
"model": "oceanstor s6800t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "manageone v100r001c02 spc901",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "security information and event management",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.2"
},
{
"model": "oceanstor s2600t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "email and server security",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "11.00"
},
{
"model": "psb email and server security",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "9.20"
},
{
"model": "isoc v200r001c02spc202",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "9000"
},
{
"model": "storevirtual 2tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "9.2-release-p4",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "ons series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154000"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.2"
},
{
"model": "unified intelligent contact management enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webapp secure",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "anyconnect secure mobility client for ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "9.1-release-p14",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.1-release-p3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3"
},
{
"model": "aura system manager sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "policy center v100r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "colorqube ps",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "88704.76.0"
},
{
"model": "updatexpress system packs installer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.60"
},
{
"model": "video surveillance 4300e/4500e high-definition ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smart update manager",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "6.4.1"
},
{
"model": "one-x communicator for mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "x1.0"
},
{
"model": "big-ip edge gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "watson explorer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.3"
},
{
"model": "jabber video for ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ctpos 6.6r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.5"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2.2"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "51005.1"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "webex connect client for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.12"
},
{
"model": "cognos planning fp3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"model": "email and server security",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "10.00"
},
{
"model": "softco v200r001c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.6"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "5.1"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "flare experience for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1.2"
},
{
"model": "agile controller v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "nip2000\u00265000 v100r002c10hp0001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "tapi service provider",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence isdn gw mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83210"
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smc2.0 v100r002c01b017sp16",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "big-ip wom",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "blackberry link",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "1.2"
},
{
"model": "one-x mobile ces for android",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "physical access gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "session border controller enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89410"
},
{
"model": "project openssl 0.9.8u",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "isoc v200r001c01spc101",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "5000"
},
{
"model": "prime network registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "watson explorer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.0"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3.1"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "31005.1"
},
{
"model": "security access manager for web appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.1"
},
{
"model": "10.0-beta",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "documentum content server p06",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "project openssl 1.0.0d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "prime network analysis module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6"
},
{
"model": "project openssl 1.0.1e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"model": "isoc v200r001c00spc202",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "3000"
},
{
"model": "small business isa500 series integrated security appliances",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "flare experience for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1.1"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.28"
},
{
"model": "storevirtual hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433511.5"
},
{
"model": "systems insight manager 7.3.0a",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"model": "9.1-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.1"
},
{
"model": "idp 4.1r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "usg9500 usg9500 v300r001c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "tandberg codian mse model",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83200"
},
{
"model": "uma v200r001c00spc200",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip webaccelerator",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "isoc v200r001c00",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "3000"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "big-iq security",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "4.1"
},
{
"model": "simatic wincc oa",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "3.12"
},
{
"model": "eupp v100r001c10spc002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "rox",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "10"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.8"
},
{
"model": "operations orchestration",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.0"
},
{
"model": "db2 connect application server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "5.0"
},
{
"model": "9.1-rc2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "rational application developer for websphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "stunnel",
"scope": "ne",
"trust": 0.3,
"vendor": "stunnel",
"version": "5.02"
},
{
"model": "big-iq cloud",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"model": "sbr carrier",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.6"
},
{
"model": "flex system fc5022",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.0"
},
{
"model": "storevirtual china hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433511.5"
},
{
"model": "oceanstor s5500t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "videoscape anyres live",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "storevirtual 450gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "documentum content server p07",
"scope": "ne",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"model": "wag310g wireless-g adsl2+ gateway with voip",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.4"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"model": "jabber for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified wireless ip phone series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "29200"
},
{
"model": "one-x mobile for blackberry",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "storevirtual 1tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "ida pro",
"scope": "eq",
"trust": 0.3,
"vendor": "hex ray",
"version": "6.5"
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "31.0"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"model": "upward integration modules for vmware vsphere",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5"
},
{
"model": "prime optical for sps",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.2"
},
{
"model": "9.2-rc2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "flare experience for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1.5"
},
{
"model": "icewall sso agent option",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.02007"
},
{
"model": "open systems snapvault",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "security network intrusion prevention system gx4004-v2",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "documentum content server",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "smart call home",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "oncommand unified manager core package",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "project openssl beta5",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.0"
},
{
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.0"
},
{
"model": "big-ip wom",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "10.0"
},
{
"model": "firepass",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "7.0"
},
{
"model": "storevirtual 3tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "linerate",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.2.4"
},
{
"model": "ecns610 v100r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.3"
},
{
"model": "documentum content server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "18.0.1025308"
},
{
"model": "storevirtual china hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433511.5"
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "32.0.1700.99"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.13"
},
{
"model": "hardware management console release",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v77.9"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"model": "8.4-release-p8",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "colorqube ps",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "85704.76.0"
},
{
"model": "oceanstor s6800t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip edge gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "snapdrive for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "33.0"
},
{
"model": "project openssl 0.9.8m beta1",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"model": "project openssl 0.9.8q",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.11"
},
{
"model": "manageone v100r002c10 spc320",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "svn2200 v200r001c01spc600",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "rational application developer for websphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.0.1"
},
{
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "safe profile",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "0"
},
{
"model": "jabber software development kit",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip webaccelerator",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "db2 advanced workgroup server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.5"
},
{
"model": "ssl for openvms",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.4-467"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"model": "flare experience for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1.4"
},
{
"model": "big-iq security",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "4.0"
},
{
"model": "eupp v100r001c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2"
},
{
"model": "security network intrusion prevention system gx6116",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "13000"
},
{
"model": "linerate",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.2.3"
},
{
"model": "uma-db v2r1coospc101",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "security information and event management hf6",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.2.2"
},
{
"model": "project openssl 0.9.8g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "telepresence exchange system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cms r17",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "usg9300 usg9300 v100r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "7"
},
{
"model": "sterling file gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"model": "oncommand unified manager core package 5.2.1p1",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7600-"
},
{
"model": "espace u2990 v200r001c02",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 3tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "9.1-release-p7",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "dsr-1000n rev. a1",
"scope": null,
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "svn5500 v200r001c01spc600",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.2.0.1055"
},
{
"model": "tivoli netcool/system service monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "snapdrive for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.2"
},
{
"model": "jabber voice for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "onepk all-in-one vm",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "idp 4.2r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-ip webaccelerator",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "db2 developer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.5"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "linerate",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "1.6.3"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"model": "tivoli netcool/system service monitor fp6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "8.4-rc1-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "isoc v200r001c02",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "9000"
},
{
"model": "big-ip wom",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "security information and event management",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.1"
},
{
"model": "10.0-release-p4",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"model": "ddos secure",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.1"
},
{
"model": "tivoli storage flashcopy manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "security network intrusion prevention system gx5108",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "storevirtual fc 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "db2 enterprise server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.5"
},
{
"model": "tivoli workload scheduler for applications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.03"
},
{
"model": "storevirtual 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "i v5r3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "hardware management console release",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v77.7"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.2"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"model": "idp series 5.1r4",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8x"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.23"
},
{
"model": "logcenter v200r003c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "dynamic system analysis",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.61"
},
{
"model": "db2 express edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.5"
},
{
"model": "telepresence supervisor mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "80500"
},
{
"model": "infosphere master data management server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.3"
},
{
"model": "storevirtual 3tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "watson explorer",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.4"
},
{
"model": "s7700\u0026s9700 v200r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "flare experience for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1"
},
{
"model": "application networking manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "oceanstor s2600t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "tivoli workload scheduler distributed fp03",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "project openssl 1.0.1h",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "9.2-rc1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.2.0"
},
{
"model": "jabber for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.3"
},
{
"model": "telepresence video communication server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "3.1.10"
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1.0.2354"
},
{
"model": "one-x communicator for mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "x1.0.3"
},
{
"model": "enterprise manager",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "2.1"
},
{
"model": "db2 purescale feature",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "big-iq security",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.1"
},
{
"model": "project openssl 1.0.0f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "db2 express edition fp7",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.5"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "99710"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"model": "ftp server",
"scope": "ne",
"trust": 0.3,
"vendor": "cerberus",
"version": "7.0.0.3"
},
{
"model": "ata analog telephone adaptor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1870"
},
{
"model": "project openssl 1.0.0b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.1"
},
{
"model": "one-x communicator for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.2"
},
{
"model": "expressway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.6"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "57100"
},
{
"model": "storevirtual 1tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "proventia network security controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1209"
},
{
"model": "cognos business intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4.1"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.1.2"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.2"
},
{
"model": "clustered data ontap antivirus connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0"
},
{
"model": "point software check point security gateway r76",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "security information and event management ga",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.4.0"
},
{
"model": "big-ip edge gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.1"
},
{
"model": "tsm v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.5-1"
},
{
"model": "usg9500 v300r001c20sph102",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"model": "asa cx context-aware security",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 1.0.1d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "unified im and presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network intrusion prevention system gv200",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "wincc oa 3.12-p001-3.12-p008",
"scope": null,
"trust": 0.3,
"vendor": "siemens",
"version": null
},
{
"model": "elog v100r003c01spc503",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip edge gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "hardware management console release",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v77.6"
},
{
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3100"
},
{
"model": "big-ip wom",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "s5900 v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "s6900 v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.5"
},
{
"model": "storevirtual 3tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "storevirtual fc 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "fusionsphere v100r003",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "tsm v100r002c07spc219",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "one-x mobile lite for android",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "arx",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "6.1.1"
},
{
"model": "espace iad v300r002c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "documentum content server sp1 p28",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.24"
},
{
"model": "prime collaboration provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5"
},
{
"model": "big-iq cloud",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "4.0"
},
{
"model": "security network intrusion prevention system gx7412-10",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "9.2-rc3-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.5"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "s2750\u0026s5700\u0026s6700 v200r003",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"model": "unified series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "79000"
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"model": "aura experience portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "tivoli netcool/system service monitor fp3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "hyperdp v200r001c09spc501",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip webaccelerator",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "toolscenter suite",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.52"
},
{
"model": "telepresence",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "13100"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "project openssl 1.0.1b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.0k",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "usg2000 v300r001c10spc200",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 600gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.5"
},
{
"model": "one-x communicator for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "6"
},
{
"model": "10.0-stable",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.7"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"model": "big-ip wom",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10500"
},
{
"model": "flare experience for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1.3"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "8.4-release-p7",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "operations analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "clustered data ontap antivirus connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "aura utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.6"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip wom",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "db2 workgroup server edition fp7",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.5"
},
{
"model": "svn5500 v200r001c01hp0001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.0"
},
{
"model": "9.1-releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "agent desktop for cisco unified contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vdi communicator",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0.3"
},
{
"model": "oceanstor s5500t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "one-x communicator for mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "x1.0.1"
},
{
"model": "telepresence profile series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "espace iad v300r001c07",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "9.2-rc1-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.5"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.7"
},
{
"model": "dsr-1000 rev. a1",
"scope": null,
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.4"
},
{
"model": "db2 connect unlimited advanced edition for system z",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "linerate",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "1.6.2"
},
{
"model": "one-x communicator for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.1"
},
{
"model": "one-x mobile lite for iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "documentum content server sp2 p16",
"scope": "ne",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.9"
},
{
"model": "storevirtual 1tb mdl china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "proactive network operations center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "algo audit and compliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0.2"
},
{
"model": "project openssl 0.9.8f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "9.1-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "ip video phone e20",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"model": "storevirtual 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "mate products",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 1.0.1a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "one-x communicator for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.4"
},
{
"model": "storevirtual 4tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "3.1.9"
},
{
"model": "srg1200\u00262200\u00263200 v100r002c02hp0001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.2"
},
{
"model": "security network intrusion prevention system gx3002",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "big-ip wom",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "db2 connect enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "56000"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "messaging secure gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "7.5"
},
{
"model": "jabber guest",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "8.4-release-p9",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "77009.7"
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "s2750\u0026s5700\u0026s6700 v200r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "espace u19** v100r001c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "content security management appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3.1"
},
{
"model": "uma v200r001c00spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.4"
},
{
"model": "telepresence content server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "oceanstor s6800t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl 0.9.8w",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "digital media players series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44000"
},
{
"model": "vdi communicator",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0.1"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "project openssl 1.0.1g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.4"
},
{
"model": "storevirtual 600gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.6"
},
{
"model": "ips",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "espace usm v100r001 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "idp series",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "storevirtual 1tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "oncommand unified manager core package",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5"
},
{
"model": "tivoli netcool/system service monitor fp12",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"model": "nexus switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "31640"
},
{
"model": "fusionsphere v100r003c10spc600",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "telepresence advanced media gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.0"
},
{
"model": "tivoli workload scheduler distributed fp03",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6.0"
},
{
"model": "smc2.0 v100r002c01b025sp07",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "s2700\u0026s3700 v100r006",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl 0.9.8r",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "espace cc v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "protection service for email",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "7.1"
},
{
"model": "isoc v200r001c01",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "5000"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"model": "linerate",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.2.2"
},
{
"model": "project openssl beta4",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.0"
},
{
"model": "esight-ewl v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "hyperdp oceanstor n8500 v200r001c91",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "guardium database activity monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "storevirtual hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.0"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.11"
},
{
"model": "project openssl 1.0.0l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "9.1-release-p12",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "simatic wincc oa",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "3.8"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"model": "oic v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.3"
},
{
"model": "icewall sso dfw certd",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.0"
},
{
"model": "spa300 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "upward integration modules for microsoft system center",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5"
},
{
"model": "communicator for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "project openssl 0.9.8p",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "telepresence isdn link",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip webaccelerator",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.1"
},
{
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.4"
},
{
"model": "storevirtual fc 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.2"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.06"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ctpos 6.6r2",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.1"
},
{
"model": "big-ip webaccelerator",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "virtualization experience media engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jabber im for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"model": "small cell factory recovery root filesystem",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.99.4"
},
{
"model": "big-ip edge gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "cerberus",
"version": "7.0"
},
{
"model": "enterprise manager",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "2.3"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.4"
},
{
"model": "storevirtual china hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.0"
},
{
"model": "espace vtm v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "spa122 ata with router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"model": "infosphere guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "project openssl 1.0.1c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "32.0"
},
{
"model": "spa525 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "data ontap smi-s agent",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"model": "cp1543-1",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "1.1.25"
},
{
"model": "advanced settings utility",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.52"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.4.0"
},
{
"model": "oncommand workflow automation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"model": "algo audit and compliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.3.1"
},
{
"model": "espace u2980 v100r001c02",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "linerate",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.3"
},
{
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.4"
},
{
"model": "identity service engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "9.2-release-p3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "s12700 v200r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "8.4-release-p11",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "tivoli workload scheduler distributed fp04",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "oceanstor s2200t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.0"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "41005.1.1"
},
{
"model": "enterprise manager",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "3.1.1"
},
{
"model": "s7-1500",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "s2900 v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5600v39.7"
},
{
"model": "open source security information management",
"scope": "ne",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.10"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.6"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"model": "usg5000 v300r001c10spc200",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual china hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.0"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "51005.1.1"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.9"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.1.5.1"
},
{
"model": "stunnel",
"scope": "eq",
"trust": 0.3,
"vendor": "stunnel",
"version": "5.00"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"model": "one-x communicator for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.0.4"
},
{
"model": "one-x communicator for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.8"
},
{
"model": "s5900 v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "esight v2r3c10spc201",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.4"
},
{
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"model": "project openssl 0.9.8l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.13"
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "s3900 v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "adaptive security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "anyoffice emm",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "2.6.0601.0090"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ssl for openvms",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "1.4-476"
},
{
"model": "project openssl 1.0.0i",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "security network intrusion prevention system gx7412",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "big-iq device",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"model": "i v5r4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "storevirtual 1tb mdl china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "51005.1.21"
},
{
"model": "usg9500 usg9500 v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "s2750\u0026s5700\u0026s6700 v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "one-x communicator for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "rox",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "11.16"
},
{
"model": "enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "prime network services controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "oic v100r001c00spc402",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "documentum content server",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.0"
},
{
"model": "icewall sso dfw",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0"
},
{
"model": "s7700\u0026s9700 v200r005+v200r005hp0",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "9.2-releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "business server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "1x8664"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.010"
},
{
"model": "dsr-1000 1.09.b61",
"scope": "ne",
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.10"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "aura collaboration environment",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "tivoli storage flashcopy manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1.2"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "1.0.4"
},
{
"model": "vtm v100r001c30",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"model": "oceanstor s5500t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 2tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.4.1"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "99510"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "41005.1"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"model": "espace u2980 v100r001 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "cloudburst",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"model": "tivoli netcool/system service monitor fp8",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "watson explorer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1"
},
{
"model": "8.4-rc2-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.3"
},
{
"model": "one-x communicator for mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "x2.0.10"
},
{
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.2"
},
{
"model": "spa500 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "20500"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.4.1"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.1.5.2"
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1.0.1880"
},
{
"model": "db2 connect unlimited edition for system i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "8.4-stable",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "telepresence ip vcr series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence sx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "db2 connect unlimited edition for system z",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "documentum content server sp1 p26",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "18.0"
},
{
"model": "9.2-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.1.1"
},
{
"model": "tivoli netcool/system service monitor fp4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "project openssl 1.0.0j",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "eupp v100r001c01spc101",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.5"
},
{
"model": "ecns600 v100r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"model": "oceanstor s2600t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ssl for openvms",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.4-471"
},
{
"model": "communicator for android",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0.1"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.9"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5600v29.7"
},
{
"model": "security information and event management",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.3"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3"
},
{
"model": "arx",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "6.0"
},
{
"model": "aura presence services sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "db2 connect application server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.5"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "ave2000 v100r001c00sph001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "tivoli netcool/system service monitor fp5",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "documentum content server sp2 p15",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "tivoli workload scheduler for applications fp01",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "arx",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "6.3"
},
{
"model": "9.2-release-p5",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "10.0-rc2-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.4.13"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "31005.1.21"
},
{
"model": "one-x communicator for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.3"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "463012.5"
},
{
"model": "nac appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vpn client v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "metro ethernet series access devices",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12000"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "prime network",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "prime infrastructure",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ace application control engine appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "9.1-rc1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "stunnel",
"scope": "eq",
"trust": 0.3,
"vendor": "stunnel",
"version": "5.01"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "41005.2"
},
{
"model": "tivoli network manager ip edition fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.94"
},
{
"model": "project openssl 1.0.0m",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "dsr-500n rev. a1",
"scope": null,
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "security network intrusion prevention system gx5008-v2",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "ios xr software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413011.5"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.8.0"
},
{
"model": "nip2000\u00265000 v100r002c10spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "sterling b2b integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "33.0.1750.166"
},
{
"model": "eupp v100r001c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.0.3"
},
{
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"model": "dsr-500 rev. a1",
"scope": null,
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "guardium database activity monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.27"
},
{
"model": "oceanstor s5800t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1"
},
{
"model": "jabber for mac",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-iq cloud",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "4.1"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "unified series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "69000"
},
{
"model": "tivoli netcool/system service monitor fp1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "one-x communicator for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.6"
},
{
"model": "oceanstor s5600t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "db2 enterprise server edition fp7",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.5"
},
{
"model": "db2 connect unlimited edition for system z",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.5"
},
{
"model": "linerate",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.3.1"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "51005.1.2"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "unified communications manager session management edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance ptz ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "snapdrive for unix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"model": "client applications",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"model": "9.1-release-p10",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "security module for cisco network registar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "sbr carrier",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.0"
},
{
"model": "open systems snapvault",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"model": "project openssl 0.9.8za",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500-320"
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "35.0"
},
{
"model": "security network intrusion prevention system gx5108-v2",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.9"
},
{
"model": "s6900 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "db2 workgroup server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "proventia network security controller 1.0.3350m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "dsm v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "telepresence mx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"model": "css series content services switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "115000"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500-370"
},
{
"model": "tivoli workload scheduler distributed fp04",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"model": "oceanstor s5800t v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.10"
},
{
"model": "web gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2.10"
},
{
"model": "security network intrusion prevention system gx7412-05",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "icewall mcrp",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0"
},
{
"model": "storevirtual 450gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "s7700\u0026s9700 v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "9.3-beta1",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "security analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "7.1"
},
{
"model": "espace usm v100r001c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "67898"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002767"
},
{
"db": "CNNVD",
"id": "CNNVD-201406-081"
},
{
"db": "NVD",
"id": "CVE-2014-3470"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.0.0m",
"versionStartIncluding": "1.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.0.1h",
"versionStartIncluding": "1.0.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "0.9.8za",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:storage:2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.0.13",
"versionStartIncluding": "10.0.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-3470"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HP",
"sources": [
{
"db": "PACKETSTORM",
"id": "127362"
},
{
"db": "PACKETSTORM",
"id": "127213"
},
{
"db": "PACKETSTORM",
"id": "127266"
},
{
"db": "PACKETSTORM",
"id": "127807"
},
{
"db": "PACKETSTORM",
"id": "127265"
}
],
"trust": 0.5
},
"cve": "CVE-2014-3470",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2014-3470",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-3470",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201406-081",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2014-3470",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-3470"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002767"
},
{
"db": "CNNVD",
"id": "CNNVD-201406-081"
},
{
"db": "NVD",
"id": "CVE-2014-3470"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h, when an anonymous ECDH cipher suite is used, allows remote attackers to cause a denial of service (NULL pointer dereference and client crash) by triggering a NULL certificate value. Supplementary information : CWE Vulnerability type by CWE-476: NULL Pointer Dereference (NULL Pointer dereference ) Has been identified. OpenSSL is prone to a denial-of-service vulnerability. \nAn attacker may exploit this issue to crash the application, resulting in denial-of-service conditions. \nOpenSSL prior to 0.9.8za, 1.0.0m, and 1.0.1h are vulnerable. As long as all other products which SMH V7.3.3.1 for Linux\nx86 communicates with have been upgraded to the latest versions, it will not\nbe vulnerable to the exploits described in CVE-2014-0224. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nESA-2014-079: EMC Documentum Content Server Multiple Vulnerabilities \n\nEMC Identifier: ESA-2014-079\n\nCVE Identifier: See below for individual CVEs\n\nSeverity Rating: CVSS v2 Base Score: See below for individual CVSS score for each CVE\n\nAffected products: \n\\x95\tAll EMC Documentum Content Server versions of 7.1 prior to P07\n\\x95\tAll EMC Documentum Content Server versions of 7.0\n\\x95\tAll EMC Documentum Content Server versions of 6.7 SP2 prior to P16\n\\x95\tAll EMC Documentum Content Server versions of 6.7 SP1\n\\x95\tAll EMC Documentum Content Server versions prior to 6.7 SP1\n \nSummary: \nEMC Documentum Content Server contains fixes for multiple vulnerabilities which also include vulnerabilities disclosed by the OpenSSL project on June 5, 2014 in OpenSSL. \n\nDetails: \nEMC Documentum Content Server may be susceptible to the following vulnerabilities:\n\n\\x95\tArbitrary Code Execution (CVE-2014-4618):\nAuthenticated non-privileged users can potentially execute Documentum methods with higher level privileges (up to and including superuser privileges) due to improper authorization checks being performed on user-created system objects. \nCVSS v2 Base Score: 8.2 (AV:N/AC:M/Au:S/C:C/I:C/A:P)\n\n\\x95\tDQL Injection (CVE-2014-2520):\nCertain DQL hints in EMC Documentum Content Server may be potentially exploited by an authenticated non-privileged malicious user to conduct DQL injection attacks and read the database contents. This issue only affects Content Server running on Oracle database. \nCVSS v2 Base Score: 6.3 (AV:N/AC:M/Au:S/C:C/I:N/A:N)\n\n\\x95\tInformation Disclosure (CVE-2014-2521):\nAuthenticated non-privileged users are allowed to retrieve meta-data of unauthorized system objects due to improper authorization checks being performed on certain RPC commands in Content Server. \nCVSS v2 Base Score: 6.3 (AV:N/AC:M/Au:S/C:C/I:N/A:N)\n\n\\x95\tMultiple OpenSSL vulnerabilities (See individual CVEs below and refer to NVD for each of their scores):\n\tSSL/TLS Man-in-the-middle (MITM) vulnerability (CVE-2014-0224)\n\tDTLS recursion flaw (CVE-2014-0221)\n\tDTLS invalid fragment vulnerability (CVE-2014-0195)\n\tSSL_MODE_RELEASE_BUFFERS NULL pointer deference (CVE-2014-0198)\n\tSSL_MODE_RELEASE_BUFFERS session injection or denial of service (CVE-2010-5298)\n\tAnonymous ECDH denial of service (CVE-2014-3470)\n\tFLUSH + RELOAD cache side-channel attack (CVE-2014-0076)\nFor more information about these vulnerabilities, please visit the original OpenSSL advisory https://www.openssl.org/news/secadv_20140605.txt \n\nResolution: \nThe following versions contain the resolution for these issues: \n\\x95\tEMC Documentum Content Server version 7.1 P07 and later\n\\x95\tEMC Documentum Content Server version 7.0: Hotfixes are available for Windows \u0026 Linux. Contact EMC Support to obtain them. For Solaris and AIX, contact EMC Support to open Hotfix requests. \n\\x95\tEMC Documentum Content Server version 6.7 SP2 P16 and later\n\\x95\tEMC Documentum Content Server version 6.7 SP1: Hotfixes are available for Windows \u0026 Linux. Contact EMC Support to obtain them. For Solaris and AIX, contact EMC Support to open Hotfix requests. \n\nEMC recommends all customers to upgrade to one of the above versions at the earliest opportunity. \n\nLink to remedies:\nRegistered EMC Online Support customers can download patches and software from support.emc.com at: https://support.emc.com/downloads/2732_Documentum-Server\n\nFor Hotfix, contact EMC Support. \n\n\n\nRead and use the information in this EMC Security Advisory to assist in avoiding any situation that might arise from the problems described herein. If you have any questions regarding this product alert, contact EMC Software Technical Support at 1-877-534-2867. \n\nFor an explanation of Severity Ratings, refer to EMC Knowledgebase solution emc218831. EMC recommends all customers take into account both the base score and any relevant temporal and environmental scores which may impact the potential severity associated with particular security vulnerability. \n\nEMC Corporation distributes EMC Security Advisories, in order to bring to the attention of users of the affected EMC products, important security information. EMC recommends that all users determine the applicability of this information to their individual situations and take appropriate action. EMC disclaims all warranties, either express or implied, including the warranties of merchantability, fitness for a particular purpose, title and non-infringement. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages, so the foregoing limitation may not apply. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n[slackware-security] openssl (SSA:2014-156-03)\n\nNew openssl packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,\nand -current to fix security issues. \n\n\nHere are the details from the Slackware 14.1 ChangeLog:\n+--------------------------+\npatches/packages/openssl-1.0.1h-i486-1_slack14.1.txz: Upgraded. \n For more information, see:\n http://www.openssl.org/news/secadv_20140605.txt\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5298\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0195\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0198\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0221\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470\n (* Security fix *)\npatches/packages/openssl-solibs-1.0.1h-i486-1_slack14.1.txz: Upgraded. \n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated packages for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-0.9.8za-i486-1_slack13.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-solibs-0.9.8za-i486-1_slack13.0.txz\n\nUpdated packages for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-0.9.8za-x86_64-1_slack13.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-solibs-0.9.8za-x86_64-1_slack13.0.txz\n\nUpdated packages for Slackware 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-0.9.8za-i486-1_slack13.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-solibs-0.9.8za-i486-1_slack13.1.txz\n\nUpdated packages for Slackware x86_64 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-0.9.8za-x86_64-1_slack13.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-solibs-0.9.8za-x86_64-1_slack13.1.txz\n\nUpdated packages for Slackware 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-0.9.8za-i486-1_slack13.37.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-solibs-0.9.8za-i486-1_slack13.37.txz\n\nUpdated packages for Slackware x86_64 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-0.9.8za-x86_64-1_slack13.37.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-solibs-0.9.8za-x86_64-1_slack13.37.txz\n\nUpdated packages for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-1.0.1h-i486-1_slack14.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-solibs-1.0.1h-i486-1_slack14.0.txz\n\nUpdated packages for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-1.0.1h-x86_64-1_slack14.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-solibs-1.0.1h-x86_64-1_slack14.0.txz\n\nUpdated packages for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-1.0.1h-i486-1_slack14.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-solibs-1.0.1h-i486-1_slack14.1.txz\n\nUpdated packages for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-1.0.1h-x86_64-1_slack14.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-solibs-1.0.1h-x86_64-1_slack14.1.txz\n\nUpdated packages for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-1.0.1h-i486-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-1.0.1h-i486-1.txz\n\nUpdated packages for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/openssl-solibs-1.0.1h-x86_64-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssl-1.0.1h-x86_64-1.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 13.0 packages:\n634b8ecc8abc6d3f249b73d0fefa5959 openssl-0.9.8za-i486-1_slack13.0.txz\na2529f1243d42a3608f61b96236b5f60 openssl-solibs-0.9.8za-i486-1_slack13.0.txz\n\nSlackware x86_64 13.0 packages:\n2ddac651c5f2531f3a7f70d9f5823bd6 openssl-0.9.8za-x86_64-1_slack13.0.txz\nd7ffeb15713a587f642fbb3d5c310c75 openssl-solibs-0.9.8za-x86_64-1_slack13.0.txz\n\nSlackware 13.1 packages:\n0b84a6a1edf76cba83d4c52c54196baa openssl-0.9.8za-i486-1_slack13.1.txz\ndfd5d241b0e1703ae9d70d6ccda06179 openssl-solibs-0.9.8za-i486-1_slack13.1.txz\n\nSlackware x86_64 13.1 packages:\nbd749622577a5f76a59d90b95aa922fd openssl-0.9.8za-x86_64-1_slack13.1.txz\n35cf911dd9f0cc13f7f0056d9e1f4520 openssl-solibs-0.9.8za-x86_64-1_slack13.1.txz\n\nSlackware 13.37 packages:\n8f674defac9002c81265d284b1072f75 openssl-0.9.8za-i486-1_slack13.37.txz\n48ce79e7714cb0c823d2b6ea4a88ba51 openssl-solibs-0.9.8za-i486-1_slack13.37.txz\n\nSlackware x86_64 13.37 packages:\nefa09162c22782c15806bca99472c5be openssl-0.9.8za-x86_64-1_slack13.37.txz\n8e3b8d1e3d3a740bd274fbe38dc10f96 openssl-solibs-0.9.8za-x86_64-1_slack13.37.txz\n\nSlackware 14.0 packages:\n8e2698d19f54c7e0cac8f998df23b782 openssl-1.0.1h-i486-1_slack14.0.txz\ncf6233bc169cf6dd192bb7210f779fc1 openssl-solibs-1.0.1h-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 packages:\n2b4f0610d5e46fa7bb27a0b39f0d6d33 openssl-1.0.1h-x86_64-1_slack14.0.txz\n18fdd83dcf86204275508a689a017dea openssl-solibs-1.0.1h-x86_64-1_slack14.0.txz\n\nSlackware 14.1 packages:\n49aea7da42eef41da894f29762971863 openssl-1.0.1h-i486-1_slack14.1.txz\n6f19f4fdc3f018b4e821c519d7bb1e5c openssl-solibs-1.0.1h-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 packages:\nccf5ff2b107c665a4f3bf98176937749 openssl-1.0.1h-x86_64-1_slack14.1.txz\nea1aaba38c98b096186ca94ca541a793 openssl-solibs-1.0.1h-x86_64-1_slack14.1.txz\n\nSlackware -current packages:\ndb1ed7ded71ab503f567940fff39eb16 a/openssl-solibs-1.0.1h-i486-1.txz\n0db4f91f9b568b2b2629950e5ab88b22 n/openssl-1.0.1h-i486-1.txz\n\nSlackware x86_64 -current packages:\nd01aef33335bee27f36574241f54091f a/openssl-solibs-1.0.1h-x86_64-1.txz\n95a743d21c58f39573845d6ec5270656 n/openssl-1.0.1h-x86_64-1.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the packages as root:\n# upgradepkg openssl-1.0.1h-i486-1_slack14.1.txz openssl-solibs-1.0.1h-i486-1_slack14.1.txz\n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list: |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message: |\n| |\n| unsubscribe slackware-security |\n| |\n| You will get a confirmation message back containing instructions to |\n| complete the process. Please do not reply to this email address. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/\ndocDisplay?docId=emr_na-c04355095\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c04355095\nVersion: 1\n\nHPSBMU03062 rev.1 - HP Insight Control server deployment on Linux and Windows\nrunning OpenSSL, Multiple Vulnerabilities\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2014-08-08\nLast Updated: 2014-08-08\n\nPotential Security Impact: Remote denial of service (DoS), code execution,\nunauthorized access, disclosure of information\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with HP System\nManagement Homepage (SMH), HP Smart Update Manager (SUM), and HP Version\nControl Agent (VCA) running on Linux and Windows. These components of HP\nInsight Control server deployment could be exploited remotely resulting in\ndenial of service (DoS), code execution, unauthorized access, or disclosure\nof information. \n\nHP Insight Control server deployment packages HP System Management Homepage\n(SMH) and HP Version Control Agent (VCA), and HP Smart Update Manager (SUM)\nand deploys them through the following components. This bulletin provides the\ninformation needed to update the HP Insight Control server deployment\nsolution. \n\nInstall HP Management Agents for Windows x86/x64\nInstall HP Management Agents for RHEL 5 x64\nInstall HP Management Agents for RHEL 6 x64\nInstall HP Management Agents for SLES 10 x64\nInstall HP Management Agents for SLES 11 x64\nUpgrade Proliant Firmware\n\nReferences:\n\nCVE-2010-5298 Remote Denial of Service\nCVE-2014-0076 Unauthorized Disclosure of Information\nCVE-2014-0195 Remote Unauthorized Access\nCVE-2014-0198 Remote Denial of Service\nCVE-2014-0221 Remote Denial of Service (DoS)\nCVE-2014-0224 Remote Unauthorized Access or Disclosure of Information\nCVE-2014-3470 Remote Code Execution or Unauthorized Access\nSSRT101628\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP Insight Control server deployment v7.1.2, v7.2.0, v7.2.1, v7.2.2, v7.3.1\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2010-5298 (AV:N/AC:H/Au:N/C:N/I:P/A:P) 4.0\nCVE-2014-0076 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\nCVE-2014-0195 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2014-0198 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2014-0221 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2014-0224 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2014-3470 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has provided the following updates to v7.3.1 of HP Insight Control server\ndeployment to resolve this vulnerability. HP has provided manual update steps\nif a version upgrade is not possible; if users wish to remain at v7.1.2,\nv7.2.0, or v7.2.1. \n\nNote: It is important to check your current running version of HP Insight\nControl server deployment and to follow the correct steps listed below. For\nHP Insight Control server deployment v7.2.2, users must upgrade to v7.3.1 and\nfollow the steps below to remove the vulnerability. The vulnerability known\nas Heartbleed (CVE-2014-0160) was fixed in HP Insight Control server\ndeployment v7.3.1. That Security Bulletin with instructions on how to upgrade\nto v7.3.1 can be found here:\n\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_n\na-c04267749\n\nHP Insight Control server deployment users of v7.1.2, v7.2.0, v7.2.1 should\ntake the following steps to remove this vulnerability. \n\nDelete the files smhamd64-*.exe/smhx86-*.exe\" from Component Copy Location\nlisted in the following table, rows 1 and 2. \nDelete the files \"vcax86-*.exe/vcaamd64-*.exe from Component Copy Location\nlisted in the following table, rows 3 and 4. \nDelete the files hpsmh-7.*.rpm\" from Component Copy Location listed in row 5. \nIn sequence, perform the steps from left to right in the following table. \nFirst, download components from Download Link; Second, rename the component\nas suggested in Rename to. Third, copy the component to the location\nspecified in Component Copy Location. \nTable Row Number\n Download Link\n Rename to\n Component Copy Location\n\n1\n http://www.hp.com/swpublishing/MTX-e8076c2a35804685ad65b2b1ba\n smhamd64-ccp023716.exe\n \\\\express\\hpfeatures\\hpagents-ws\\components\\Win2008\n\n2\n http://www.hp.com/swpublishing/MTX-3395d737d98f42149125b9bb05\n smhx86-cp023715.exe\n \\\\express\\hpfeatures\\hpagents-ws\\components\\Win2008\n\n3\n http://www.hp.com/swpublishing/MTX-8aefeaf490284a7691eca97d13\n vcax86-cp023742.exe\n \\\\express\\hpfeatures\\hpagents-ws\\components\\Win2008\n\n4\n http://www.hp.com/swpublishing/MTX-c0d32bac154a4d93839d8cd1f2\n vcaamd64-cp023743.exe\n \\\\express\\hpfeatures\\hpagents-ws\\components\\Win2008\n\n5\n http://www.hp.com/swpublishing/MTX-bd9a1cf60e344c549c4888db93\n Do not rename the downloaded component for this step. \n \\\\express\\hpfeatures\\hpagents-sles11-x64\\components\n\\\\express\\hpfeatures\\hpagents-sles10-x64\\components\n\\\\express\\hpfeatures\\hpagents-rhel5-x64\\components\n\\\\express\\hpfeatures\\hpagents-rhel6-x64\\components\n\nDownload and extract the HPSUM 5.3.6 component from\nftp://ftp.hp.com/pub/softlib2/software1/pubsw-windows/p750586112/v99793\n\nCopy all content from extracted ZIP folder and paste into\n\\\\eXpress\\hpfeatures\\fw-proLiant\\components\nInitiate Install HP Management Agents for SLES 11 x64 on targets running\nSLES11 x64. \nInitiate Install HP Management Agents for SLES 10 x64 on targets running\nSLES10 x64. \nInitiate Install HP Management Agents for RHEL 6 x64 on targets running RHEL\n6 x64. \nInitiate Install HP Management Agents for RHEL 5 x64 on targets running RHEL\n5 x64. \nInitiate Install HP Management Agents for Windows x86/x64 on targets running\nWindows. \n\nHP Insight Control server deployment users with v7.2.2:\n\nPlease upgrade to Insight Control server deployment v7.3.1 and follow the\nsteps below for v7.3.1. \n\nHP Insight Control server deployment users with v7.3.1:\n\nPerform steps 1 - 4 as outlined above for users with HP Insight Control\nserver deployment v7.1.2, v7.2.0, and v7.2.1. \nDownload the HP SUM ZIP file from\nhttp://www.hp.com/swpublishing/MTX-f6c141a7feeb4a358bbb28300f\n\nExtract the contents from the HP SUM ZIP file to\n\\\\eXpress\\hpfeatures\\fw-proLiant\\components location on the Insight Control\nserver deployment server\n\nRelated security bulletins:\n\nFor System Management Homepage please see Security bulletin HPSBMU03051 https\n://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c04\n345210\n\nFor HP Version Control Agent please see Security bulletin HPSBMU03057 https:/\n/h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c0434\n9897\n\nHISTORY\nVersion:1 (rev.1) - 8 August 2014 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2014 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.13 (GNU/Linux)\n\niEYEARECAAYFAlPk9ewACgkQ4B86/C0qfVn1/gCfR2U/mZZXYwPms9ptZcBTua/5\nMoQAn1qlQ3kmLRs7YFN5GzwBTRfSK5Go\n=r0qe\n-----END PGP SIGNATURE-----\n. ============================================================================\nUbuntu Security Notice USN-2232-2\nJune 12, 2014\n\nopenssl regression\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 14.04 LTS\n- Ubuntu 13.10\n- Ubuntu 12.04 LTS\n\nSummary:\n\nUSN-2232-1 introduced a regression in OpenSSL. \n\nSoftware Description:\n- openssl: Secure Socket Layer (SSL) cryptographic library and tools\n\nDetails:\n\nUSN-2232-1 fixed vulnerabilities in OpenSSL. The upstream fix for\nCVE-2014-0224 caused a regression for certain applications that use\ntls_session_secret_cb, such as wpa_supplicant. This update fixes the\nproblem. \n\nOriginal advisory details:\n\n J=C3=BCri Aedla discovered that OpenSSL incorrectly handled invalid DTLS\n fragments. This issue only affected Ubuntu 12.04 LTS, Ubuntu 13.10, and\n Ubuntu 14.04 LTS. (CVE-2014-0195)\n Imre Rad discovered that OpenSSL incorrectly handled DTLS recursions. (CVE-2014-0221)\n KIKUCHI Masashi discovered that OpenSSL incorrectly handled certain\n handshakes. A remote attacker could use this flaw to perform a\n man-in-the-middle attack and possibly decrypt and modify traffic. \n (CVE-2014-0224)\n Felix Gr=C3=B6bert and Ivan Fratri=C4=87 discovered that OpenSSL incorrectly handled\n anonymous ECDH ciphersuites. This issue only\n affected Ubuntu 12.04 LTS, Ubuntu 13.10, and Ubuntu 14.04 LTS. \n (CVE-2014-3470)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 14.04 LTS:\n libssl1.0.0 1.0.1f-1ubuntu2.3\n\nUbuntu 13.10:\n libssl1.0.0 1.0.1e-3ubuntu1.5\n\nUbuntu 12.04 LTS:\n libssl1.0.0 1.0.1-4ubuntu5.15\n\nAfter a standard system update you need to reboot your computer to make all\nthe necessary changes. \n\nReferences:\n http://www.ubuntu.com/usn/usn-2232-2\n http://www.ubuntu.com/usn/usn-2232-1\n https://launchpad.net/bugs/1329297\n\nPackage Information:\n https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu2.3\n https://launchpad.net/ubuntu/+source/openssl/1.0.1e-3ubuntu1.5\n https://launchpad.net/ubuntu/+source/openssl/1.0.1-4ubuntu5.15\n. \n \n OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before\n 1.0.1h does not properly restrict processing of ChangeCipherSpec\n messages, which allows man-in-the-middle attackers to trigger use of a\n zero-length master key in certain OpenSSL-to-OpenSSL communications,\n and consequently hijack sessions or obtain sensitive information,\n via a crafted TLS handshake, aka the CCS Injection vulnerability\n (CVE-2014-0224). \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0221\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470\n http://www.openssl.org/news/secadv_20140605.txt\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Enterprise Server 5:\n ef1687f8f4d68dd34149dbb04f3fccda mes5/i586/libopenssl0.9.8-0.9.8h-3.18mdvmes5.2.i586.rpm\n 3e46ee354bd0add0234eaf873f0a076c mes5/i586/libopenssl0.9.8-devel-0.9.8h-3.18mdvmes5.2.i586.rpm\n 0cc60393474d11a3786965d780e39ebc mes5/i586/libopenssl0.9.8-static-devel-0.9.8h-3.18mdvmes5.2.i586.rpm\n 16d367fe394b2f16b9f022ea7ba75a54 mes5/i586/openssl-0.9.8h-3.18mdvmes5.2.i586.rpm \n 223a4a6b80f1b2eb3cbfaf99473423f3 mes5/SRPMS/openssl-0.9.8h-3.18mdvmes5.2.src.rpm\n\n Mandriva Enterprise Server 5/X86_64:\n 85a51b41a45f6905ea778347d8b236c1 mes5/x86_64/lib64openssl0.9.8-0.9.8h-3.18mdvmes5.2.x86_64.rpm\n d0bf9ef6c6e33d0c6158add14cbe04b8 mes5/x86_64/lib64openssl0.9.8-devel-0.9.8h-3.18mdvmes5.2.x86_64.rpm\n 707842b93162409157667f696996f4fc mes5/x86_64/lib64openssl0.9.8-static-devel-0.9.8h-3.18mdvmes5.2.x86_64.rpm\n 70f4de1608d99c970afa1786595a761d mes5/x86_64/openssl-0.9.8h-3.18mdvmes5.2.x86_64.rpm \n 223a4a6b80f1b2eb3cbfaf99473423f3 mes5/SRPMS/openssl-0.9.8h-3.18mdvmes5.2.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-3470"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002767"
},
{
"db": "BID",
"id": "67898"
},
{
"db": "VULMON",
"id": "CVE-2014-3470"
},
{
"db": "PACKETSTORM",
"id": "127362"
},
{
"db": "PACKETSTORM",
"id": "127213"
},
{
"db": "PACKETSTORM",
"id": "127266"
},
{
"db": "PACKETSTORM",
"id": "127923"
},
{
"db": "PACKETSTORM",
"id": "126976"
},
{
"db": "PACKETSTORM",
"id": "127807"
},
{
"db": "PACKETSTORM",
"id": "127080"
},
{
"db": "PACKETSTORM",
"id": "127016"
},
{
"db": "PACKETSTORM",
"id": "127265"
},
{
"db": "PACKETSTORM",
"id": "126925"
}
],
"trust": 2.88
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-3470",
"trust": 3.8
},
{
"db": "MCAFEE",
"id": "SB10075",
"trust": 2.0
},
{
"db": "BID",
"id": "67898",
"trust": 2.0
},
{
"db": "JUNIPER",
"id": "JSA10629",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "59916",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "58742",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59659",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "58977",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59310",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59191",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59483",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59189",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59721",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59431",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59282",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59362",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59491",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59300",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "60571",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59287",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "58939",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "58337",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59162",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59364",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59449",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59192",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59990",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59167",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "58945",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59126",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "58716",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "61254",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59175",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59442",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59655",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59459",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59445",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59451",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59264",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59306",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "58579",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59518",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59490",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59440",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59120",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59666",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59514",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59784",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "58615",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59460",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59284",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59495",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59413",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "58713",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "58714",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59365",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59438",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59223",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59441",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59525",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "58797",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59301",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59450",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59340",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59895",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59342",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59669",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59437",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "58667",
"trust": 1.7
},
{
"db": "SIEMENS",
"id": "SSA-234763",
"trust": 1.7
},
{
"db": "ICS CERT",
"id": "ICSA-14-198-03",
"trust": 1.1
},
{
"db": "JVN",
"id": "JVNVU93868849",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002767",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2022.0696",
"trust": 0.6
},
{
"db": "LENOVO",
"id": "LEN-24443",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201406-081",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-14-198-03G",
"trust": 0.4
},
{
"db": "DLINK",
"id": "SAP10045",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-17-094-04",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-14-198-03F",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-14-198-03B",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-14-198-03C",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-14-198-03D",
"trust": 0.3
},
{
"db": "VULMON",
"id": "CVE-2014-3470",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127362",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127213",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127266",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127923",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126976",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127807",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127080",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127016",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127265",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126925",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-3470"
},
{
"db": "BID",
"id": "67898"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002767"
},
{
"db": "PACKETSTORM",
"id": "127362"
},
{
"db": "PACKETSTORM",
"id": "127213"
},
{
"db": "PACKETSTORM",
"id": "127266"
},
{
"db": "PACKETSTORM",
"id": "127923"
},
{
"db": "PACKETSTORM",
"id": "126976"
},
{
"db": "PACKETSTORM",
"id": "127807"
},
{
"db": "PACKETSTORM",
"id": "127080"
},
{
"db": "PACKETSTORM",
"id": "127016"
},
{
"db": "PACKETSTORM",
"id": "127265"
},
{
"db": "PACKETSTORM",
"id": "126925"
},
{
"db": "CNNVD",
"id": "CNNVD-201406-081"
},
{
"db": "NVD",
"id": "CVE-2014-3470"
}
]
},
"id": "VAR-201406-0117",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.41201043363636364
},
"last_update_date": "2024-06-13T23:00:33.950000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HT6443",
"trust": 0.8,
"url": "http://support.apple.com/kb/ht6443"
},
{
"title": "HT6443",
"trust": 0.8,
"url": "http://support.apple.com/kb/ht6443?viewlocale=ja_jp"
},
{
"title": "KB36051",
"trust": 0.8,
"url": "http://www.blackberry.com/btsc/kb36051"
},
{
"title": "cisco-sa-20140605-openssl",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20140605-openssl"
},
{
"title": "\u30c8\u30c3\u30d7\u30da\u30fc\u30b8",
"trust": 0.8,
"url": "http://fedoraproject.org/ja/"
},
{
"title": "HIRT-PUB14010",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/hirt/publications/hirt-pub14010/index.html"
},
{
"title": "6060",
"trust": 0.8,
"url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026id=6060\u0026myns=phmc\u0026mync=e"
},
{
"title": "6061",
"trust": 0.8,
"url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026id=6061\u0026myns=phmc\u0026mync=e"
},
{
"title": "1676062",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676062"
},
{
"title": "4037761",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037761"
},
{
"title": "1676419",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676419"
},
{
"title": "1676128",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676128"
},
{
"title": "1676496",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676496"
},
{
"title": "1676655",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676655"
},
{
"title": "00001841",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001841"
},
{
"title": "1677695",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677695"
},
{
"title": "00001843",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001843"
},
{
"title": "1677828",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677828"
},
{
"title": "1673137",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21673137"
},
{
"title": "1678167",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678167"
},
{
"title": "1676035",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676035"
},
{
"title": "1678289",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678289"
},
{
"title": "2079783",
"trust": 0.8,
"url": "http://kb.vmware.com/selfservice/microsites/search.do?language=en_us\u0026cmd=displaykc\u0026externalid=2079783"
},
{
"title": "7015264",
"trust": 0.8,
"url": "http://www.novell.com/support/kb/doc.php?id=7015264"
},
{
"title": "7015300",
"trust": 0.8,
"url": "http://www.novell.com/support/kb/doc.php?id=7015300"
},
{
"title": "SB10075",
"trust": 0.8,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10075"
},
{
"title": "Fix CVE-2014-3470",
"trust": 0.8,
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=8011cd56e39a433b1837465259a9bd24a38727fb"
},
{
"title": "Anonymous ECDH denial of service (CVE-2014-3470)",
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20140605.txt"
},
{
"title": "Oracle Critical Patch Update Advisory - July 2014",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
},
{
"title": "Text Form of Oracle Critical Patch Update - July 2014 Risk Matrices",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2014verbose-1972958.html"
},
{
"title": "Oracle Critical Patch Update Advisory - January 2015",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"title": "Text Form of Oracle Critical Patch Update - January 2015 Risk Matrices",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015verbose-1972976.html"
},
{
"title": "Bug 1103600",
"trust": 0.8,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1103600"
},
{
"title": "SA80",
"trust": 0.8,
"url": "https://kb.bluecoat.com/index?page=content\u0026id=sa80"
},
{
"title": "Huawei-SA-20140613-OpenSSL",
"trust": 0.8,
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm"
},
{
"title": "January 2015 Critical Patch Update Released",
"trust": 0.8,
"url": "https://blogs.oracle.com/security/entry/january_2015_critical_patch_update"
},
{
"title": "CVE-2014-3470 Denial of Service(DOS) vulnerability in OpenSSL",
"trust": 0.8,
"url": "https://blogs.oracle.com/sunsecurity/entry/cve_2014_3470_denial_of"
},
{
"title": "Splunk Enterprise 6.1.2, 6.0.5 and 5.0.9 address two vulnerabilities - July 1, 2014",
"trust": 0.8,
"url": "http://www.splunk.com/view/sp-caaam2d"
},
{
"title": "TLSA-2014-6",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2014/tlsa-2014-6j.html"
},
{
"title": "VMSA-2014-0006",
"trust": 0.8,
"url": "http://www.vmware.com/security/advisories/vmsa-2014-0006.html"
},
{
"title": "34549",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=34549"
},
{
"title": "OpenSSL\u306e\u8106\u5f31\u6027(CVE-2014-0224\u4ed6)\u306b\u3088\u308b\u30c6\u30fc\u30d7\u30e9\u30a4\u30d6\u30e9\u30ea\u88c5\u7f6e\u3078\u306e\u5f71\u97ff\u306b\u3064\u3044\u3066",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/products/it/server/security/info/vulnerable/openssl_cve20140224_tape_library.html"
},
{
"title": "cisco-sa-20140605-openssl",
"trust": 0.8,
"url": "http://www.cisco.com/cisco/web/support/jp/112/1122/1122700_cisco-sa-20140605-openssl-j.html"
},
{
"title": "Symfoware Server: OpenSSL\u306e\u8106\u5f31\u6027(CVE-2014-0224, CVE-2014-0221, CVE-2014-0195, CVE-2014-3470)(2014\u5e747\u670815\u65e5)",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/symfoware_201404.html"
},
{
"title": "openssl-1.0.1h",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=51081"
},
{
"title": "openssl-1.0.0m",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=51080"
},
{
"title": "openssl-0.9.8za",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=51079"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2014/07/10/fireeye_patches_os_torpedo_exploitdb_disclosure/"
},
{
"title": "Siemens Security Advisories: Siemens Security Advisory",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=b92b65104373bc8476811ff1b99cd369"
},
{
"title": "Red Hat: CVE-2014-3470",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2014-3470"
},
{
"title": "Ubuntu Security Notice: openssl regression",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-2232-3"
},
{
"title": "Ubuntu Security Notice: openssl vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-2232-4"
},
{
"title": "Ubuntu Security Notice: openssl vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-2232-1"
},
{
"title": "Ubuntu Security Notice: openssl regression",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-2232-2"
},
{
"title": "Debian Security Advisories: DSA-2950-1 openssl -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=909292f2afe623fbec51f7ab6b32f790"
},
{
"title": "Debian CVElist Bug Report Logs: openssl: CVE-2014-0224, CVE-2014-0221, CVE-2014-0195, CVE-2014-0198, CVE-2010-5298, CVE-2014-3470",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=07d14df4883f21063a053cea8d2239c6"
},
{
"title": "Amazon Linux AMI: ALAS-2014-349",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2014-349"
},
{
"title": "Debian CVElist Bug Report Logs: virtualbox: CVE-2014-6588 CVE-2014-6589 CVE-2014-6590 CVE-2014-6595 CVE-2015-0418 CVE-2015-0427",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=eee4d8c3e2b11de5b15ee65d96af6c60"
},
{
"title": "Symantec Security Advisories: SA80 : OpenSSL Security Advisory 05-Jun-2014",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=dd4667746d163d08265dfdd4c98e4201"
},
{
"title": "Citrix Security Bulletins: Citrix Security Advisory for OpenSSL Vulnerabilities (June 2014)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins\u0026qid=afbd3a710e98424e558b1b21482abad6"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - January 2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=4a692d6d60aa31507cb101702b494c51"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=523d3f220a64ff01dd95e064bd37566a"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2014-3470 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/potterxma/linux-deployment-standard "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/hrbrmstr/internetdb "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-3470"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002767"
},
{
"db": "CNNVD",
"id": "CNNVD-201406-081"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-476",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002767"
},
{
"db": "NVD",
"id": "CVE-2014-3470"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://support.citrix.com/article/ctx140876"
},
{
"trust": 2.3,
"url": "http://www.openssl.org/news/secadv_20140605.txt"
},
{
"trust": 2.3,
"url": "http://www.securityfocus.com/bid/67898"
},
{
"trust": 2.3,
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm"
},
{
"trust": 2.3,
"url": "http://www.vmware.com/security/advisories/vmsa-2014-0012.html"
},
{
"trust": 2.3,
"url": "http://www.vmware.com/security/advisories/vmsa-2014-0006.html"
},
{
"trust": 2.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg24037783"
},
{
"trust": 2.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21676793"
},
{
"trust": 2.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21676356"
},
{
"trust": 2.0,
"url": "https://kb.bluecoat.com/index?page=content\u0026id=sa80"
},
{
"trust": 2.0,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20140605-openssl"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676035"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677695"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676655"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677828"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676062"
},
{
"trust": 2.0,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10075"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676496"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676419"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678167"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21673137"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683332"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677836"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676879"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676615"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676529"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676501"
},
{
"trust": 2.0,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095754"
},
{
"trust": 2.0,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095755"
},
{
"trust": 2.0,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095756"
},
{
"trust": 2.0,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095757"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676071"
},
{
"trust": 2.0,
"url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21675821"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21675626"
},
{
"trust": 2.0,
"url": "http://www.f-secure.com/en/web/labs_global/fsc-2014-6"
},
{
"trust": 2.0,
"url": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15342.html"
},
{
"trust": 1.7,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1103600"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/58797"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59191"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/58579"
},
{
"trust": 1.7,
"url": "http://www.blackberry.com/btsc/kb36051"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59438"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59301"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59450"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59491"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59721"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59655"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59659"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59162"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59120"
},
{
"trust": 1.7,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678289"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/58939"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59666"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59126"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59490"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59442"
},
{
"trust": 1.7,
"url": "http://www.novell.com/support/kb/doc.php?id=7015300"
},
{
"trust": 1.7,
"url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026id=6060\u0026myns=phmc\u0026mync=e"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59514"
},
{
"trust": 1.7,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677527"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59495"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59669"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59413"
},
{
"trust": 1.7,
"url": "http://www.novell.com/support/kb/doc.php?id=7015264"
},
{
"trust": 1.7,
"url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026id=6061\u0026myns=phmc\u0026mync=e"
},
{
"trust": 1.7,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037761"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59300"
},
{
"trust": 1.7,
"url": "http://www.splunk.com/view/sp-caaam2d"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59895"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59459"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59451"
},
{
"trust": 1.7,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001843"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59342"
},
{
"trust": 1.7,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001841"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59916"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59990"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/60571"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59784"
},
{
"trust": 1.7,
"url": "http://support.apple.com/kb/ht6443"
},
{
"trust": 1.7,
"url": "http://seclists.org/fulldisclosure/2014/dec/23"
},
{
"trust": 1.7,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676889"
},
{
"trust": 1.7,
"url": "https://www.novell.com/support/kb/doc.php?id=7015271"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"
},
{
"trust": 1.7,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05301946"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=140752315422991\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=140389355508263\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=140904544427729\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=140317760000786\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=140389274407904\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=140482916501310\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=140621259019789\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=140491231331543\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=140448122410568\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=140266410314613\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=140499827729550\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=140431828824371\u0026w=2"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2015:062"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59365"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59364"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59362"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59340"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59310"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59306"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59287"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59284"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59282"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59264"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59223"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59192"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59189"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59175"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59167"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/58977"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/58945"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/58742"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/58716"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/58714"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/58713"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/58667"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/58615"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/58337"
},
{
"trust": 1.7,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-august/136473.html"
},
{
"trust": 1.7,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-august/136470.html"
},
{
"trust": 1.7,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=kb29195"
},
{
"trust": 1.7,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10629"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
},
{
"trust": 1.7,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1020163"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2014:106"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2014:105"
},
{
"trust": 1.7,
"url": "http://security.gentoo.org/glsa/glsa-201407-05.xml"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/61254"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59525"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59518"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59483"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59460"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59449"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59445"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59441"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59440"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59437"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59431"
},
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-234763.pdf"
},
{
"trust": 1.1,
"url": "https://git.openssl.org/gitweb/?p=openssl.git%3ba=commit%3bh=8011cd56e39a433b1837465259a9bd24a38727fb"
},
{
"trust": 1.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-198-03"
},
{
"trust": 1.0,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3470"
},
{
"trust": 1.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0224"
},
{
"trust": 1.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0221"
},
{
"trust": 1.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3470"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0195"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu93868849/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-3470"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0198"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-5298"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0076"
},
{
"trust": 0.6,
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=8011cd56e39a433b1837465259a9bd24a38727fb"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
},
{
"trust": 0.6,
"url": "https://support.lenovo.com/us/en/solutions/len-24443"
},
{
"trust": 0.5,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/"
},
{
"trust": 0.5,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
},
{
"trust": 0.5,
"url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
},
{
"trust": 0.4,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-198-03g"
},
{
"trust": 0.3,
"url": "https://blogs.oracle.com/sunsecurity/entry/cve_2014_3470_denial_of"
},
{
"trust": 0.3,
"url": "http://securityadvisories.dlink.com/security/publication.aspx?name=sap10045"
},
{
"trust": 0.3,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10629\u0026cat=sirt_1\u0026actp=list\u0026showdraft=false"
},
{
"trust": 0.3,
"url": "http://www.cerberusftp.com/products/releasenotes.html"
},
{
"trust": 0.3,
"url": "http://googlechromereleases.blogspot.com/2014/06/chrome-for-android-update.html"
},
{
"trust": 0.3,
"url": "http://blogs.citrix.com/2014/06/06/citrix-security-advisory-for-openssl-vulnerabilities-june-2014/"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2014/aug/att-93/esa-2014-079.txt"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21678123"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21678073"
},
{
"trust": 0.3,
"url": "http://openssl.org/"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100181245"
},
{
"trust": 0.3,
"url": "http://www8.hp.com/us/en/software-solutions/operations-analytics-operations-analysis/"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21686583"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685551"
},
{
"trust": 0.3,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5096059"
},
{
"trust": 0.3,
"url": "http://www.marshut.com/ixwnpv/stunnel-5-02-released.html"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100181099"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100180978"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-198-03d"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-094-04"
},
{
"trust": 0.3,
"url": "http://btsc.webapps.blackberry.com/btsc/viewdocument.do;jsessionid=98ec479ee69ccb916d2ea4b09943faf5?nocount=true\u0026externalid=kb36051\u0026sliceid=1\u0026cmd=\u0026forward=nonthreadedkc\u0026command=show\u0026kcid=kb36051\u0026viewe"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04355095"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04343424"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04345210"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04349175"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04349789"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04349897"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04363613"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04368523"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04378799"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04379485"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04337774"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05301946"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04336637"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21678356"
},
{
"trust": 0.3,
"url": "https://www-01.ibm.com/support/docview.wss?uid=swg21681494"
},
{
"trust": 0.3,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095940"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678413"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21676889"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676673"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21678660"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676041"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676128"
},
{
"trust": 0.3,
"url": "https://www.xerox.com/download/security/security-bulletin/33a01-5228bdf5d027e/cert_security_mini-_bulletin_xrx15ao_for_cq8570-cq8870_v1-0.pdf"
},
{
"trust": 0.3,
"url": "http://www.checkpoint.com/defense/advisories/public/2014/cpai-10-jun3.html"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100181079"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=nas8n1020200"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676356"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676276"
},
{
"trust": 0.3,
"url": "https://rhn.redhat.com/errata/rhsa-2014-0625.html"
},
{
"trust": 0.3,
"url": "http://forums.alienvault.com/discussion/3054/security-advisory-alienvault-v4-10-0-addresses-several-vulnerabilities"
},
{
"trust": 0.3,
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/archive/hw-345106.htm"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676793"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1021009"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676840"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=nas8n1020163"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678104"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682023"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682026"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682025"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682024"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21690128"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21678289"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-198-03b"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-198-03c"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-198-03f"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1020976"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1020952"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1007987"
},
{
"trust": 0.3,
"url": "http://www.ubuntu.com/usn/usn-2232-4/"
},
{
"trust": 0.3,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10629\u0026cat=sirt_1\u0026actp=list"
},
{
"trust": 0.3,
"url": "http://www.hp.com/swpublishing/mtx-bd9a1cf60e344c549c4888db93"
},
{
"trust": 0.3,
"url": "http://www.hp.com/swpublishing/mtx-3395d737d98f42149125b9bb05"
},
{
"trust": 0.3,
"url": "http://www.hp.com/swpublishing/mtx-e8076c2a35804685ad65b2b1ba"
},
{
"trust": 0.2,
"url": "http://www.hp.com/swpublishing/mtx-511c3e0b2f6f4f6bbc796fc619"
},
{
"trust": 0.2,
"url": "http://www.hp.com/swpublishing/mtx-3a7aa5e233904ebe847a5e1555"
},
{
"trust": 0.2,
"url": "http://www.hp.com/swpublishing/mtx-d775367b0a28449ca05660778b"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0224"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0221"
},
{
"trust": 0.2,
"url": "http://www.hp.com/swpublishing/mtx-c0d32bac154a4d93839d8cd1f2"
},
{
"trust": 0.2,
"url": "http://www.hp.com/swpublishing/mtx-8aefeaf490284a7691eca97d13"
},
{
"trust": 0.2,
"url": "http://www.ubuntu.com/usn/usn-2232-1"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/476.html"
},
{
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2014-3470"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=34549"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-3470"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/2232-3/"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-2c54f23c6dbc4d598e86fdef95"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-4480df0f6d544779b0143f5c3b"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4618"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2520"
},
{
"trust": 0.1,
"url": "https://support.emc.com/downloads/2732_documentum-server"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2521"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0195"
},
{
"trust": 0.1,
"url": "http://slackware.com"
},
{
"trust": 0.1,
"url": "http://osuosl.org)"
},
{
"trust": 0.1,
"url": "http://slackware.com/gpg-key"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-5298"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0198"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_n"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-f6c141a7feeb4a358bbb28300f"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu2.3"
},
{
"trust": 0.1,
"url": "http://www.ubuntu.com/usn/usn-2232-2"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1-4ubuntu5.15"
},
{
"trust": 0.1,
"url": "https://launchpad.net/bugs/1329297"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1e-3ubuntu1.5"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/en/support/security/"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/en/support/security/advisories/"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-8208c3987b1b4a5093f3e8fcc3"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu2.2"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1e-3ubuntu1.4"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/0.9.8k-7ubuntu8.18"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1-4ubuntu5.14"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-3470"
},
{
"db": "BID",
"id": "67898"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002767"
},
{
"db": "PACKETSTORM",
"id": "127362"
},
{
"db": "PACKETSTORM",
"id": "127213"
},
{
"db": "PACKETSTORM",
"id": "127266"
},
{
"db": "PACKETSTORM",
"id": "127923"
},
{
"db": "PACKETSTORM",
"id": "126976"
},
{
"db": "PACKETSTORM",
"id": "127807"
},
{
"db": "PACKETSTORM",
"id": "127080"
},
{
"db": "PACKETSTORM",
"id": "127016"
},
{
"db": "PACKETSTORM",
"id": "127265"
},
{
"db": "PACKETSTORM",
"id": "126925"
},
{
"db": "CNNVD",
"id": "CNNVD-201406-081"
},
{
"db": "NVD",
"id": "CVE-2014-3470"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2014-3470"
},
{
"db": "BID",
"id": "67898"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002767"
},
{
"db": "PACKETSTORM",
"id": "127362"
},
{
"db": "PACKETSTORM",
"id": "127213"
},
{
"db": "PACKETSTORM",
"id": "127266"
},
{
"db": "PACKETSTORM",
"id": "127923"
},
{
"db": "PACKETSTORM",
"id": "126976"
},
{
"db": "PACKETSTORM",
"id": "127807"
},
{
"db": "PACKETSTORM",
"id": "127080"
},
{
"db": "PACKETSTORM",
"id": "127016"
},
{
"db": "PACKETSTORM",
"id": "127265"
},
{
"db": "PACKETSTORM",
"id": "126925"
},
{
"db": "CNNVD",
"id": "CNNVD-201406-081"
},
{
"db": "NVD",
"id": "CVE-2014-3470"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-06-05T00:00:00",
"db": "VULMON",
"id": "CVE-2014-3470"
},
{
"date": "2014-06-05T00:00:00",
"db": "BID",
"id": "67898"
},
{
"date": "2014-06-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002767"
},
{
"date": "2014-07-06T18:53:39",
"db": "PACKETSTORM",
"id": "127362"
},
{
"date": "2014-06-25T21:32:38",
"db": "PACKETSTORM",
"id": "127213"
},
{
"date": "2014-06-27T18:43:56",
"db": "PACKETSTORM",
"id": "127266"
},
{
"date": "2014-08-19T16:52:04",
"db": "PACKETSTORM",
"id": "127923"
},
{
"date": "2014-06-06T23:46:36",
"db": "PACKETSTORM",
"id": "126976"
},
{
"date": "2014-08-08T21:53:16",
"db": "PACKETSTORM",
"id": "127807"
},
{
"date": "2014-06-13T00:11:12",
"db": "PACKETSTORM",
"id": "127080"
},
{
"date": "2014-06-10T17:33:47",
"db": "PACKETSTORM",
"id": "127016"
},
{
"date": "2014-06-27T18:43:23",
"db": "PACKETSTORM",
"id": "127265"
},
{
"date": "2014-06-05T15:14:53",
"db": "PACKETSTORM",
"id": "126925"
},
{
"date": "2014-06-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201406-081"
},
{
"date": "2014-06-05T21:55:07.880000",
"db": "NVD",
"id": "CVE-2014-3470"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2014-3470"
},
{
"date": "2018-10-11T12:00:00",
"db": "BID",
"id": "67898"
},
{
"date": "2015-12-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002767"
},
{
"date": "2022-08-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201406-081"
},
{
"date": "2023-11-07T02:20:08.380000",
"db": "NVD",
"id": "CVE-2014-3470"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "127016"
},
{
"db": "PACKETSTORM",
"id": "126925"
},
{
"db": "CNNVD",
"id": "CNNVD-201406-081"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL of s3_clnt.c of ssl3_send_client_key_exchange Service disruption in functions (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002767"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201406-081"
}
],
"trust": 0.6
}
}
VAR-201605-0078
Vulnerability from variot - Updated: 2024-06-12 20:06The ASN.1 implementation in OpenSSL before 1.0.1o and 1.0.2 before 1.0.2c allows remote attackers to execute arbitrary code or cause a denial of service (buffer underflow and memory corruption) via an ANY field in crafted serialized data, aka the "negative zero" issue. OpenSSL is prone to remote memory-corruption vulnerability. Successfully exploiting this issue may allow an attacker to execute arbitrary code in the context of the application using the vulnerable library. Failed exploit attempts will result in denial-of-service conditions. Following product versions are affected: OpenSSL versions 1.0.2 prior to 1.0.2c OpenSSL versions 1.0.1 prior to 1.0.1o. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03756en_us
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: hpesbhf03756en_us Version: 1
HPESBHF03756 rev.1 - HPE Network Products including Comware 7, iMC, and VCX running OpenSSL, Remote Denial of Service (DoS), Disclosure of Sensitive Information
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2017-06-05 Last Updated: 2017-06-05
Potential Security Impact: Remote: Denial of Service (DoS), Disclosure of Sensitive Information
Source: Hewlett Packard Enterprise, Product Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities with OpenSSL have been addressed for HPE network products including Comware 7, iMC, and VCX. The vulnerabilities could be remotely exploited resulting in Denial of Service (DoS) or disclosure of sensitive information.
References:
- CVE-2016-2105 - Remote Denial of Service (DoS)
- CVE-2016-2106 - Remote Denial of Service (DoS)
- CVE-2016-2107 - Remote disclosure of sensitive information
- CVE-2016-2108 - Remote Denial of Service (DoS)
- CVE-2016-2109 - Remote Denial of Service (DoS)
- CVE-2016-2176 - Remote Denial of Service (DoS)
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
- VCX Products All versions - Please refer to the RESOLUTION below for a list of updated products.
- Comware v7 (CW7) Products All versions - Please refer to the RESOLUTION below for a list of updated products.
- HP Intelligent Management Center (iMC) All versions - Please refer to the RESOLUTION below for a list of updated products.
BACKGROUND
CVSS Base Metrics ================= Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector
CVE-2016-2105
5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVE-2016-2106
5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVE-2016-2107
3.7 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
2.6 (AV:N/AC:H/Au:N/C:P/I:N/A:N)
CVE-2016-2108
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2016-2109
7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.8 (AV:N/AC:L/Au:N/C:N/I:N/A:C)
CVE-2016-2176
6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
6.4 (AV:N/AC:L/Au:N/C:P/I:N/A:P)
Information on CVSS is documented in
HPE Customer Notice HPSN-2008-002 here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499
RESOLUTION
HPE has made the following software updates available to resolve the vulnerabilities in the Comware 7, iMC and VCX products running OpenSSL.
COMWARE 7 Products
- 12500 (Comware 7) - Version: R7377P02
- HP Network Products
- JC072B HP 12500 Main Processing Unit
- JC085A HP A12518 Switch Chassis
- JC086A HP A12508 Switch Chassis
- JC652A HP 12508 DC Switch Chassis
- JC653A HP 12518 DC Switch Chassis
- JC654A HP 12504 AC Switch Chassis
- JC655A HP 12504 DC Switch Chassis
- JF430A HP A12518 Switch Chassis
- JF430B HP 12518 Switch Chassis
- JF430C HP 12518 AC Switch Chassis
- JF431A HP A12508 Switch Chassis
- JF431B HP 12508 Switch Chassis
- JF431C HP 12508 AC Switch Chassis
- JG497A HP 12500 MPU w/Comware V7 OS
- JG782A HP FF 12508E AC Switch Chassis
- JG783A HP FF 12508E DC Switch Chassis
- JG784A HP FF 12518E AC Switch Chassis
- JG785A HP FF 12518E DC Switch Chassis
- JG802A HP FF 12500E MPU
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 10500 (Comware 7) - Version: R7184
- HP Network Products
- JC611A HP 10508-V Switch Chassis
- JC612A HP 10508 Switch Chassis
- JC613A HP 10504 Switch Chassis
- JC748A HP 10512 Switch Chassis
- JG608A HP FlexFabric 11908-V Switch Chassis
- JG609A HP FlexFabric 11900 Main Processing Unit
- JG820A HP 10504 TAA Switch Chassis
- JG821A HP 10508 TAA Switch Chassis
- JG822A HP 10508-V TAA Switch Chassis
- JG823A HP 10512 TAA Switch Chassis
- JG496A HP 10500 Type A MPU w/Comware v7 OS
- JH198A HP 10500 Type D Main Processing Unit with Comware v7 Operating System
- JH206A HP 10500 Type D TAA-compliant with Comware v7 Operating System Main Processing Unit
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 5900/5920 (Comware 7) - Version: R2422P02
- HP Network Products
- JC772A HP 5900AF-48XG-4QSFP+ Switch
- JG296A HP 5920AF-24XG Switch
- JG336A HP 5900AF-48XGT-4QSFP+ Switch
- JG510A HP 5900AF-48G-4XG-2QSFP+ Switch
- JG554A HP 5900AF-48XG-4QSFP+ TAA Switch
- JG555A HP 5920AF-24XG TAA Switch
- JG838A HP FF 5900CP-48XG-4QSFP+ Switch
- JH036A HP FlexFabric 5900CP 48XG 4QSFP+ TAA-Compliant
- JH037A HP 5900AF 48XGT 4QSFP+ TAA-Compliant Switch
- JH038A HP 5900AF 48G 4XG 2QSFP+ TAA-Compliant
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- MSR1000 (Comware 7) - Version: R0306P52
- HP Network Products
- JG875A HP MSR1002-4 AC Router
- JH060A HP MSR1003-8S AC Router
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- MSR2000 (Comware 7) - Version: R0306P52
- HP Network Products
- JG411A HP MSR2003 AC Router
- JG734A HP MSR2004-24 AC Router
- JG735A HP MSR2004-48 Router
- JG866A HP MSR2003 TAA-compliant AC Router
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- MSR3000 (Comware 7) - Version: R0306P52
- HP Network Products
- JG404A HP MSR3064 Router
- JG405A HP MSR3044 Router
- JG406A HP MSR3024 AC Router
- JG407A HP MSR3024 DC Router
- JG408A HP MSR3024 PoE Router
- JG409A HP MSR3012 AC Router
- JG410A HP MSR3012 DC Router
- JG861A HP MSR3024 TAA-compliant AC Router
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- MSR4000 (Comware 7) - Version: R0306P52
- HP Network Products
- JG402A HP MSR4080 Router Chassis
- JG403A HP MSR4060 Router Chassis
- JG412A HP MSR4000 MPU-100 Main Processing Unit
- JG869A HP MSR4000 TAA-compliant MPU-100 Main Processing Unit
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- VSR (Comware 7) - Version: E0324
- HP Network Products
- JG810AAE HP VSR1001 Virtual Services Router 60 Day Evaluation Software
- JG811AAE HP VSR1001 Comware 7 Virtual Services Router
- JG812AAE HP VSR1004 Comware 7 Virtual Services Router
- JG813AAE HP VSR1008 Comware 7 Virtual Services Router
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 7900 (Comware 7) - Version: R2152
- HP Network Products
- JG682A HP FlexFabric 7904 Switch Chassis
- JG841A HP FlexFabric 7910 Switch Chassis
- JG842A HP FlexFabric 7910 7.2Tbps Fabric / Main Processing Unit
- JH001A HP FlexFabric 7910 2.4Tbps Fabric / Main Processing Unit
- JH122A HP FlexFabric 7904 TAA-compliant Switch Chassis
- JH123A HP FlexFabric 7910 TAA-compliant Switch Chassis
- JH124A HP FlexFabric 7910 7.2Tbps TAA-compliant Fabric/Main Processing Unit
- JH125A HP FlexFabric 7910 2.4Tbps TAA-compliant Fabric/Main Processing Unit
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 5130 (Comware 7) - Version: R3115
- HP Network Products
- JG932A HP 5130-24G-4SFP+ EI Switch
- JG933A HP 5130-24G-SFP-4SFP+ EI Switch
- JG934A HP 5130-48G-4SFP+ EI Switch
- JG936A HP 5130-24G-PoE+-4SFP+ (370W) EI Switch
- JG937A HP 5130-48G-PoE+-4SFP+ (370W) EI Switch
- JG938A HP 5130-24G-2SFP+-2XGT EI Switch
- JG939A HP 5130-48G-2SFP+-2XGT EI Switch
- JG940A HP 5130-24G-PoE+-2SFP+-2XGT (370W) EI Switch
- JG941A HP 5130-48G-PoE+-2SFP+-2XGT (370W) EI Switch
- JG975A HP 5130-24G-4SFP+ EI Brazil Switch
- JG976A HP 5130-48G-4SFP+ EI Brazil Switch
- JG977A HP 5130-24G-PoE+-4SFP+ (370W) EI Brazil Switch
- JG978A HP 5130-48G-PoE+-4SFP+ (370W) EI Brazil Switch
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 6125XLG - Version: R2422P02
- HP Network Products
- 711307-B21 HP 6125XLG Blade Switch
- 737230-B21 HP 6125XLG Blade Switch with TAA
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 6127XLG - Version: R2422P02
- HP Network Products
- 787635-B21 HP 6127XLG Blade Switch Opt Kit
- 787635-B22 HP 6127XLG Blade Switch with TAA
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- Moonshot - Version: R2432
- HP Network Products
- 786617-B21 - HP Moonshot-45Gc Switch Module
- 704654-B21 - HP Moonshot-45XGc Switch Module
- 786619-B21 - HP Moonshot-180XGc Switch Module
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 5700 (Comware 7) - Version: R2422P02
- HP Network Products
- JG894A HP FlexFabric 5700-48G-4XG-2QSFP+ Switch
- JG895A HP FlexFabric 5700-48G-4XG-2QSFP+ TAA-compliant Switch
- JG896A HP FlexFabric 5700-40XG-2QSFP+ Switch
- JG897A HP FlexFabric 5700-40XG-2QSFP+ TAA-compliant Switch
- JG898A HP FlexFabric 5700-32XGT-8XG-2QSFP+ Switch
- JG899A HP FlexFabric 5700-32XGT-8XG-2QSFP+ TAA-compliant Switch
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 5930 (Comware 7) - Version: R2422P02
- HP Network Products
- JG726A HP FlexFabric 5930 32QSFP+ Switch
- JG727A HP FlexFabric 5930 32QSFP+ TAA-compliant Switch
- JH178A HP FlexFabric 5930 2QSFP+ 2-slot Switch
- JH179A HP FlexFabric 5930 4-slot Switch
- JH187A HP FlexFabric 5930 2QSFP+ 2-slot TAA-compliant Switch
- JH188A HP FlexFabric 5930 4-slot TAA-compliant Switch
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 1950 (Comware 7) - Version: R3115
- HP Network Products
- JG960A HP 1950-24G-4XG Switch
- JG961A HP 1950-48G-2SFP+-2XGT Switch
- JG962A HP 1950-24G-2SFP+-2XGT-PoE+(370W) Switch
- JG963A HP 1950-48G-2SFP+-2XGT-PoE+(370W) Switch
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 7500 (Comware 7) - Version: R7184
- HP Network Products
- JD238C HP 7510 Switch Chassis
- JD239C HP 7506 Switch Chassis
- JD240C HP 7503 Switch Chassis
- JD242C HP 7502 Switch Chassis
- JH207A HP 7500 1.2Tbps Fabric with 2-port 40GbE QSFP+ for IRF-Only Main Processing Unit
- JH208A HP 7502 Main Processing Unit
- JH209A HP 7500 2.4Tbps Fabric with 8-port 1/10GbE SFP+ and 2-port 40GbE QSFP+ Main Processing Unit
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 5510HI (Comware 7) - Version: R1120P10
- HP Network Products
- JH145A HPE 5510 24G 4SFP+ HI 1-slot Switch
- JH146A HPE 5510 48G 4SFP+ HI 1-slot Switch
- JH147A HPE 5510 24G PoE+ 4SFP+ HI 1-slot Switch
- JH148A HPE 5510 48G PoE+ 4SFP+ HI 1-slot Switch
- JH149A HPE 5510 24G SFP 4SFP+ HI 1-slot Switch
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 5130HI (Comware 7) - Version: R1120P10
- HP Network Products
- JH323A HPE 5130 24G 4SFP+ 1-slot HI Switch
- JH324A HPE 5130 48G 4SFP+ 1-slot HI Switch
- JH325A HPE 5130 24G PoE+ 4SFP+ 1-slot HI Switch
- JH326A HPE 5130 48G PoE+ 4SFP+ 1-slot HI Switch
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 5940 - Version: R2509
- HP Network Products
- JH390A HPE FlexFabric 5940 48SFP+ 6QSFP28 Switch
- JH391A HPE FlexFabric 5940 48XGT 6QSFP28 Switch
- JH394A HPE FlexFabric 5940 48XGT 6QSFP+ Switch
- JH395A HPE FlexFabric 5940 48SFP+ 6QSFP+ Switch
- JH396A HPE FlexFabric 5940 32QSFP+ Switch
- JH397A HPE FlexFabric 5940 2-slot Switch
- JH398A HPE FlexFabric 5940 4-slot Switch
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
- 5950 - Version: R6123
- HP Network Products
- JH321A HPE FlexFabric 5950 32QSFP28 Switch
- JH402A HPE FlexFabric 5950 48SFP28 8QSFP28 Switch
- JH404A HPE FlexFabric 5950 4-slot Switch
- 12900E (Comware 7) - Version: R2609
- HP Network Products
- JG619A HP FlexFabric 12910 Switch AC Chassis
- JG621A HP FlexFabric 12910 Main Processing Unit
- JG632A HP FlexFabric 12916 Switch AC Chassis
- JG634A HP FlexFabric 12916 Main Processing Unit
- JH104A HP FlexFabric 12900E Main Processing Unit
- JH114A HP FlexFabric 12910 TAA-compliant Main Processing Unit
- JH263A HP FlexFabric 12904E Main Processing Unit
- JH255A HP FlexFabric 12908E Switch Chassis
- JH262A HP FlexFabric 12904E Switch Chassis
- JH113A HP FlexFabric 12910 TAA-compliant Switch AC Chassis
- JH103A HP FlexFabric 12916E Switch Chassis
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
iMC Products
- iNode PC 7.2 (E0410) - Version: 7.2 E0410
- HP Network Products
- JD144A HP A-IMC User Access Management Software Module with 200-user License
- JD147A HP IMC Endpoint Admission Defense Software Module with 200-user License
- JD435A HP A-IMC Endpoint Admission Defense Client Software
- JF388A HP IMC User Authentication Management Software Module with 200-user License
- JF388AAE HP IMC User Authentication Management Software Module with 200-user E-LTU
- JF391A HP IMC Endpoint Admission Defense Software Module with 200-user License
- JF391AAE HP IMC Endpoint Admission Defense Software Module with 200-user E-LTU
- JG752AAE HP IMC User Access Manager Software Module with 50-user E-LTU
- JG754AAE) HP IMC Endpoint Admission Defense Software Module with 50-user E-LTU
- CVEs
- CVE-2016-2106
- CVE-2016-2109
- CVE-2016-2176
- iMC UAM_TAM 7.2-E0409 - Version: 7.2 E0409
- HP Network Products
- JF388A HP IMC UAM S/W MODULE W/200-USER LICENSE
- JF388AAE HP IMC UAM S/W MODULE W/200-USER E-LTU
- JG752AAE HP IMC UAM SW MOD W/ 50-USER E-LTU
- JG483A HP IMC TAM S/W MODULE W/100-NODE LIC
- JG483AAE HP IMC TAM S/W MODULE W/100-NODE E-LTU
- JG764AAE HP IMC TAM SW MOD W/ 50-NODE E-LTU
- CVEs
- CVE-2016-2106
- CVE-2016-2109
- CVE-2016-2176
VCX Products
- VCX - Version: 9.8.19
- HP Network Products
- J9672A HP VCX V7205 Platform w/ DL360 G7 Srvr
- J9668A HP VCX IPC V7005 Pltfrm w/ DL120 G6 Srvr
- JC517A HP VCX V7205 Platform w/DL 360 G6 Server
- JE355A HP VCX V6000 Branch Platform 9.0
- JC516A HP VCX V7005 Platform w/DL 120 G6 Server
- JC518A HP VCX Connect 200 Primry 120 G6 Server
- J9669A HP VCX IPC V7310 Pltfrm w/ DL360 G7 Srvr
- JE341A HP VCX Connect 100 Secondary
- JE252A HP VCX Connect Primary MIM Module
- JE253A HP VCX Connect Secondary MIM Module
- JE254A HP VCX Branch MIM Module
- JE355A HP VCX V6000 Branch Platform 9.0
- JD028A HP MS30-40 RTR w/VCX + T1/FXO/FXS/Mod
- JD023A HP MSR30-40 Router with VCX MIM Module
- JD024A HP MSR30-16 RTR w/VCX Ent Br Com MIM
- JD025A HP MSR30-16 RTR w/VCX + 4FXO/2FXS Mod
- JD026A HP MSR30-16 RTR w/VCX + 8FXO/4FXS Mod
- JD027A HP MSR30-16 RTR w/VCX + 8BRI/4FXS Mod
- JD029A HP MSR30-16 RTR w/VCX + E1/4BRI/4FXS
- JE340A HP VCX Connect 100 Pri Server 9.0
- JE342A HP VCX Connect 100 Sec Server 9.0
- CVEs
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2176
Note: Please contact HPE Technical Support if any assistance is needed acquiring the software updates.
HISTORY Version:1 (rev.1) - 2 June 2017 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running Hewlett Packard Enterprise (HPE) software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HPE Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hpe.com.
Report: To report a potential security vulnerability for any HPE supported product: Web form: https://www.hpe.com/info/report-security-vulnerability Email: security-alert@hpe.com
Subscribe: To initiate a subscription to receive future HPE Security Bulletin alerts via Email: http://www.hpe.com/support/Subscriber_Choice
Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://www.hpe.com/support/Security_Bulletin_Archive
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HPE General Software HF = HPE Hardware and Firmware MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PV = ProCurve ST = Storage Software UX = HP-UX
Copyright 2016 Hewlett Packard Enterprise
Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett Packard Enterprise and the names of Hewlett Packard Enterprise products referenced herein are trademarks of Hewlett Packard Enterprise in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.
Gentoo Linux Security Advisory GLSA 201612-16
https://security.gentoo.org/
Severity: Normal Title: OpenSSL: Multiple vulnerabilities Date: December 07, 2016 Bugs: #581234, #585142, #585276, #591454, #592068, #592074, #592082, #594500, #595186 ID: 201612-16
Synopsis
Multiple vulnerabilities have been found in OpenSSL, the worst of which allows attackers to conduct a time based side-channel attack.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-libs/openssl < 1.0.2j >= 1.0.2j
Description
Multiple vulnerabilities have been discovered in OpenSSL. Please review the CVE identifiers and the International Association for Cryptologic Research's (IACR) paper, "Make Sure DSA Signing Exponentiations Really are Constant-Time" for further details. Additionally, a time based side-channel attack may allow a local attacker to recover a private DSA key.
Workaround
There is no known workaround at this time.
Resolution
All OpenSSL users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/openssl-1.0.2j"
References
[ 1 ] CVE-2016-2105 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2105 [ 2 ] CVE-2016-2106 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2106 [ 3 ] CVE-2016-2107 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2107 [ 4 ] CVE-2016-2108 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2108 [ 5 ] CVE-2016-2109 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2109 [ 6 ] CVE-2016-2176 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2176 [ 7 ] CVE-2016-2177 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2177 [ 8 ] CVE-2016-2178 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2178 [ 9 ] CVE-2016-2180 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2180 [ 10 ] CVE-2016-2183 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2183 [ 11 ] CVE-2016-6304 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6304 [ 12 ] CVE-2016-6305 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6305 [ 13 ] CVE-2016-6306 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6306 [ 14 ] CVE-2016-7052 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7052 [ 15 ] Make Sure DSA Signing Exponentiations Really are Constant-Time http://eprint.iacr.org/2016/594.pdf
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201612-16
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
.
Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patches/packages/openssl-1.0.1t-i486-1_slack14.1.txz: Upgraded. +--------------------------+
Where to find the new packages: +-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.
Updated packages for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-1.0.1t-i486-1_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-solibs-1.0.1t-i486-1_slack14.0.txz
Updated packages for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-1.0.1t-x86_64-1_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-solibs-1.0.1t-x86_64-1_slack14.0.txz
Updated packages for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-1.0.1t-i486-1_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-solibs-1.0.1t-i486-1_slack14.1.txz
Updated packages for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-1.0.1t-x86_64-1_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-solibs-1.0.1t-x86_64-1_slack14.1.txz
Updated packages for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-1.0.2h-i586-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-1.0.2h-i586-1.txz
Updated packages for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/openssl-solibs-1.0.2h-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssl-1.0.2h-x86_64-1.txz
MD5 signatures: +-------------+
Slackware 14.0 packages: 033bd9509aeb07712e6bb3adf89c18e4 openssl-1.0.1t-i486-1_slack14.0.txz 9e91d781e33f7af80cbad08b245e84ed openssl-solibs-1.0.1t-i486-1_slack14.0.txz
Slackware x86_64 14.0 packages: e5c77ec16e3f2fcb2f1d53d84a6ba951 openssl-1.0.1t-x86_64-1_slack14.0.txz 2de7b6196a905233036d7f38008984bd openssl-solibs-1.0.1t-x86_64-1_slack14.0.txz
Slackware 14.1 packages: 96dcae05ae2f585c30de852a55eb870f openssl-1.0.1t-i486-1_slack14.1.txz 59618b061e62fd9d73ba17df7626b2e7 openssl-solibs-1.0.1t-i486-1_slack14.1.txz
Slackware x86_64 14.1 packages: 3d5ebfce099917703d537ab603e58a9b openssl-1.0.1t-x86_64-1_slack14.1.txz bf3a6bbdbe835dd2ce73333822cc9f06 openssl-solibs-1.0.1t-x86_64-1_slack14.1.txz
Slackware -current packages: 4889a10c5f3aa7104167c7d50eedf7ea a/openssl-solibs-1.0.2h-i586-1.txz 8e3439f35c3cb4e11ca64eebb238a52f n/openssl-1.0.2h-i586-1.txz
Slackware x86_64 -current packages: b4a852bb7e86389ec228288ccb7e79bb a/openssl-solibs-1.0.2h-x86_64-1.txz bcf9dc7bb04173f002644e3ce33ab4ab n/openssl-1.0.2h-x86_64-1.txz
Installation instructions: +------------------------+
Upgrade the packages as root:
upgradepkg openssl-1.0.1t-i486-1_slack14.1.txz openssl-solibs-1.0.1t-i486-1_slack14.1.txz
Then, reboot the machine or restart any network services that use OpenSSL.
+-----+
Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com
+------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. Description:
Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7.
This release includes bug fixes and enhancements, as well as a new release of OpenSSL that addresses a number of outstanding security flaws. For further information, see the knowledge base article linked to in the References section. The JBoss server process must be restarted for the update to take effect. (CVE-2016-2108)
-
Multiple flaws were found in the way httpd parsed HTTP requests and responses using chunked transfer encoding. A remote attacker could use these flaws to create a specially crafted request, which httpd would decode differently from an HTTP proxy software in front of it, possibly leading to HTTP request smuggling attacks. (CVE-2015-3195)
-
A flaw was found in the way the TLS protocol composes the Diffie-Hellman exchange (for both export and non-export grade cipher suites). An attacker could use this flaw to downgrade a DHE connection to use export-grade key sizes, which could then be broken by sufficient pre-computation. This can lead to a passive man-in-the-middle attack in which the attacker is able to decrypt all traffic. (CVE-2016-2106)
-
It was discovered that it is possible to remotely Segfault Apache http server with a specially crafted string sent to the mod_cluster via service messages (MCMP). (CVE-2016-2109)
-
It was discovered that specifying configuration with a JVMRoute path longer than 80 characters will cause segmentation fault leading to a server crash. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: openssl security update Advisory ID: RHSA-2016:0722-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-0722.html Issue date: 2016-05-09 CVE Names: CVE-2016-0799 CVE-2016-2105 CVE-2016-2106 CVE-2016-2107 CVE-2016-2108 CVE-2016-2109 CVE-2016-2842 =====================================================================
- Summary:
An update for openssl is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
- Description:
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.
Security Fix(es):
-
A flaw was found in the way OpenSSL encoded certain ASN.1 data structures. An attacker could use this flaw to create a specially crafted certificate which, when verified or re-encoded by OpenSSL, could cause it to crash, or execute arbitrary code using the permissions of the user running an application compiled against the OpenSSL library. (CVE-2016-2108)
-
Two integer overflow flaws, leading to buffer overflows, were found in the way the EVP_EncodeUpdate() and EVP_EncryptUpdate() functions of OpenSSL parsed very large amounts of input data. (CVE-2016-2105, CVE-2016-2106)
-
It was discovered that OpenSSL leaked timing information when decrypting TLS/SSL and DTLS protocol encrypted records when the connection used the AES CBC cipher suite and the server supported AES-NI. A remote attacker could possibly use this flaw to retrieve plain text from encrypted packets by using a TLS/SSL or DTLS server as a padding oracle. (CVE-2016-2107)
-
Several flaws were found in the way BIO_*printf functions were implemented in OpenSSL. Applications which passed large amounts of untrusted data through these functions could crash or potentially execute code with the permissions of the user running such an application. (CVE-2016-0799, CVE-2016-2842)
-
A denial of service flaw was found in the way OpenSSL parsed certain ASN.1-encoded data from BIO (OpenSSL's I/O abstraction) inputs. An application using OpenSSL that accepts untrusted ASN.1 BIO input could be forced to allocate an excessive amount of data. (CVE-2016-2109)
Red Hat would like to thank the OpenSSL project for reporting CVE-2016-2108, CVE-2016-2842, CVE-2016-2105, CVE-2016-2106, CVE-2016-2107, and CVE-2016-0799. Upstream acknowledges Huzaifa Sidhpurwala (Red Hat), Hanno Böck, and David Benjamin (Google) as the original reporters of CVE-2016-2108; Guido Vranken as the original reporter of CVE-2016-2842, CVE-2016-2105, CVE-2016-2106, and CVE-2016-0799; and Juraj Somorovsky as the original reporter of CVE-2016-2107.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.
- Bugs fixed (https://bugzilla.redhat.com/):
1312219 - CVE-2016-0799 OpenSSL: Fix memory issues in BIO_*printf functions 1314757 - CVE-2016-2842 openssl: doapr_outch function does not verify that certain memory allocation succeeds 1330101 - CVE-2016-2109 openssl: ASN.1 BIO handling of large amounts of data 1331402 - CVE-2016-2108 openssl: Memory corruption in the ASN.1 encoder 1331426 - CVE-2016-2107 openssl: Padding oracle in AES-NI CBC MAC check 1331441 - CVE-2016-2105 openssl: EVP_EncodeUpdate overflow 1331536 - CVE-2016-2106 openssl: EVP_EncryptUpdate overflow
- Package List:
Red Hat Enterprise Linux Client (v. 7):
Source: openssl-1.0.1e-51.el7_2.5.src.rpm
x86_64: openssl-1.0.1e-51.el7_2.5.x86_64.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.x86_64.rpm openssl-libs-1.0.1e-51.el7_2.5.i686.rpm openssl-libs-1.0.1e-51.el7_2.5.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64: openssl-debuginfo-1.0.1e-51.el7_2.5.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.x86_64.rpm openssl-devel-1.0.1e-51.el7_2.5.i686.rpm openssl-devel-1.0.1e-51.el7_2.5.x86_64.rpm openssl-perl-1.0.1e-51.el7_2.5.x86_64.rpm openssl-static-1.0.1e-51.el7_2.5.i686.rpm openssl-static-1.0.1e-51.el7_2.5.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: openssl-1.0.1e-51.el7_2.5.src.rpm
x86_64: openssl-1.0.1e-51.el7_2.5.x86_64.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.x86_64.rpm openssl-libs-1.0.1e-51.el7_2.5.i686.rpm openssl-libs-1.0.1e-51.el7_2.5.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
x86_64: openssl-debuginfo-1.0.1e-51.el7_2.5.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.x86_64.rpm openssl-devel-1.0.1e-51.el7_2.5.i686.rpm openssl-devel-1.0.1e-51.el7_2.5.x86_64.rpm openssl-perl-1.0.1e-51.el7_2.5.x86_64.rpm openssl-static-1.0.1e-51.el7_2.5.i686.rpm openssl-static-1.0.1e-51.el7_2.5.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: openssl-1.0.1e-51.el7_2.5.src.rpm
ppc64: openssl-1.0.1e-51.el7_2.5.ppc64.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.ppc.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.ppc64.rpm openssl-devel-1.0.1e-51.el7_2.5.ppc.rpm openssl-devel-1.0.1e-51.el7_2.5.ppc64.rpm openssl-libs-1.0.1e-51.el7_2.5.ppc.rpm openssl-libs-1.0.1e-51.el7_2.5.ppc64.rpm
ppc64le: openssl-1.0.1e-51.el7_2.5.ppc64le.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.ppc64le.rpm openssl-devel-1.0.1e-51.el7_2.5.ppc64le.rpm openssl-libs-1.0.1e-51.el7_2.5.ppc64le.rpm
s390x: openssl-1.0.1e-51.el7_2.5.s390x.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.s390.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.s390x.rpm openssl-devel-1.0.1e-51.el7_2.5.s390.rpm openssl-devel-1.0.1e-51.el7_2.5.s390x.rpm openssl-libs-1.0.1e-51.el7_2.5.s390.rpm openssl-libs-1.0.1e-51.el7_2.5.s390x.rpm
x86_64: openssl-1.0.1e-51.el7_2.5.x86_64.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.x86_64.rpm openssl-devel-1.0.1e-51.el7_2.5.i686.rpm openssl-devel-1.0.1e-51.el7_2.5.x86_64.rpm openssl-libs-1.0.1e-51.el7_2.5.i686.rpm openssl-libs-1.0.1e-51.el7_2.5.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64: openssl-debuginfo-1.0.1e-51.el7_2.5.ppc.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.ppc64.rpm openssl-perl-1.0.1e-51.el7_2.5.ppc64.rpm openssl-static-1.0.1e-51.el7_2.5.ppc.rpm openssl-static-1.0.1e-51.el7_2.5.ppc64.rpm
ppc64le: openssl-debuginfo-1.0.1e-51.el7_2.5.ppc64le.rpm openssl-perl-1.0.1e-51.el7_2.5.ppc64le.rpm openssl-static-1.0.1e-51.el7_2.5.ppc64le.rpm
s390x: openssl-debuginfo-1.0.1e-51.el7_2.5.s390.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.s390x.rpm openssl-perl-1.0.1e-51.el7_2.5.s390x.rpm openssl-static-1.0.1e-51.el7_2.5.s390.rpm openssl-static-1.0.1e-51.el7_2.5.s390x.rpm
x86_64: openssl-debuginfo-1.0.1e-51.el7_2.5.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.x86_64.rpm openssl-perl-1.0.1e-51.el7_2.5.x86_64.rpm openssl-static-1.0.1e-51.el7_2.5.i686.rpm openssl-static-1.0.1e-51.el7_2.5.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: openssl-1.0.1e-51.el7_2.5.src.rpm
x86_64: openssl-1.0.1e-51.el7_2.5.x86_64.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.x86_64.rpm openssl-devel-1.0.1e-51.el7_2.5.i686.rpm openssl-devel-1.0.1e-51.el7_2.5.x86_64.rpm openssl-libs-1.0.1e-51.el7_2.5.i686.rpm openssl-libs-1.0.1e-51.el7_2.5.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64: openssl-debuginfo-1.0.1e-51.el7_2.5.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.5.x86_64.rpm openssl-perl-1.0.1e-51.el7_2.5.x86_64.rpm openssl-static-1.0.1e-51.el7_2.5.i686.rpm openssl-static-1.0.1e-51.el7_2.5.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2016-0799 https://access.redhat.com/security/cve/CVE-2016-2105 https://access.redhat.com/security/cve/CVE-2016-2106 https://access.redhat.com/security/cve/CVE-2016-2107 https://access.redhat.com/security/cve/CVE-2016-2108 https://access.redhat.com/security/cve/CVE-2016-2109 https://access.redhat.com/security/cve/CVE-2016-2842 https://access.redhat.com/security/updates/classification/#important
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFXMFlTXlSAg2UNWIIRAhYAAJ0T9Ib2vXUa5te34i6fphHrbe0HlwCfePy5 WjaK8x9OaI0FgbWyfxvwq6o= =jHjh -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce. 6.7) - i386, ppc64, s390x, x86_64
A security vulnerability in QEMU was addressed by HPE Helion OpenStack. The vulnerability could be exploited resulting in local unauthorized data access. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
APPLE-SA-2016-07-18-1 OS X El Capitan v10.11.6 and Security Update 2016-004
OS X El Capitan v10.11.6 and Security Update 2016-004 is now available and addresses the following:
apache_mod_php
Available for:
OS X Yosemite v10.10.5 and OS X El Capitan v10.11 and later
Impact: A remote attacker may be able to execute arbitrary code
Description: Multiple issues existed in PHP versions prior to
5.5.36. These were addressed by updating PHP to version 5.5.36.
CVE-2016-4650
Audio Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed through improved memory handling. CVE-2016-4647 : Juwei Lin (@fuzzerDOTcn) of Trend Micro
Audio Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to determine kernel memory layout Description: An out-of-bounds read was addressed through improved input validation. CVE-2016-4648 : Juwei Lin(@fuzzerDOTcn) of Trend Micro
Audio Available for: OS X El Capitan v10.11 and later Impact: Parsing a maliciously crafted audio file may lead to the disclosure of user information Description: An out-of-bounds read was addressed through improved bounds checking. CVE-2016-4646 : Steven Seeley of Source Incite working with Trend Micro's Zero Day Initiative
Audio Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to cause a system denial of service Description: A null pointer dereference was addressed through improved input validation. CVE-2016-4649 : Juwei Lin(@fuzzerDOTcn) of Trend Micro
bsdiff Available for: OS X El Capitan v10.11 and later Impact: A local attacker may be able to cause unexpected application termination or arbitrary code execution Description: An integer overflow existed in bspatch. This issue was addressed through improved bounds checking. CVE-2014-9862 : an anonymous researcher
CFNetwork Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to view sensitive user information Description: A permissions issue existed in the handling of web browser cookies. This issue was addressed through improved restrictions. CVE-2016-4645 : Abhinav Bansal of Zscaler Inc.
CoreGraphics Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later Impact: A remote attacker may be able to execute arbitrary code Description: A memory corruption issue was addressed through improved memory handling. CVE-2016-4637 : Tyler Bohan of Cisco Talos (talosintel.com /vulnerability-reports)
CoreGraphics Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to elevate privileges Description: An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed through improved input validation. CVE-2016-4652 : Yubin Fu of Tencent KeenLab working with Trend Micro's Zero Day Initiative
FaceTime Available for: OS X El Capitan v10.11 and later Impact: An attacker in a privileged network position may be able to cause a relayed call to continue transmitting audio while appearing as if the call terminated Description: User interface inconsistencies existed in the handling of relayed calls. These issues were addressed through improved FaceTime display logic. CVE-2016-4635 : Martin Vigo
Graphics Drivers Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed through improved input validation. CVE-2016-4634 : Stefan Esser of SektionEins
ImageIO Available for: OS X El Capitan v10.11 and later Impact: A remote attacker may be able to cause a denial of service Description: A memory consumption issue was addressed through improved memory handling. CVE-2016-4632 : Evgeny Sidorov of Yandex
ImageIO Available for: OS X El Capitan v10.11 and later Impact: A remote attacker may be able to execute arbitrary code Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-4631 : Tyler Bohan of Cisco Talos (talosintel.com /vulnerability-reports)
ImageIO Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later Impact: A remote attacker may be able to execute arbitrary code Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-4629 : Tyler Bohan of Cisco Talos (talosintel.com /vulnerability-reports) CVE-2016-4630 : Tyler Bohan of Cisco Talos (talosintel.com /vulnerability-reports)
Intel Graphics Driver Available for: OS X El Capitan v10.11 and later Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-4633 : an anonymous researcher
IOHIDFamily Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A null pointer dereference was addressed through improved input validation. CVE-2016-4626 : Stefan Esser of SektionEins
IOSurface Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A use-after-free was addressed through improved memory management. CVE-2016-4625 : Ian Beer of Google Project Zero
Kernel Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-1863 : Ian Beer of Google Project Zero CVE-2016-1864 : Ju Zhu of Trend Micro CVE-2016-4582 : Shrek_wzw and Proteas of Qihoo 360 Nirvan Team
Kernel Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to cause a system denial of service Description: A null pointer dereference was addressed through improved input validation. CVE-2016-1865 : CESG, Marco Grassi (@marcograss) of KeenLab (@keen_lab), Tencent
libc++abi Available for: OS X El Capitan v10.11 and later Impact: An application may be able to execute arbitrary code with root privileges Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-4621 : an anonymous researcher
libexpat Available for: OS X El Capitan v10.11 and later Impact: Processing maliciously crafted XML may lead to unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-0718 : Gustavo Grieco
LibreSSL Available for: OS X El Capitan v10.11 and later Impact: A remote attacker may be able to execute arbitrary code Description: Multiple issues existed in LibreSSL before 2.2.7. These were addressed by updating LibreSSL to version 2.2.7. CVE-2016-2108 : Huzaifa Sidhpurwala (Red Hat), Hanno Boeck, David Benjamin (Google) Mark Brand, Ian Beer of Google Project Zero CVE-2016-2109 : Brian Carpenter
libxml2 Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later Impact: Parsing a maliciously crafted XML document may lead to disclosure of user information Description: An access issue existed in the parsing of maliciously crafted XML files. This issue was addressed through improved input validation. CVE-2016-4449 : Kostya Serebryany
libxml2 Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later Impact: Multiple vulnerabilities in libxml2 Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-1836 : Wei Lei and Liu Yang of Nanyang Technological University CVE-2016-4447 : Wei Lei and Liu Yang of Nanyang Technological University CVE-2016-4448 : Apple CVE-2016-4483 : Gustavo Grieco CVE-2016-4614 : Nick Wellnhofe CVE-2016-4615 : Nick Wellnhofer CVE-2016-4616 : Michael Paddon CVE-2016-4619 : Hanno Boeck
libxslt Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later Impact: Multiple vulnerabilities in libxslt Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-1684 : Nicolas GrA(c)goire CVE-2016-4607 : Nick Wellnhofer CVE-2016-4608 : Nicolas GrA(c)goire CVE-2016-4609 : Nick Wellnhofer CVE-2016-4610 : Nick Wellnhofer CVE-2016-4612 : Nicolas GrA(c)goire
Login Window Available for: OS X El Capitan v10.11 and later Impact: A malicious application may be able to execute arbitrary code leading to compromise of user information Description: A memory corruption issue was addressed through improved input validation. CVE-2016-4640 : Yubin Fu of Tencent KeenLab working with Trend Micro's Zero Day Initiative
Login Window Available for: OS X El Capitan v10.11 and later Impact: A malicious application may be able to execute arbitrary code leading to the compromise of user information Description: A type confusion issue was addressed through improved memory handling. CVE-2016-4641 : Yubin Fu of Tencent KeenLab working with Trend Micro's Zero Day Initiative
Login Window Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to cause a denial of service Description: A memory initialization issue was addressed through improved memory handling. CVE-2016-4639 : Yubin Fu of Tencent KeenLab working with Trend Micro's Zero Day Initiative
Login Window Available for: OS X El Capitan v10.11 and later Impact: A malicious application may be able to gain root privileges Description: A type confusion issue was addressed through improved memory handling. CVE-2016-4638 : Yubin Fu of Tencent KeenLab working with Trend Micro's Zero Day Initiative
OpenSSL Available for: OS X El Capitan v10.11 and later Impact: A remote attacker may be able to execute arbitrary code Description: Multiple issues existed in OpenSSL. These issues were resolved by backporting the fixes from OpenSSL 1.0.2h/1.0.1 to OpenSSL 0.9.8. CVE-2016-2105 : Guido Vranken CVE-2016-2106 : Guido Vranken CVE-2016-2107 : Juraj Somorovsky CVE-2016-2108 : Huzaifa Sidhpurwala (Red Hat), Hanno Boeck, David Benjamin (Google), Mark Brand and Ian Beer of Google Project Zero CVE-2016-2109 : Brian Carpenter CVE-2016-2176 : Guido Vranken
QuickTime Available for: OS X El Capitan v10.11 and later Impact: Processing a maliciously crafted FlashPix Bitmap Image may lead to unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-4596 : Ke Liu of Tencent's Xuanwu Lab CVE-2016-4597 : Ke Liu of Tencent's Xuanwu Lab CVE-2016-4600 : Ke Liu of Tencent's Xuanwu Lab CVE-2016-4602 : Ke Liu of Tencent's Xuanwu Lab
QuickTime Available for: OS X El Capitan v10.11 and later Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved input validation. CVE-2016-4598 : Ke Liu of Tencent's Xuanwu Lab
QuickTime Available for: OS X El Capitan v10.11 and later Impact: Processing a maliciously crafted SGI file may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved input validation. CVE-2016-4601 : Ke Liu of Tencent's Xuanwu Lab
QuickTime Available for: OS X El Capitan v10.11 and later Impact: Processing a maliciously crafted Photoshop document may lead to unexpected application termination or arbitrary code execution Description: A memory corruption issue was addressed through improved input validation. CVE-2016-4599 : Ke Liu of Tencent's Xuanwu Lab
Safari Login AutoFill Available for: OS X El Capitan v10.11 and later Impact: A user's password may be visible on screen Description: An issue existed in Safari's password auto-fill. This issue was addressed through improved matching of form fields. CVE-2016-4595 : Jonathan Lewis from DeARX Services (PTY) LTD
Sandbox Profiles Available for: OS X El Capitan v10.11 and later Impact: A local application may be able to access the process list Description: An access issue existed with privileged API calls. This issue was addressed through additional restrictions. CVE-2016-4594 : Stefan Esser of SektionEins
Note: OS X El Capitan 10.11.6 includes the security content of Safari 9.1.2. For further details see https://support.apple.com/kb/HT206900
OS X El Capitan v10.11.6 and Security Update 2016-004 may be obtained from the Mac App Store or Apple's Software Downloads web site: http://www.apple.com/support/downloads/
Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org
iQIcBAEBCgAGBQJXjXAvAAoJEIOj74w0bLRG/5EP/2v9SJTrO+/4b3A1gqC1ch8y +cJ04tXRsO7rvjKT5nCylo30U0Sanz/bUbDx4559YS7/P/IyeyZVheaTJwK8wzEy pSOPpy35hUuVIw0/p4YsuHDThSBPFMmDljTxH7elkfuBV1lPSrCkyDXc0re2HxWV xj68zAxtM0jkkhgcxb2ApZSZVXhrjUZtbY0xEVOoWKKFwbMvKfx+4xSqunwQeS1u wevs1EbxfvsZbc3pG+xYcOonbegBzOy9aCvNO1Yv1zG+AYXC5ERMq1vk3PsWOTQN ZVY1I7mvCaEfvmjq2isRw8XYapAIKISDLwMKBSYrZDQFwPQLRi1VXxQZ67Kq1M3k ah04/lr0RIcoosIcBqxD2+1UAFjUzEUNFkYivjhuaeegN2QdL7Ujegf1QjdAt8lk mmKduxYUDOaRX50Kw7n14ZveJqzE1D5I6QSItaZ9M1vR60a7u91DSj9D87vbt1YC JM/Rvf/4vonp1NjwA2JQwCiZfYliBDdn9iiCl8mzxdsSRD/wXcZCs05nnKmKsCfc 55ET7IwdG3622lVheOJGQZuucwJiTn36zC11XVzZysQd/hLD5rUKUQNX1WOgZdzs xPsslXF5MWx9jcdyWVSWxDrN0sFk+GpQFQDuVozP60xuxqR3qQ0TXir2NP39uIF5 YozOGPQFmX0OviWCQsX6 =ng+m -----END PGP SIGNATURE----- .
The References section of this erratum contains a download link (you must log in to download the update)
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201605-0078",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "enterprise linux hpc node eus",
"scope": "eq",
"trust": 1.3,
"vendor": "redhat",
"version": "7.2"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.3,
"vendor": "redhat",
"version": "7.2"
},
{
"model": "enterprise linux server eus",
"scope": "eq",
"trust": 1.3,
"vendor": "redhat",
"version": "7.2"
},
{
"model": "android",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "4.4.1"
},
{
"model": "android",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "4.1"
},
{
"model": "android",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "4.0.1"
},
{
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2a"
},
{
"model": "android",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "4.4.3"
},
{
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "android",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "4.3"
},
{
"model": "android",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "4.0.2"
},
{
"model": "openssl",
"scope": "lte",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1n"
},
{
"model": "android",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "4.1.2"
},
{
"model": "android",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "4.3.1"
},
{
"model": "android",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "5.1.0"
},
{
"model": "android",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "6.0.1"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "android",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "5.0"
},
{
"model": "android",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "4.0.4"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "android",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "4.2"
},
{
"model": "android",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "4.4"
},
{
"model": "android",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "5.0.1"
},
{
"model": "android",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "6.0"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "android",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "4.0.3"
},
{
"model": "android",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "4.2.1"
},
{
"model": "android",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "4.4.2"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2b"
},
{
"model": "android",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "4.2.2"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "android",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "5.1"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "android",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": "4.0"
},
{
"model": "esmpro/serveragentservice",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "all versions (linux)"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "(v. 7)"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "foundation v8.2 to v8.5"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "(v. 7)"
},
{
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "(v. 6)"
},
{
"model": "ucosminexus developer standard",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "enterprise linux hpc node eus",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "(v. 7.2)"
},
{
"model": "android",
"scope": null,
"trust": 0.8,
"vendor": "google",
"version": null
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v3.0"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "/sg series univerge sg3000lg/lj"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v6.2"
},
{
"model": "cosminexus developer version 5",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "(v. 7)"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v7.1"
},
{
"model": "cosminexus primary server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "base version 6"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "(v. 7.2)"
},
{
"model": "openssl",
"scope": "lt",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.2"
},
{
"model": "websam",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "7.0"
},
{
"model": "hpe helion openstack",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "2.1"
},
{
"model": "cosminexus developer standard version 6",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus developer professional version 6",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "professional for plug-in"
},
{
"model": "web server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "none"
},
{
"model": "ucosminexus service platform",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "- messaging"
},
{
"model": "ip38x/3000",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "cosminexus application server version 5",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ip38x/1200",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.1o"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "st ard v8.2 to v9.4"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v3.1"
},
{
"model": "websam",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "netvisorpro 6.1"
},
{
"model": "ip38x/810",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "webotx enterprise service bus",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v8.2 to v9.3"
},
{
"model": "ip38x/n500",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "ucosminexus developer light",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "/sg series sg3600lm/lg/lj v6.1"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "(v. 6)"
},
{
"model": "cosminexus developer light version 6",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "st ard-r"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "(v. 6)"
},
{
"model": "ucosminexus service platform",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "none"
},
{
"model": "capssuite",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v3.0 to v4.0"
},
{
"model": "univerge",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "business connect v7.1.1"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v4.0"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "10.11 and later"
},
{
"model": "enterprise linux server eus",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "(v. 7.2)"
},
{
"model": "ip38x/sr100",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "cosminexus application server enterprise",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 6"
},
{
"model": "hpe helion openstack",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "2.1.2"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "(v. 6)"
},
{
"model": "cosminexus primary server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 6"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v8.0"
},
{
"model": "hpe helion openstack",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "2.0"
},
{
"model": "websam",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "6.2"
},
{
"model": "enterprisedirectoryserver",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "ver6.1 to v8.0"
},
{
"model": "secureware/pki application development kit",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "ver3.2"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v7.0"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "/sg series intersecvm/sg v1.2"
},
{
"model": "ip38x/1210",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "ucosminexus primary server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "base"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "express v8.2 to v9.4"
},
{
"model": "ucosminexus service architect",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server enterprise",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "(v. 7)"
},
{
"model": "cosminexus application server standard",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 6"
},
{
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "express"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "enterprise v8.2 to v9.4"
},
{
"model": "web server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "- security enhancement"
},
{
"model": "hpe helion openstack",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "2.1.4"
},
{
"model": "ip38x/3500",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "ip38x/fw120",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "01"
},
{
"model": "openssl",
"scope": "lt",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.2c"
},
{
"model": "ip38x/5000",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "ucosminexus application server standard",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "professional"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v8.2"
},
{
"model": "ucosminexus application server smart edition",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "registered envelope service",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence video communication server",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "0"
},
{
"model": "paging server",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": "11.5.1"
},
{
"model": "nexus series switches 5.2 sv3",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": "1000v"
},
{
"model": "network performance analytics",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "0"
},
{
"model": "ironport encryption appliance",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "0"
},
{
"model": "spa51x series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mate collector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ata series analog terminal adaptor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1900"
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "security network controller 1.0.3361m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "telepresence server on virtual machine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "network health framework",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "spa232d multi-line dect ata",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2"
},
{
"model": "show and share",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(1)"
},
{
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.2.1"
},
{
"model": "unified series ip phones",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "780011.5.2"
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.3.0.0"
},
{
"model": "clean access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "purview",
"scope": "ne",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "7.0"
},
{
"model": "lancope stealthwatch flowcollector netflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8"
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(3.10000.9)"
},
{
"model": "hosted collaboration mediation fulfillment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.6(3)"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.3"
},
{
"model": "proactive network operations center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence server mr2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "87104.2"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.40"
},
{
"model": "emergency responder",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"model": "video distribution suite for internet streaming",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3.2"
},
{
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.2"
},
{
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.6.0"
},
{
"model": "video surveillance media server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11"
},
{
"model": "project openssl 1.0.1e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "protectier entry edition ts7610 ts7620",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "-/2.4"
},
{
"model": "lancope stealthwatch udp director",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.2"
},
{
"model": "xenserver service pack",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "6.21"
},
{
"model": "nexus series blade switches 0.9.8zf",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4000"
},
{
"model": "protectier gateway for system z",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"model": "telepresence isdn link",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.1.6"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.5"
},
{
"model": "telepresence sx series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.3.7"
},
{
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32400"
},
{
"model": "project openssl 1.0.1a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5.1.6"
},
{
"model": "unified intelligent contact management enterprise",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.51"
},
{
"model": "helion openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "85100"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5.1.131"
},
{
"model": "unified workforce optimization",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.1"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"model": "lancope stealthwatch flowcollector netflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.1"
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.2"
},
{
"model": "mediasense 9.0",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "abyp-4tl-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "powerkvm",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"model": "cognos business intelligence interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.119"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1209"
},
{
"model": "asr series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50000"
},
{
"model": "protectier appliance edition ts7650ap1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "-3.1"
},
{
"model": "helion openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4.0.0"
},
{
"model": "edge digital media player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3400"
},
{
"model": "enterprise content delivery system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.8"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.2"
},
{
"model": "prime collaboration assurance sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(1)"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.3"
},
{
"model": "workload deployer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.16"
},
{
"model": "unified contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"model": "intelligent automation for cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "extremexos",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "15.7.4"
},
{
"model": "jabber guest",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0(2)"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3361"
},
{
"model": "unified ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "69010"
},
{
"model": "prime security manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9.5.4.3"
},
{
"model": "protectier appliance edition ts7650ap1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "-3.4"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.13-34"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"model": "extremexos",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "16.1"
},
{
"model": "im and presence service",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"model": "ata analog telephone adaptor",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1879.2.5"
},
{
"model": "jabber guest",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ucs central 1.5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "show and share",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5(2)"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.1"
},
{
"model": "real-time compression appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.2"
},
{
"model": "cloud manager with openstack interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.3"
},
{
"model": "prime license manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "prime collaboration deployment",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"model": "series ip phones vpn feature",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8800-11.5.2"
},
{
"model": "mobile foundation consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.0.1"
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3394"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.2"
},
{
"model": "visual quality experience server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "protectier enterprise edition ts7650g",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "-3.3"
},
{
"model": "flex system fabric si4093 system interconnect module",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.14.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "anyconnect secure mobility client for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3"
},
{
"model": "content security management appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "websphere application server ~~liberty",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.3-"
},
{
"model": "agent for openflow",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.4.0"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1"
},
{
"model": "protectier gateway for system z",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.5"
},
{
"model": "image construction and composition tool",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.1.0"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.1"
},
{
"model": "webex recording playback client",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime collaboration assurance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "asa next-generation firewall services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence content server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tandberg codian mse model",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83200"
},
{
"model": "local collector appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2.8"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.2"
},
{
"model": "sterling connect:direct for hp nonstop",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.1"
},
{
"model": "digital media players series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44000"
},
{
"model": "mds series multilayer switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "90008.3"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.16-37"
},
{
"model": "nexus series switches 7.3.1nx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"model": "opensuse evergreen",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.4"
},
{
"model": "prime infrastructure standalone plug and play gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "identifi wireless",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "10.11"
},
{
"model": "webex meetings for blackberry",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "spa50x series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 1.0.1o",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "security identity manager virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.3"
},
{
"model": "lancope stealthwatch flowcollector sflow",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 1.0.1g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "media experience engines",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.5.1"
},
{
"model": "exalogic infrastructure",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2.0"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.4"
},
{
"model": "telepresence integrator c series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.3.7"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "anyconnect secure mobility client",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.1"
},
{
"model": "workload deployer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"model": "telepresence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "87100"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.1"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.4-23"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.25-57"
},
{
"model": "flex system en2092 1gb ethernet scalable switch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.14.0"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.18-43"
},
{
"model": "helion openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"model": "cloud manager with openstack interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.5"
},
{
"model": "workload deployer if12",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.7"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"model": "media services interface",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus intercloud",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1000v0"
},
{
"model": "media experience engines",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.5"
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.0"
},
{
"model": "extremexos",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "16.1.3"
},
{
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.1"
},
{
"model": "ips",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 1.0.1i",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.4.2"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70000"
},
{
"model": "unified workforce optimization quality management sr3 es5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.0"
},
{
"model": "qradar",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "meetingplace",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.7"
},
{
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0.1"
},
{
"model": "security identity manager virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.2"
},
{
"model": "protectier entry edition ts7610 ts7620",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "-/3.1"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.913"
},
{
"model": "xenserver common criteria",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "6.0.2"
},
{
"model": "unified attendant console advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime access registrar",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.0.1.7"
},
{
"model": "webex messenger service ep1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.9.9"
},
{
"model": "anyconnect secure mobility client for ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.3"
},
{
"model": "mediasense",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5.1"
},
{
"model": "unified ip phone 9.4.2sr3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8961"
},
{
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.1.1"
},
{
"model": "unified wireless ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "websphere application server liberty pr",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.0-"
},
{
"model": "spa122 ata with router",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.4.5"
},
{
"model": "media experience engines",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meeting center",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.9.1"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.2"
},
{
"model": "lancope stealthwatch flowcollector netflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.2"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "webex node for mcs",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.12.9.8"
},
{
"model": "jabber for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance 4300e/4500e high-definition ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2.8"
},
{
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.0.0"
},
{
"model": "cloud manager with openstack interix fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.3"
},
{
"model": "unified sip proxy",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "virtual security gateway for microsoft hyper-v",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(1)"
},
{
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32100"
},
{
"model": "identifi",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "10.01"
},
{
"model": "unified attendant console premium edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "digital media players series 5.4 rb",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4300"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.11-28"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"model": "qradar",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.31"
},
{
"model": "prime optical for sps",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "pureapplication system",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1"
},
{
"model": "project openssl 1.0.2c",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "abyp-2t-1s-1l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "mds series multilayer switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "90006.2.17"
},
{
"model": "icewall sso agent option",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10"
},
{
"model": "nac appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "7.0"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.19"
},
{
"model": "security network controller 1.0.3350m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "anyconnect secure mobility client for linux",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3"
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0.0"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.03"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.0.997"
},
{
"model": "anyconnect secure mobility client for os",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x4.3"
},
{
"model": "unified ip phone series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "79000"
},
{
"model": "anyconnect secure mobility client for android",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3"
},
{
"model": "lancope stealthwatch flowsensor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "connected analytics for collaboration 1.0.1q",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.20"
},
{
"model": "jabber guest",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.0"
},
{
"model": "abyp-2t-1s-1l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "show and share",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(2)"
},
{
"model": "identifi wireless",
"scope": "ne",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "10.11.1"
},
{
"model": "lancope stealthwatch flowcollector sflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.7.3"
},
{
"model": "mmp server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "13.2"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.30.0-13"
},
{
"model": "abyp-10g-2sr-2lr-1-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "computer telephony integration object server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.51"
},
{
"model": "unified communications for microsoft lync",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.6.7"
},
{
"model": "prime security manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.3.4.2-4"
},
{
"model": "anyres live",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.14"
},
{
"model": "ons series multiservice provisioning platforms",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1545410.6.1"
},
{
"model": "protectier enterprise edition ts7650g",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "-3.2"
},
{
"model": "telepresence isdn link",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70104.4"
},
{
"model": "flex system fabric cn4093 10gb converged scalable switch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.14.0"
},
{
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.7.0"
},
{
"model": "packet tracer",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2"
},
{
"model": "unified attendant console business edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "agent for openflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0.7"
},
{
"model": "cloud manager with openstack interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.5"
},
{
"model": "cognos business intelligence interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.117"
},
{
"model": "unified contact center enterprise",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.51"
},
{
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32200"
},
{
"model": "show and share",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(3)"
},
{
"model": "webex meetings for wp8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "abyp-2t-2s-0l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "powerkvm",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "extremexos",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "15.6.5"
},
{
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.5.0"
},
{
"model": "webex meetings for android",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1"
},
{
"model": "mds series multilayer switches 7.3.1nx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9000"
},
{
"model": "mds series multilayer switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"model": "ios software and cisco ios xe software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "16.3.1"
},
{
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.2"
},
{
"model": "webex meeting center",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.9.0.5"
},
{
"model": "sterling connect:direct for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5.01"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.15-36"
},
{
"model": "ace application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "300"
},
{
"model": "lancope stealthwatch flowsensor",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.7.3"
},
{
"model": "exalogic infrastructure",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0"
},
{
"model": "proventia network enterprise scanner",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.4"
},
{
"model": "nac guest server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "local collector appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2.10"
},
{
"model": "enterprise content delivery system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(1)"
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network controller 1.0.3387m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.11"
},
{
"model": "mobile foundation consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.0.0"
},
{
"model": "prime collaboration deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings client hosted t31r1sp6",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cloud manager with openstack interim fix1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.6"
},
{
"model": "dx series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "virtualization experience media engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network controller 1.0.3379m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "video surveillance series ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "60002.8"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3x000"
},
{
"model": "packet tracer",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3"
},
{
"model": "unified sip proxy",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0"
},
{
"model": "abyp-0t-4s-0l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.0.1"
},
{
"model": "spa50x series ip phones",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.6.5"
},
{
"model": "enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "extremexos",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "16.1.2"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "abyp-4ts-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.5"
},
{
"model": "ata series analog terminal adaptor",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1901.3"
},
{
"model": "digital media players series 5.4 rb",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4400"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.4"
},
{
"model": "virtualization experience media engine",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5.1"
},
{
"model": "abyp-10g-4lr-1-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3200"
},
{
"model": "abyp-10g-4lr-1-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "sterling connect:direct for hp nonstop ifix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.6.0.1030"
},
{
"model": "video surveillance ptz ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8"
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.6"
},
{
"model": "unified communications for microsoft lync",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jabber software development kit",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "spa122 ata with router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.4"
},
{
"model": "identity services engine",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2.1"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.1"
},
{
"model": "webex meetings server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.7"
},
{
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3"
},
{
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.2.2"
},
{
"model": "rackswitch g8124/g8124-e",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.11.7.0"
},
{
"model": "extremexos",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "16.2"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(2.10000.5)"
},
{
"model": "project openssl 1.0.1c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.1.0"
},
{
"model": "telepresence mx series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.3.7"
},
{
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"model": "telepresence server on multiparty media",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3204.4"
},
{
"model": "helion openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "qradar siem/qrif/qrm/qvm patch",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.71"
},
{
"model": "rackswitch g8332",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.7.23.0"
},
{
"model": "digital media players series 5.3 rb",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4300"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1768"
},
{
"model": "lancope stealthwatch flowcollector sflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8"
},
{
"model": "telepresence profile series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.3.7"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.41"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.1"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v5000-"
},
{
"model": "extremexos",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "15.3.5"
},
{
"model": "abyp-0t-0s-4l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.6"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.5"
},
{
"model": "project openssl 1.0.1f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "nexus series switches 7.3.1nx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7000"
},
{
"model": "jabber for android mr",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6"
},
{
"model": "project openssl 1.0.2a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "websphere application server liberty pr",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.6-"
},
{
"model": "abyp-4t-0s-0l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "sterling connect:direct for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5.00"
},
{
"model": "algo audit and compliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "connected grid router-cgos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.5"
},
{
"model": "extremexos",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "21.1.1"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.2919"
},
{
"model": "websphere application server liberty pr",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.2-"
},
{
"model": "eos",
"scope": "ne",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "8.61.1"
},
{
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.0"
},
{
"model": "lancope stealthwatch smc",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence server on virtual machine mr2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"model": "anyconnect secure mobility client",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3"
},
{
"model": "unified ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "69450"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "60008.3"
},
{
"model": "netsight appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "6.3"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.30.2-9"
},
{
"model": "abyp-0t-2s-2l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70008.3"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.2"
},
{
"model": "webex meetings server ssl gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "lancope stealthwatch flowcollector sflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.1"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"model": "messagesight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2"
},
{
"model": "prime network services controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ironport email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "prime collaboration provisioning",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.2"
},
{
"model": "protectier gateway for system z",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4"
},
{
"model": "lancope stealthwatch flowsensor",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.3"
},
{
"model": "spa30x series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "helion openstack",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"model": "extremexos",
"scope": "ne",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "21.1.2"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.2"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.30-12"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "webex meetings client on premises",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.3"
},
{
"model": "telepresence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70100"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.3(1)"
},
{
"model": "hosted collaboration mediation fulfillment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "digital media manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.4"
},
{
"model": "rackswitch g8124/g8124-e",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.17.0"
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.2"
},
{
"model": "protectier appliance edition ts7650ap1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "-3.3"
},
{
"model": "security manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.12"
},
{
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.0"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.7"
},
{
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.2.2"
},
{
"model": "rackswitch g8052",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.11.7.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5(.1.131)"
},
{
"model": "extremexos",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "15.5.5"
},
{
"model": "purview",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "6.3"
},
{
"model": "prime access registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "onepk all-in-one vm",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1(1)"
},
{
"model": "prime lan management solution",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.1"
},
{
"model": "algo audit and compliance if",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0.32"
},
{
"model": "spa525g",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rackswitch g8264t",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.17.0"
},
{
"model": "cloud manager with openstack interim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.4"
},
{
"model": "lancope stealthwatch flowsensor",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.1"
},
{
"model": "summit wm3000 series",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "0"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.0"
},
{
"model": "protectier gateway for system z",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2"
},
{
"model": "protectier enterprise edition ts7650g",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "-1.2"
},
{
"model": "abyp-0t-2s-2l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "xenserver",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "6.1"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "unified attendant console department edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified ip phone 9.4.2sr3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9971"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.1"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.29-9"
},
{
"model": "series ip phones vpn feature",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8800-0"
},
{
"model": "protectier gateway for system z",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3"
},
{
"model": "abyp-2t-0s-2l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "nexus series switches 7.3.1dx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6000"
},
{
"model": "spa112 2-port phone adapter",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.4.5"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.6"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3387"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0"
},
{
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.1.1"
},
{
"model": "websphere application server liberty pr",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.8-"
},
{
"model": "abyp-10g-4sr-1-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "webex messenger service",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.20"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.0"
},
{
"model": "telepresence server mr2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70104.2"
},
{
"model": "media experience engines",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "protectier appliance edition ts7650ap1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "-1.2"
},
{
"model": "security network controller 1.0.3352m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2"
},
{
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.3.1"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "video distribution suite for internet streaming",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "connected grid router 15.6.2.15t",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "digital media players series 5.4 rb",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4300"
},
{
"model": "telepresence server on multiparty media mr2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3204.2"
},
{
"model": "cloupia unified infrastructure controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "hosted collaboration mediation fulfillment",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5:20"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.1.1"
},
{
"model": "jabber for mac",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.7"
},
{
"model": "protectier entry edition ts7610 ts7620",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "-/3.4"
},
{
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.20"
},
{
"model": "agent desktop for cisco unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"model": "counter fraud management for safer payments",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.0"
},
{
"model": "flex system fabric en4093r 10gb scalable switch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.14.0"
},
{
"model": "telepresence server on multiparty media mr2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3104.2"
},
{
"model": "adaptive security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70006.2.17"
},
{
"model": "digital media players series 5.3 rb",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4400"
},
{
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.1.0"
},
{
"model": "project openssl 1.0.1n",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3204.1"
},
{
"model": "lancope stealthwatch smc",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.7.3"
},
{
"model": "packet tracer",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.0"
},
{
"model": "network analysis module",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.3.1"
},
{
"model": "image construction and composition tool build",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.2.028"
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"model": "rackswitch g8052",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.17.0"
},
{
"model": "unified wireless ip phone",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5.1"
},
{
"model": "security access manager for web",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.4"
},
{
"model": "anyconnect secure mobility client for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "virtual security gateway vsg2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.1.0"
},
{
"model": "linux x86 64 -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "workload deployer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.17"
},
{
"model": "policy suite",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"model": "webex meetings client on premises",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "-2.7"
},
{
"model": "spa51x series ip phones",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.6.5"
},
{
"model": "unified ip conference phone for third-party call control",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"model": "unified intelligence center",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5.1"
},
{
"model": "telepresence server on virtual machine",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.4"
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.0.0"
},
{
"model": "common services platform collector",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.9.1"
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.7"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.2"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(3.10000.9)"
},
{
"model": "hosted collaboration mediation fulfillment",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"model": "dcm series 9900-digital content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "virtual fabric 10gb switch module",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.10.0"
},
{
"model": "digital media manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.16"
},
{
"model": "anyconnect secure mobility client for ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"model": "protectier entry edition ts7610 ts7620",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "-/3.2"
},
{
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.1.2"
},
{
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.0"
},
{
"model": "telepresence sx series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.1.2"
},
{
"model": "extremexos",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "15.7"
},
{
"model": "lancope stealthwatch flowcollector sflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.2"
},
{
"model": "anyconnect secure mobility client for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2"
},
{
"model": "webex meetings client hosted",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "rackswitch g8264",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.11.7.0"
},
{
"model": "webex meetings for wp8",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.13"
},
{
"model": "show and share",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(2.1)"
},
{
"model": "webex meetings for wp8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.1"
},
{
"model": "physical access control gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "wide area application services",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.5.7"
},
{
"model": "webex messenger service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "identifi v7r0",
"scope": null,
"trust": 0.3,
"vendor": "extremenetworks",
"version": null
},
{
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.1"
},
{
"model": "prime ip express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mmp server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.10"
},
{
"model": "application and content networking system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.5.41"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.0"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"model": "extremexos",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "15.4.1.0"
},
{
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.2.1"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "intelligent automation for cloud",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "0.9.8"
},
{
"model": "websphere application server liberty pr",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.7-"
},
{
"model": "cognos business intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "edge digital media player 1.6rb4 5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "300"
},
{
"model": "mds series multilayer switches 7.3.1dx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9000"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "99510"
},
{
"model": "abyp-10g-4sr-1-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89450"
},
{
"model": "digital media manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.4.1"
},
{
"model": "icewall sso dfw",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.0"
},
{
"model": "lancope stealthwatch flowsensor",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.2"
},
{
"model": "video surveillance series ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30002.8"
},
{
"model": "protectier enterprise edition ts7650g",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "-2.5"
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.2"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.12"
},
{
"model": "webex meeting center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.11"
},
{
"model": "partner supporting service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "1/10gb uplink ethernet switch module",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.4.14.0"
},
{
"model": "protectier appliance edition ts7650ap1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "-3.2"
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.11"
},
{
"model": "mobility services engine",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.0"
},
{
"model": "edge digital media player",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3401.2.0.20"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.1"
},
{
"model": "abyp-0t-4s-0l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "spa30x series ip phones",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.6.5"
},
{
"model": "unified series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "78000"
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.8"
},
{
"model": "digital media players series 5.4 rb",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4400"
},
{
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "42000"
},
{
"model": "security access manager for web",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.1.0"
},
{
"model": "identifi",
"scope": "ne",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "9.21.12"
},
{
"model": "socialminer",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rackswitch g8264",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.17.0"
},
{
"model": "standalone rack server cimc",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5"
},
{
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.2.1"
},
{
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2.0.0"
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.0.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "spa112 2-port phone adapter",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "lancope stealthwatch smc",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8"
},
{
"model": "intracer",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jabber for apple ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6.2"
},
{
"model": "video surveillance series high-definition ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "40002.4.7"
},
{
"model": "video surveillance media server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.5"
},
{
"model": "mq appliance m2001",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "84200"
},
{
"model": "jabber for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "ironport email security appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5"
},
{
"model": "anyconnect secure mobility client for linux",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.112"
},
{
"model": "meetingplace",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "spa525g",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.6.5"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.3"
},
{
"model": "mmp server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.9.0.5"
},
{
"model": "nac appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "6.3"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "4.4.4"
},
{
"model": "lancope stealthwatch udp director",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence integrator c series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.1.2"
},
{
"model": "prime network registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cloud object store",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.8"
},
{
"model": "anyconnect secure mobility client for android",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "cognos business intelligence fixpack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.12"
},
{
"model": "telepresence sx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network controller 1.0.3394m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "security network controller 1.0.3381m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.1.5"
},
{
"model": "registered envelope service",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.0"
},
{
"model": "lancope stealthwatch smc",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.1"
},
{
"model": "cognos business intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "99710"
},
{
"model": "telepresence content server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.2"
},
{
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.5(4)"
},
{
"model": "meetingplace",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence server on multiparty media",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3104.4"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.4"
},
{
"model": "image construction and composition tool build",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.1.050"
},
{
"model": "security guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"model": "anyconnect secure mobility client for linux",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"model": "sterling connect:direct for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.6"
},
{
"model": "mq appliance m2000",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "ata analog telephone adaptor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1870"
},
{
"model": "asa cx and prime security manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "universal small cell series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "50003.5.12.21"
},
{
"model": "project openssl 1.0.1m",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "13.1"
},
{
"model": "rackswitch g8264cs",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.14.0"
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"model": "expressway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "anyconnect secure mobility client for android",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0(1)"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "50007.3.1"
},
{
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.5(3)"
},
{
"model": "websphere application server liberty pr",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.9-"
},
{
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.3.0"
},
{
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.0"
},
{
"model": "security identity manager virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.0"
},
{
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0.2"
},
{
"model": "edge digital media player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3000"
},
{
"model": "unified ip phone 9.4.2sr3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8945"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.18-49"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0(1.10000.12)"
},
{
"model": "telepresence ex series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.1.2"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1000v0"
},
{
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.3"
},
{
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.3"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.6"
},
{
"model": "mate design",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.1"
},
{
"model": "eos",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "7.91.1"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.5"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.13-41"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"model": "xenserver",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "6.0.2"
},
{
"model": "show and share",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "network admission control",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified communications for microsoft lync",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6"
},
{
"model": "identity services engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.4"
},
{
"model": "project openssl 1.0.1j",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "universal small cell series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70003.4.2.0"
},
{
"model": "application policy infrastructure controller",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0(0.400)"
},
{
"model": "protectier enterprise edition ts7650g",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "-3.1"
},
{
"model": "nexus series switches 7.3.1dx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"model": "protectier entry edition ts7610 ts7620",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "-/2.5"
},
{
"model": "telepresence conductor",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"model": "abyp-0t-0s-4l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "unified attendant console standard",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.115"
},
{
"model": "security identity manager virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1.1"
},
{
"model": "jazz reporting service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3"
},
{
"model": "connected grid routers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mate live",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.13"
},
{
"model": "sterling connect:direct for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5(.1.6)"
},
{
"model": "telepresence integrator c series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified workforce optimization sr3 es5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.0"
},
{
"model": "project openssl 1.0.1d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.2"
},
{
"model": "unified communications manager 10.5 su3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "jazz reporting service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "security identity governance and intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"model": "protectier entry edition ts7610 ts7620",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "-/3.3"
},
{
"model": "protectier enterprise edition ts7650g",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "-3.4"
},
{
"model": "abyp-4tl-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "abyp-2t-2s-0l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "nac server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3381"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.9-34"
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.3"
},
{
"model": "extremexos",
"scope": "ne",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "22.1"
},
{
"model": "abyp-4ts-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "digital media players series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "43000"
},
{
"model": "workload deployer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.11"
},
{
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3100"
},
{
"model": "security proventia network active bypass 0343c3c",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "cloud manager with openstack interim fix1",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.0.6"
},
{
"model": "unified ip phones 9.3 sr3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6901"
},
{
"model": "digital media manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3.6"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.3"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11.0(0.98000.225)"
},
{
"model": "prime network",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "anyconnect secure mobility client for ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3"
},
{
"model": "prime performance manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "security access manager for web",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.02"
},
{
"model": "prime collaboration provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "protectier gateway for system z",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.4"
},
{
"model": "extremexos",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "15.7.3"
},
{
"model": "network analysis module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "unity connection",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"model": "rackswitch g8316",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.9.17.0"
},
{
"model": "telepresence video communication server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.8"
},
{
"model": "lancope stealthwatch flowcollector netflow",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "lancope stealthwatch smc",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.2"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(1.98991.13)"
},
{
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.2.0"
},
{
"model": "extremexos",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "15.6.4"
},
{
"model": "xenserver",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "6.0"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "abyp-10g-2sr-2lr-1-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "prime optical for sps",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.6"
},
{
"model": "protectier enterprise edition ts7650g",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "-2.4"
},
{
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "45000"
},
{
"model": "telepresence server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "87104.4"
},
{
"model": "power hmc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1.0.0"
},
{
"model": "telepresence isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32410"
},
{
"model": "extremexos",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "15.3"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "50008.3"
},
{
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.2.1"
},
{
"model": "netflow generation appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "pureapplication system",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.2.3"
},
{
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3104.1"
},
{
"model": "telepresence ex series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings server ssl gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "-2.7"
},
{
"model": "protectier appliance edition ts7650ap1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "-2.4"
},
{
"model": "telepresence server on virtual machine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0.5"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5"
},
{
"model": "webex meetings for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(1.10000.5)"
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.6"
},
{
"model": "tivoli network manager ip edition fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.94"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.0"
},
{
"model": "prime license manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3376"
},
{
"model": "sterling connect:direct for hp nonstop",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5"
},
{
"model": "protectier entry edition ts7610 ts7620",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "-/1.2"
},
{
"model": "messagesight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.18-42"
},
{
"model": "video surveillance series ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70002.8"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v3500-"
},
{
"model": "expressway series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.8"
},
{
"model": "abyp-4t-0s-0l-p",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "email security appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.2"
},
{
"model": "virtual security gateway for microsoft hyper-v vsg2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "connected grid router cgos 15.6.2.15t",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "wide area application services",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2.3"
},
{
"model": "extremexos",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "21.1"
},
{
"model": "unified intelligent contact management enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security identity manager virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.1"
},
{
"model": "nexus series switches 7.3.1nx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6000"
},
{
"model": "application and content networking system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mmp server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.9.1"
},
{
"model": "project openssl 1.0.1k",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "anyconnect secure mobility client for ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence mx series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.1.2"
},
{
"model": "xenserver",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "6.2"
},
{
"model": "spa232d multi-line dect ata",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.4.5"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "telepresence profile series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.1.2"
},
{
"model": "project openssl 1.0.1b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.13"
},
{
"model": "anyconnect secure mobility client for os",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x4.2"
},
{
"model": "lancope stealthwatch udp director",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8"
},
{
"model": "universal small cell series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70003.5.12.21"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v3700-"
},
{
"model": "telepresence conductor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "application policy infrastructure controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "websphere application server liberty pr",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.1-"
},
{
"model": "jabber for mac",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "dcm series 9900-digital content manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "19.0"
},
{
"model": "image construction and composition tool",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.2.0"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"model": "unified ip phone 9.4.2sr3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9951"
},
{
"model": "sterling connect:direct for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.0"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1876"
},
{
"model": "video surveillance 4300e/4500e high-definition ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0"
},
{
"model": "local collector appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2.12"
},
{
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.1"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.32"
},
{
"model": "pureapplication system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0.0"
},
{
"model": "content security appliance updater servers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "connected analytics for collaboration",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "multicast manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "lancope stealthwatch flowcollector netflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.7.3"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"model": "telepresence ex series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.3.7"
},
{
"model": "mac os security update",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x2016"
},
{
"model": "jazz reporting service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "50006.2.17"
},
{
"model": "security proventia network active bypass",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.30.4-12"
},
{
"model": "webex node for mcs",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "emergency responder 10.5",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "security identity manager virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.0"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5.0.2"
},
{
"model": "unified communications manager session management edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "qradar siem mr2 patch",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.113"
},
{
"model": "nexus",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "900012.0"
},
{
"model": "lancope stealthwatch udp director",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.8.1"
},
{
"model": "video surveillance ptz ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "virtualization experience media engine",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.7(0)"
},
{
"model": "telepresence serial gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "sterling connect:direct for hp nonstop",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.6"
},
{
"model": "xenserver service pack",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "6.51"
},
{
"model": "webex meetings server 2.5mr2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "protectier appliance edition ts7650ap1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "-2.5"
},
{
"model": "virtual security gateway for microsoft hyper-v",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "services analytic platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jabber for apple ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.7"
},
{
"model": "unified ip phone series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "79009.4(2)"
},
{
"model": "netsight appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "7.0"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89610"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "60006.2.17"
},
{
"model": "workload deployer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.12"
},
{
"model": "websphere application server liberty pr",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.5-"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "tivoli common reporting",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.2"
},
{
"model": "unified series ip conference phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"model": "extremexos",
"scope": "ne",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "16.2.1"
},
{
"model": "security network controller 1.0.3376m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "video surveillance media server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.9"
},
{
"model": "unified communications manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"model": "agent for openflow",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1.5"
},
{
"model": "xenserver",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "6.5"
},
{
"model": "virtual security gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(1)"
},
{
"model": "protectier gateway for system z",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"model": "unified attendant console enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3379"
},
{
"model": "policy suite",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0"
},
{
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2"
},
{
"model": "project openssl 1.0.2b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "prime data center network manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "unified communications manager session management edition",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"model": "videoscape control suite",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "53000"
},
{
"model": "prime access registrar",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.1"
},
{
"model": "anyres live",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9.4.5"
},
{
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.3.0"
},
{
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.0"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0(1)"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.10"
},
{
"model": "websphere application server liberty pr",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.4-"
},
{
"model": "jabber software development kit",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.7"
},
{
"model": "unified contact center express",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5.1"
},
{
"model": "webex meetings server mr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "telepresence mx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.0.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.99.2"
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.1"
},
{
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "jazz reporting service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "telepresence isdn gw mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83210"
},
{
"model": "telepresence profile series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "abyp-2t-0s-2l-p-m",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "visual quality experience tools server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cloud manager with openstack interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.3"
},
{
"model": "prime access registrar",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.2"
},
{
"model": "nexus series switches 7.3.1dx",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7000"
},
{
"model": "asa cx and cisco prime security manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9.5.4.3"
},
{
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "project openssl 1.0.1l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "extremexos",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "15.7.2"
},
{
"model": "im and presence service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3"
},
{
"model": "firesight system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "management appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unity connection",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.1"
},
{
"model": "cloud object store",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "anyconnect secure mobility client for os",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x4.0"
},
{
"model": "project openssl 1.0.1h",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(2.13900.9)"
},
{
"model": "lancope stealthwatch udp director",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.7.3"
},
{
"model": "ip interoperability and collaboration system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(0.98000.88)"
},
{
"model": "cloud manager with openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.1"
}
],
"sources": [
{
"db": "BID",
"id": "89752"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002475"
},
{
"db": "NVD",
"id": "CVE-2016-2108"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2:beta3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.0.1n",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2:beta2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:5.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:google:android:4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:google:android:4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:google:android:4.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:google:android:4.4.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:google:android:4.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:google:android:4.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:google:android:4.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:google:android:4.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:google:android:5.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:google:android:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:google:android:4.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:google:android:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:google:android:4.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:google:android:4.4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:google:android:4.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:google:android:4.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:google:android:4.4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:google:android:5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:google:android:4.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-2108"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "139115"
},
{
"db": "PACKETSTORM",
"id": "136937"
},
{
"db": "PACKETSTORM",
"id": "139167"
},
{
"db": "PACKETSTORM",
"id": "139116"
}
],
"trust": 0.4
},
"cve": "CVE-2016-2108",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2016-2108",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2016-2108",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-2108",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2016-2108",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-2108"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002475"
},
{
"db": "NVD",
"id": "CVE-2016-2108"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The ASN.1 implementation in OpenSSL before 1.0.1o and 1.0.2 before 1.0.2c allows remote attackers to execute arbitrary code or cause a denial of service (buffer underflow and memory corruption) via an ANY field in crafted serialized data, aka the \"negative zero\" issue. OpenSSL is prone to remote memory-corruption vulnerability. \nSuccessfully exploiting this issue may allow an attacker to execute arbitrary code in the context of the application using the vulnerable library. Failed exploit attempts will result in denial-of-service conditions. \nFollowing product versions are affected:\nOpenSSL versions 1.0.2 prior to 1.0.2c\nOpenSSL versions 1.0.1 prior to 1.0.1o. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03756en_us\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: hpesbhf03756en_us\nVersion: 1\n\nHPESBHF03756 rev.1 - HPE Network Products including Comware 7, iMC, and VCX\nrunning OpenSSL, Remote Denial of Service (DoS), Disclosure of Sensitive\nInformation\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2017-06-05\nLast Updated: 2017-06-05\n\nPotential Security Impact: Remote: Denial of Service (DoS), Disclosure of\nSensitive Information\n\nSource: Hewlett Packard Enterprise, Product Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities with OpenSSL have been addressed for HPE\nnetwork products including Comware 7, iMC, and VCX. The vulnerabilities could\nbe remotely exploited resulting in Denial of Service (DoS) or disclosure of\nsensitive information. \n\nReferences:\n\n - CVE-2016-2105 - Remote Denial of Service (DoS)\n - CVE-2016-2106 - Remote Denial of Service (DoS)\n - CVE-2016-2107 - Remote disclosure of sensitive information\n - CVE-2016-2108 - Remote Denial of Service (DoS)\n - CVE-2016-2109 - Remote Denial of Service (DoS)\n - CVE-2016-2176 - Remote Denial of Service (DoS)\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \n\n - VCX Products All versions - Please refer to the RESOLUTION below for a\nlist of updated products. \n - Comware v7 (CW7) Products All versions - Please refer to the RESOLUTION\nbelow for a list of updated products. \n - HP Intelligent Management Center (iMC) All versions - Please refer to the\nRESOLUTION below for a list of updated products. \n\nBACKGROUND\n\n CVSS Base Metrics\n =================\n Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector\n\n CVE-2016-2105\n 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\n 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n CVE-2016-2106\n 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\n 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n CVE-2016-2107\n 3.7 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N\n 2.6 (AV:N/AC:H/Au:N/C:P/I:N/A:N)\n\n CVE-2016-2108\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2016-2109\n 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\n 7.8 (AV:N/AC:L/Au:N/C:N/I:N/A:C)\n\n CVE-2016-2176\n 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L\n 6.4 (AV:N/AC:L/Au:N/C:P/I:N/A:P)\n\n Information on CVSS is documented in\n HPE Customer Notice HPSN-2008-002 here:\n\nhttps://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499\n\nRESOLUTION\n\nHPE has made the following software updates available to resolve the\nvulnerabilities in the Comware 7, iMC and VCX products running OpenSSL. \n\n**COMWARE 7 Products**\n\n + 12500 (Comware 7) - Version: R7377P02\n * HP Network Products\n - JC072B HP 12500 Main Processing Unit\n - JC085A HP A12518 Switch Chassis\n - JC086A HP A12508 Switch Chassis\n - JC652A HP 12508 DC Switch Chassis\n - JC653A HP 12518 DC Switch Chassis\n - JC654A HP 12504 AC Switch Chassis\n - JC655A HP 12504 DC Switch Chassis\n - JF430A HP A12518 Switch Chassis\n - JF430B HP 12518 Switch Chassis\n - JF430C HP 12518 AC Switch Chassis\n - JF431A HP A12508 Switch Chassis\n - JF431B HP 12508 Switch Chassis\n - JF431C HP 12508 AC Switch Chassis\n - JG497A HP 12500 MPU w/Comware V7 OS\n - JG782A HP FF 12508E AC Switch Chassis\n - JG783A HP FF 12508E DC Switch Chassis\n - JG784A HP FF 12518E AC Switch Chassis\n - JG785A HP FF 12518E DC Switch Chassis\n - JG802A HP FF 12500E MPU\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 10500 (Comware 7) - Version: R7184\n * HP Network Products\n - JC611A HP 10508-V Switch Chassis\n - JC612A HP 10508 Switch Chassis\n - JC613A HP 10504 Switch Chassis\n - JC748A HP 10512 Switch Chassis\n - JG608A HP FlexFabric 11908-V Switch Chassis\n - JG609A HP FlexFabric 11900 Main Processing Unit\n - JG820A HP 10504 TAA Switch Chassis\n - JG821A HP 10508 TAA Switch Chassis\n - JG822A HP 10508-V TAA Switch Chassis\n - JG823A HP 10512 TAA Switch Chassis\n - JG496A HP 10500 Type A MPU w/Comware v7 OS\n - JH198A HP 10500 Type D Main Processing Unit with Comware v7 Operating\nSystem\n - JH206A HP 10500 Type D TAA-compliant with Comware v7 Operating System\nMain Processing Unit\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 5900/5920 (Comware 7) - Version: R2422P02\n * HP Network Products\n - JC772A HP 5900AF-48XG-4QSFP+ Switch\n - JG296A HP 5920AF-24XG Switch\n - JG336A HP 5900AF-48XGT-4QSFP+ Switch\n - JG510A HP 5900AF-48G-4XG-2QSFP+ Switch\n - JG554A HP 5900AF-48XG-4QSFP+ TAA Switch\n - JG555A HP 5920AF-24XG TAA Switch\n - JG838A HP FF 5900CP-48XG-4QSFP+ Switch\n - JH036A HP FlexFabric 5900CP 48XG 4QSFP+ TAA-Compliant\n - JH037A HP 5900AF 48XGT 4QSFP+ TAA-Compliant Switch\n - JH038A HP 5900AF 48G 4XG 2QSFP+ TAA-Compliant\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + MSR1000 (Comware 7) - Version: R0306P52\n * HP Network Products\n - JG875A HP MSR1002-4 AC Router\n - JH060A HP MSR1003-8S AC Router\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + MSR2000 (Comware 7) - Version: R0306P52\n * HP Network Products\n - JG411A HP MSR2003 AC Router\n - JG734A HP MSR2004-24 AC Router\n - JG735A HP MSR2004-48 Router\n - JG866A HP MSR2003 TAA-compliant AC Router\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + MSR3000 (Comware 7) - Version: R0306P52\n * HP Network Products\n - JG404A HP MSR3064 Router\n - JG405A HP MSR3044 Router\n - JG406A HP MSR3024 AC Router\n - JG407A HP MSR3024 DC Router\n - JG408A HP MSR3024 PoE Router\n - JG409A HP MSR3012 AC Router\n - JG410A HP MSR3012 DC Router\n - JG861A HP MSR3024 TAA-compliant AC Router\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + MSR4000 (Comware 7) - Version: R0306P52\n * HP Network Products\n - JG402A HP MSR4080 Router Chassis\n - JG403A HP MSR4060 Router Chassis\n - JG412A HP MSR4000 MPU-100 Main Processing Unit\n - JG869A HP MSR4000 TAA-compliant MPU-100 Main Processing Unit\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + VSR (Comware 7) - Version: E0324\n * HP Network Products\n - JG810AAE HP VSR1001 Virtual Services Router 60 Day Evaluation\nSoftware\n - JG811AAE HP VSR1001 Comware 7 Virtual Services Router\n - JG812AAE HP VSR1004 Comware 7 Virtual Services Router\n - JG813AAE HP VSR1008 Comware 7 Virtual Services Router\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 7900 (Comware 7) - Version: R2152\n * HP Network Products\n - JG682A HP FlexFabric 7904 Switch Chassis\n - JG841A HP FlexFabric 7910 Switch Chassis\n - JG842A HP FlexFabric 7910 7.2Tbps Fabric / Main Processing Unit\n - JH001A HP FlexFabric 7910 2.4Tbps Fabric / Main Processing Unit\n - JH122A HP FlexFabric 7904 TAA-compliant Switch Chassis\n - JH123A HP FlexFabric 7910 TAA-compliant Switch Chassis\n - JH124A HP FlexFabric 7910 7.2Tbps TAA-compliant Fabric/Main\nProcessing Unit\n - JH125A HP FlexFabric 7910 2.4Tbps TAA-compliant Fabric/Main\nProcessing Unit\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 5130 (Comware 7) - Version: R3115\n * HP Network Products\n - JG932A HP 5130-24G-4SFP+ EI Switch\n - JG933A HP 5130-24G-SFP-4SFP+ EI Switch\n - JG934A HP 5130-48G-4SFP+ EI Switch\n - JG936A HP 5130-24G-PoE+-4SFP+ (370W) EI Switch\n - JG937A HP 5130-48G-PoE+-4SFP+ (370W) EI Switch\n - JG938A HP 5130-24G-2SFP+-2XGT EI Switch\n - JG939A HP 5130-48G-2SFP+-2XGT EI Switch\n - JG940A HP 5130-24G-PoE+-2SFP+-2XGT (370W) EI Switch\n - JG941A HP 5130-48G-PoE+-2SFP+-2XGT (370W) EI Switch\n - JG975A HP 5130-24G-4SFP+ EI Brazil Switch\n - JG976A HP 5130-48G-4SFP+ EI Brazil Switch\n - JG977A HP 5130-24G-PoE+-4SFP+ (370W) EI Brazil Switch\n - JG978A HP 5130-48G-PoE+-4SFP+ (370W) EI Brazil Switch\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 6125XLG - Version: R2422P02\n * HP Network Products\n - 711307-B21 HP 6125XLG Blade Switch\n - 737230-B21 HP 6125XLG Blade Switch with TAA\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 6127XLG - Version: R2422P02\n * HP Network Products\n - 787635-B21 HP 6127XLG Blade Switch Opt Kit\n - 787635-B22 HP 6127XLG Blade Switch with TAA\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + Moonshot - Version: R2432\n * HP Network Products\n - 786617-B21 - HP Moonshot-45Gc Switch Module\n - 704654-B21 - HP Moonshot-45XGc Switch Module\n - 786619-B21 - HP Moonshot-180XGc Switch Module\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 5700 (Comware 7) - Version: R2422P02\n * HP Network Products\n - JG894A HP FlexFabric 5700-48G-4XG-2QSFP+ Switch\n - JG895A HP FlexFabric 5700-48G-4XG-2QSFP+ TAA-compliant Switch\n - JG896A HP FlexFabric 5700-40XG-2QSFP+ Switch\n - JG897A HP FlexFabric 5700-40XG-2QSFP+ TAA-compliant Switch\n - JG898A HP FlexFabric 5700-32XGT-8XG-2QSFP+ Switch\n - JG899A HP FlexFabric 5700-32XGT-8XG-2QSFP+ TAA-compliant Switch\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 5930 (Comware 7) - Version: R2422P02\n * HP Network Products\n - JG726A HP FlexFabric 5930 32QSFP+ Switch\n - JG727A HP FlexFabric 5930 32QSFP+ TAA-compliant Switch\n - JH178A HP FlexFabric 5930 2QSFP+ 2-slot Switch\n - JH179A HP FlexFabric 5930 4-slot Switch\n - JH187A HP FlexFabric 5930 2QSFP+ 2-slot TAA-compliant Switch\n - JH188A HP FlexFabric 5930 4-slot TAA-compliant Switch\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 1950 (Comware 7) - Version: R3115\n * HP Network Products\n - JG960A HP 1950-24G-4XG Switch\n - JG961A HP 1950-48G-2SFP+-2XGT Switch\n - JG962A HP 1950-24G-2SFP+-2XGT-PoE+(370W) Switch\n - JG963A HP 1950-48G-2SFP+-2XGT-PoE+(370W) Switch\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 7500 (Comware 7) - Version: R7184\n * HP Network Products\n - JD238C HP 7510 Switch Chassis\n - JD239C HP 7506 Switch Chassis\n - JD240C HP 7503 Switch Chassis\n - JD242C HP 7502 Switch Chassis\n - JH207A HP 7500 1.2Tbps Fabric with 2-port 40GbE QSFP+ for IRF-Only\nMain Processing Unit\n - JH208A HP 7502 Main Processing Unit\n - JH209A HP 7500 2.4Tbps Fabric with 8-port 1/10GbE SFP+ and 2-port\n40GbE QSFP+ Main Processing Unit\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 5510HI (Comware 7) - Version: R1120P10\n * HP Network Products\n - JH145A HPE 5510 24G 4SFP+ HI 1-slot Switch\n - JH146A HPE 5510 48G 4SFP+ HI 1-slot Switch\n - JH147A HPE 5510 24G PoE+ 4SFP+ HI 1-slot Switch\n - JH148A HPE 5510 48G PoE+ 4SFP+ HI 1-slot Switch\n - JH149A HPE 5510 24G SFP 4SFP+ HI 1-slot Switch\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 5130HI (Comware 7) - Version: R1120P10\n * HP Network Products\n - JH323A HPE 5130 24G 4SFP+ 1-slot HI Switch\n - JH324A HPE 5130 48G 4SFP+ 1-slot HI Switch\n - JH325A HPE 5130 24G PoE+ 4SFP+ 1-slot HI Switch\n - JH326A HPE 5130 48G PoE+ 4SFP+ 1-slot HI Switch\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 5940 - Version: R2509\n * HP Network Products\n - JH390A HPE FlexFabric 5940 48SFP+ 6QSFP28 Switch\n - JH391A HPE FlexFabric 5940 48XGT 6QSFP28 Switch\n - JH394A HPE FlexFabric 5940 48XGT 6QSFP+ Switch\n - JH395A HPE FlexFabric 5940 48SFP+ 6QSFP+ Switch\n - JH396A HPE FlexFabric 5940 32QSFP+ Switch\n - JH397A HPE FlexFabric 5940 2-slot Switch\n - JH398A HPE FlexFabric 5940 4-slot Switch\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n + 5950 - Version: R6123\n * HP Network Products\n - JH321A HPE FlexFabric 5950 32QSFP28 Switch\n - JH402A HPE FlexFabric 5950 48SFP28 8QSFP28 Switch\n - JH404A HPE FlexFabric 5950 4-slot Switch\n + 12900E (Comware 7) - Version: R2609\n * HP Network Products\n - JG619A HP FlexFabric 12910 Switch AC Chassis\n - JG621A HP FlexFabric 12910 Main Processing Unit\n - JG632A HP FlexFabric 12916 Switch AC Chassis\n - JG634A HP FlexFabric 12916 Main Processing Unit\n - JH104A HP FlexFabric 12900E Main Processing Unit\n - JH114A HP FlexFabric 12910 TAA-compliant Main Processing Unit\n - JH263A HP FlexFabric 12904E Main Processing Unit\n - JH255A HP FlexFabric 12908E Switch Chassis\n - JH262A HP FlexFabric 12904E Switch Chassis\n - JH113A HP FlexFabric 12910 TAA-compliant Switch AC Chassis\n - JH103A HP FlexFabric 12916E Switch Chassis\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n\n\n**iMC Products**\n\n + iNode PC 7.2 (E0410) - Version: 7.2 E0410\n * HP Network Products\n - JD144A HP A-IMC User Access Management Software Module with 200-user\nLicense\n - JD147A HP IMC Endpoint Admission Defense Software Module with\n200-user License\n - JD435A HP A-IMC Endpoint Admission Defense Client Software\n - JF388A HP IMC User Authentication Management Software Module with\n200-user License\n - JF388AAE HP IMC User Authentication Management Software Module with\n200-user E-LTU\n - JF391A HP IMC Endpoint Admission Defense Software Module with\n200-user License\n - JF391AAE HP IMC Endpoint Admission Defense Software Module with\n200-user E-LTU\n - JG752AAE HP IMC User Access Manager Software Module with 50-user\nE-LTU\n - JG754AAE) HP IMC Endpoint Admission Defense Software Module with\n50-user E-LTU\n * CVEs\n - CVE-2016-2106\n - CVE-2016-2109\n - CVE-2016-2176\n + iMC UAM_TAM 7.2-E0409 - Version: 7.2 E0409\n * HP Network Products\n - JF388A HP IMC UAM S/W MODULE W/200-USER LICENSE\n - JF388AAE HP IMC UAM S/W MODULE W/200-USER E-LTU\n - JG752AAE HP IMC UAM SW MOD W/ 50-USER E-LTU\n - JG483A HP IMC TAM S/W MODULE W/100-NODE LIC\n - JG483AAE HP IMC TAM S/W MODULE W/100-NODE E-LTU\n - JG764AAE HP IMC TAM SW MOD W/ 50-NODE E-LTU\n * CVEs\n - CVE-2016-2106\n - CVE-2016-2109\n - CVE-2016-2176\n\n\n**VCX Products**\n\n + VCX - Version: 9.8.19\n * HP Network Products\n - J9672A HP VCX V7205 Platform w/ DL360 G7 Srvr\n - J9668A HP VCX IPC V7005 Pltfrm w/ DL120 G6 Srvr\n - JC517A HP VCX V7205 Platform w/DL 360 G6 Server\n - JE355A HP VCX V6000 Branch Platform 9.0\n - JC516A HP VCX V7005 Platform w/DL 120 G6 Server\n - JC518A HP VCX Connect 200 Primry 120 G6 Server\n - J9669A HP VCX IPC V7310 Pltfrm w/ DL360 G7 Srvr\n - JE341A HP VCX Connect 100 Secondary\n - JE252A HP VCX Connect Primary MIM Module\n - JE253A HP VCX Connect Secondary MIM Module\n - JE254A HP VCX Branch MIM Module\n - JE355A HP VCX V6000 Branch Platform 9.0\n - JD028A HP MS30-40 RTR w/VCX + T1/FXO/FXS/Mod\n - JD023A HP MSR30-40 Router with VCX MIM Module\n - JD024A HP MSR30-16 RTR w/VCX Ent Br Com MIM\n - JD025A HP MSR30-16 RTR w/VCX + 4FXO/2FXS Mod\n - JD026A HP MSR30-16 RTR w/VCX + 8FXO/4FXS Mod\n - JD027A HP MSR30-16 RTR w/VCX + 8BRI/4FXS Mod\n - JD029A HP MSR30-16 RTR w/VCX + E1/4BRI/4FXS\n - JE340A HP VCX Connect 100 Pri Server 9.0\n - JE342A HP VCX Connect 100 Sec Server 9.0\n * CVEs\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2176\n\n**Note:** Please contact HPE Technical Support if any assistance is needed\nacquiring the software updates. \n\nHISTORY\nVersion:1 (rev.1) - 2 June 2017 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running Hewlett Packard Enterprise (HPE) software\nproducts should be applied in accordance with the customer\u0027s patch management\npolicy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HPE Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hpe.com. \n\nReport: To report a potential security vulnerability for any HPE supported\nproduct:\n Web form: https://www.hpe.com/info/report-security-vulnerability\n Email: security-alert@hpe.com\n\nSubscribe: To initiate a subscription to receive future HPE Security Bulletin\nalerts via Email: http://www.hpe.com/support/Subscriber_Choice\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here: http://www.hpe.com/support/Security_Bulletin_Archive\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HPE General Software\nHF = HPE Hardware and Firmware\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPV = ProCurve\nST = Storage Software\nUX = HP-UX\n\nCopyright 2016 Hewlett Packard Enterprise\n\nHewlett Packard Enterprise shall not be liable for technical or editorial\nerrors or omissions contained herein. The information provided is provided\n\"as is\" without warranty of any kind. To the extent permitted by law, neither\nHP or its affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. Hewlett\nPackard Enterprise and the names of Hewlett Packard Enterprise products\nreferenced herein are trademarks of Hewlett Packard Enterprise in the United\nStates and other countries. Other product and company names mentioned herein\nmay be trademarks of their respective owners. \n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201612-16\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: OpenSSL: Multiple vulnerabilities\n Date: December 07, 2016\n Bugs: #581234, #585142, #585276, #591454, #592068, #592074,\n #592082, #594500, #595186\n ID: 201612-16\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in OpenSSL, the worst of which\nallows attackers to conduct a time based side-channel attack. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 dev-libs/openssl \u003c 1.0.2j \u003e= 1.0.2j\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in OpenSSL. Please review\nthe CVE identifiers and the International Association for Cryptologic\nResearch\u0027s (IACR) paper, \"Make Sure DSA Signing Exponentiations Really\nare Constant-Time\" for further details. Additionally, a time based side-channel\nattack may allow a local attacker to recover a private DSA key. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll OpenSSL users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-1.0.2j\"\n\nReferences\n==========\n\n[ 1 ] CVE-2016-2105\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2105\n[ 2 ] CVE-2016-2106\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2106\n[ 3 ] CVE-2016-2107\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2107\n[ 4 ] CVE-2016-2108\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2108\n[ 5 ] CVE-2016-2109\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2109\n[ 6 ] CVE-2016-2176\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2176\n[ 7 ] CVE-2016-2177\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2177\n[ 8 ] CVE-2016-2178\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2178\n[ 9 ] CVE-2016-2180\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2180\n[ 10 ] CVE-2016-2183\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2183\n[ 11 ] CVE-2016-6304\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6304\n[ 12 ] CVE-2016-6305\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6305\n[ 13 ] CVE-2016-6306\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6306\n[ 14 ] CVE-2016-7052\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7052\n[ 15 ] Make Sure DSA Signing Exponentiations Really are Constant-Time\n http://eprint.iacr.org/2016/594.pdf\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201612-16\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2016 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n\n. \n\n\nHere are the details from the Slackware 14.1 ChangeLog:\n+--------------------------+\npatches/packages/openssl-1.0.1t-i486-1_slack14.1.txz: Upgraded. \n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated packages for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-1.0.1t-i486-1_slack14.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-solibs-1.0.1t-i486-1_slack14.0.txz\n\nUpdated packages for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-1.0.1t-x86_64-1_slack14.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-solibs-1.0.1t-x86_64-1_slack14.0.txz\n\nUpdated packages for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-1.0.1t-i486-1_slack14.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-solibs-1.0.1t-i486-1_slack14.1.txz\n\nUpdated packages for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-1.0.1t-x86_64-1_slack14.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-solibs-1.0.1t-x86_64-1_slack14.1.txz\n\nUpdated packages for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-1.0.2h-i586-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-1.0.2h-i586-1.txz\n\nUpdated packages for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/openssl-solibs-1.0.2h-x86_64-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssl-1.0.2h-x86_64-1.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 14.0 packages:\n033bd9509aeb07712e6bb3adf89c18e4 openssl-1.0.1t-i486-1_slack14.0.txz\n9e91d781e33f7af80cbad08b245e84ed openssl-solibs-1.0.1t-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 packages:\ne5c77ec16e3f2fcb2f1d53d84a6ba951 openssl-1.0.1t-x86_64-1_slack14.0.txz\n2de7b6196a905233036d7f38008984bd openssl-solibs-1.0.1t-x86_64-1_slack14.0.txz\n\nSlackware 14.1 packages:\n96dcae05ae2f585c30de852a55eb870f openssl-1.0.1t-i486-1_slack14.1.txz\n59618b061e62fd9d73ba17df7626b2e7 openssl-solibs-1.0.1t-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 packages:\n3d5ebfce099917703d537ab603e58a9b openssl-1.0.1t-x86_64-1_slack14.1.txz\nbf3a6bbdbe835dd2ce73333822cc9f06 openssl-solibs-1.0.1t-x86_64-1_slack14.1.txz\n\nSlackware -current packages:\n4889a10c5f3aa7104167c7d50eedf7ea a/openssl-solibs-1.0.2h-i586-1.txz\n8e3439f35c3cb4e11ca64eebb238a52f n/openssl-1.0.2h-i586-1.txz\n\nSlackware x86_64 -current packages:\nb4a852bb7e86389ec228288ccb7e79bb a/openssl-solibs-1.0.2h-x86_64-1.txz\nbcf9dc7bb04173f002644e3ce33ab4ab n/openssl-1.0.2h-x86_64-1.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the packages as root:\n# upgradepkg openssl-1.0.1t-i486-1_slack14.1.txz openssl-solibs-1.0.1t-i486-1_slack14.1.txz \n\nThen, reboot the machine or restart any network services that use OpenSSL. \n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list: |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message: |\n| |\n| unsubscribe slackware-security |\n| |\n| You will get a confirmation message back containing instructions to |\n| complete the process. Please do not reply to this email address. Description:\n\nRed Hat JBoss Enterprise Application Platform 6 is a platform for Java\napplications based on JBoss Application Server 7. \n\nThis release includes bug fixes and enhancements, as well as a new release\nof OpenSSL that addresses a number of outstanding security flaws. For\nfurther information, see the knowledge base article linked to in the\nReferences section. The JBoss server process must be restarted for the update\nto take effect. \n(CVE-2016-2108)\n\n* Multiple flaws were found in the way httpd parsed HTTP requests and\nresponses using chunked transfer encoding. A remote attacker could use\nthese flaws to create a specially crafted request, which httpd would decode\ndifferently from an HTTP proxy software in front of it, possibly leading to\nHTTP request smuggling attacks. (CVE-2015-3195)\n\n* A flaw was found in the way the TLS protocol composes the Diffie-Hellman\nexchange (for both export and non-export grade cipher suites). An attacker\ncould use this flaw to downgrade a DHE connection to use export-grade key\nsizes, which could then be broken by sufficient pre-computation. This can\nlead to a passive man-in-the-middle attack in which the attacker is able to\ndecrypt all traffic. (CVE-2016-2106)\n\n* It was discovered that it is possible to remotely Segfault Apache http\nserver with a specially crafted string sent to the mod_cluster via service\nmessages (MCMP). (CVE-2016-2109)\n\n* It was discovered that specifying configuration with a JVMRoute path\nlonger than 80 characters will cause segmentation fault leading to a server\ncrash. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: openssl security update\nAdvisory ID: RHSA-2016:0722-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2016-0722.html\nIssue date: 2016-05-09\nCVE Names: CVE-2016-0799 CVE-2016-2105 CVE-2016-2106 \n CVE-2016-2107 CVE-2016-2108 CVE-2016-2109 \n CVE-2016-2842 \n=====================================================================\n\n1. Summary:\n\nAn update for openssl is now available for Red Hat Enterprise Linux 7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - x86_64\n\n3. Description:\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and\nTransport Layer Security (TLS) protocols, as well as a full-strength\ngeneral-purpose cryptography library. \n\nSecurity Fix(es):\n\n* A flaw was found in the way OpenSSL encoded certain ASN.1 data\nstructures. An attacker could use this flaw to create a specially crafted\ncertificate which, when verified or re-encoded by OpenSSL, could cause it\nto crash, or execute arbitrary code using the permissions of the user\nrunning an application compiled against the OpenSSL library. \n(CVE-2016-2108)\n\n* Two integer overflow flaws, leading to buffer overflows, were found in\nthe way the EVP_EncodeUpdate() and EVP_EncryptUpdate() functions of OpenSSL\nparsed very large amounts of input data. \n(CVE-2016-2105, CVE-2016-2106)\n\n* It was discovered that OpenSSL leaked timing information when decrypting\nTLS/SSL and DTLS protocol encrypted records when the connection used the\nAES CBC cipher suite and the server supported AES-NI. A remote attacker\ncould possibly use this flaw to retrieve plain text from encrypted packets\nby using a TLS/SSL or DTLS server as a padding oracle. (CVE-2016-2107)\n\n* Several flaws were found in the way BIO_*printf functions were\nimplemented in OpenSSL. Applications which passed large amounts of\nuntrusted data through these functions could crash or potentially execute\ncode with the permissions of the user running such an application. \n(CVE-2016-0799, CVE-2016-2842)\n\n* A denial of service flaw was found in the way OpenSSL parsed certain\nASN.1-encoded data from BIO (OpenSSL\u0027s I/O abstraction) inputs. An\napplication using OpenSSL that accepts untrusted ASN.1 BIO input could be\nforced to allocate an excessive amount of data. (CVE-2016-2109)\n\nRed Hat would like to thank the OpenSSL project for reporting\nCVE-2016-2108, CVE-2016-2842, CVE-2016-2105, CVE-2016-2106, CVE-2016-2107,\nand CVE-2016-0799. Upstream acknowledges Huzaifa Sidhpurwala (Red Hat),\nHanno B\u00f6ck, and David Benjamin (Google) as the original reporters of\nCVE-2016-2108; Guido Vranken as the original reporter of CVE-2016-2842,\nCVE-2016-2105, CVE-2016-2106, and CVE-2016-0799; and Juraj Somorovsky as\nthe original reporter of CVE-2016-2107. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library\nmust be restarted, or the system rebooted. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1312219 - CVE-2016-0799 OpenSSL: Fix memory issues in BIO_*printf functions\n1314757 - CVE-2016-2842 openssl: doapr_outch function does not verify that certain memory allocation succeeds\n1330101 - CVE-2016-2109 openssl: ASN.1 BIO handling of large amounts of data\n1331402 - CVE-2016-2108 openssl: Memory corruption in the ASN.1 encoder\n1331426 - CVE-2016-2107 openssl: Padding oracle in AES-NI CBC MAC check\n1331441 - CVE-2016-2105 openssl: EVP_EncodeUpdate overflow\n1331536 - CVE-2016-2106 openssl: EVP_EncryptUpdate overflow\n\n6. Package List:\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nopenssl-1.0.1e-51.el7_2.5.src.rpm\n\nx86_64:\nopenssl-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-libs-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-libs-1.0.1e-51.el7_2.5.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-devel-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-devel-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-perl-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-static-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-static-1.0.1e-51.el7_2.5.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nopenssl-1.0.1e-51.el7_2.5.src.rpm\n\nx86_64:\nopenssl-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-libs-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-libs-1.0.1e-51.el7_2.5.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-devel-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-devel-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-perl-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-static-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-static-1.0.1e-51.el7_2.5.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nopenssl-1.0.1e-51.el7_2.5.src.rpm\n\nppc64:\nopenssl-1.0.1e-51.el7_2.5.ppc64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.ppc.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.ppc64.rpm\nopenssl-devel-1.0.1e-51.el7_2.5.ppc.rpm\nopenssl-devel-1.0.1e-51.el7_2.5.ppc64.rpm\nopenssl-libs-1.0.1e-51.el7_2.5.ppc.rpm\nopenssl-libs-1.0.1e-51.el7_2.5.ppc64.rpm\n\nppc64le:\nopenssl-1.0.1e-51.el7_2.5.ppc64le.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.ppc64le.rpm\nopenssl-devel-1.0.1e-51.el7_2.5.ppc64le.rpm\nopenssl-libs-1.0.1e-51.el7_2.5.ppc64le.rpm\n\ns390x:\nopenssl-1.0.1e-51.el7_2.5.s390x.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.s390.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.s390x.rpm\nopenssl-devel-1.0.1e-51.el7_2.5.s390.rpm\nopenssl-devel-1.0.1e-51.el7_2.5.s390x.rpm\nopenssl-libs-1.0.1e-51.el7_2.5.s390.rpm\nopenssl-libs-1.0.1e-51.el7_2.5.s390x.rpm\n\nx86_64:\nopenssl-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-devel-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-devel-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-libs-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-libs-1.0.1e-51.el7_2.5.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64:\nopenssl-debuginfo-1.0.1e-51.el7_2.5.ppc.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.ppc64.rpm\nopenssl-perl-1.0.1e-51.el7_2.5.ppc64.rpm\nopenssl-static-1.0.1e-51.el7_2.5.ppc.rpm\nopenssl-static-1.0.1e-51.el7_2.5.ppc64.rpm\n\nppc64le:\nopenssl-debuginfo-1.0.1e-51.el7_2.5.ppc64le.rpm\nopenssl-perl-1.0.1e-51.el7_2.5.ppc64le.rpm\nopenssl-static-1.0.1e-51.el7_2.5.ppc64le.rpm\n\ns390x:\nopenssl-debuginfo-1.0.1e-51.el7_2.5.s390.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.s390x.rpm\nopenssl-perl-1.0.1e-51.el7_2.5.s390x.rpm\nopenssl-static-1.0.1e-51.el7_2.5.s390.rpm\nopenssl-static-1.0.1e-51.el7_2.5.s390x.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-perl-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-static-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-static-1.0.1e-51.el7_2.5.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nopenssl-1.0.1e-51.el7_2.5.src.rpm\n\nx86_64:\nopenssl-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-devel-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-devel-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-libs-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-libs-1.0.1e-51.el7_2.5.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-perl-1.0.1e-51.el7_2.5.x86_64.rpm\nopenssl-static-1.0.1e-51.el7_2.5.i686.rpm\nopenssl-static-1.0.1e-51.el7_2.5.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2016-0799\nhttps://access.redhat.com/security/cve/CVE-2016-2105\nhttps://access.redhat.com/security/cve/CVE-2016-2106\nhttps://access.redhat.com/security/cve/CVE-2016-2107\nhttps://access.redhat.com/security/cve/CVE-2016-2108\nhttps://access.redhat.com/security/cve/CVE-2016-2109\nhttps://access.redhat.com/security/cve/CVE-2016-2842\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFXMFlTXlSAg2UNWIIRAhYAAJ0T9Ib2vXUa5te34i6fphHrbe0HlwCfePy5\nWjaK8x9OaI0FgbWyfxvwq6o=\n=jHjh\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce. 6.7) - i386, ppc64, s390x, x86_64\n\n3. \n\nA security vulnerability in QEMU was addressed by HPE Helion OpenStack. The\nvulnerability could be exploited resulting in local unauthorized data access. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\nAPPLE-SA-2016-07-18-1 OS X El Capitan v10.11.6 and Security Update\n2016-004\n\nOS X El Capitan v10.11.6 and Security Update 2016-004 is now\navailable and addresses the following:\n\napache_mod_php\nAvailable for: \nOS X Yosemite v10.10.5 and OS X El Capitan v10.11 and later\nImpact: A remote attacker may be able to execute arbitrary code\nDescription: Multiple issues existed in PHP versions prior to\n5.5.36. These were addressed by updating PHP to version 5.5.36. \nCVE-2016-4650\n\nAudio\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed through\nimproved memory handling. \nCVE-2016-4647 : Juwei Lin (@fuzzerDOTcn) of Trend Micro\n\nAudio\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to determine kernel memory layout\nDescription: An out-of-bounds read was addressed through improved\ninput validation. \nCVE-2016-4648 : Juwei Lin(@fuzzerDOTcn) of Trend Micro\n\nAudio\nAvailable for: OS X El Capitan v10.11 and later\nImpact: Parsing a maliciously crafted audio file may lead to the\ndisclosure of user information\nDescription: An out-of-bounds read was addressed through improved\nbounds checking. \nCVE-2016-4646 : Steven Seeley of Source Incite working with Trend\nMicro\u0027s Zero Day Initiative\n\nAudio\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to cause a system denial of service\nDescription: A null pointer dereference was addressed through\nimproved input validation. \nCVE-2016-4649 : Juwei Lin(@fuzzerDOTcn) of Trend Micro\n\nbsdiff\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local attacker may be able to cause unexpected application\ntermination or arbitrary code execution\nDescription: An integer overflow existed in bspatch. This issue was\naddressed through improved bounds checking. \nCVE-2014-9862 : an anonymous researcher\n\nCFNetwork\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to view sensitive user information\nDescription: A permissions issue existed in the handling of web\nbrowser cookies. This issue was addressed through improved\nrestrictions. \nCVE-2016-4645 : Abhinav Bansal of Zscaler Inc. \n\nCoreGraphics\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nand OS X El Capitan v10.11 and later\nImpact: A remote attacker may be able to execute arbitrary code\nDescription: A memory corruption issue was addressed through\nimproved memory handling. \nCVE-2016-4637 : Tyler Bohan of Cisco Talos (talosintel.com\n/vulnerability-reports)\n\nCoreGraphics\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to elevate privileges\nDescription: An out-of-bounds read issue existed that led to the\ndisclosure of kernel memory. This was addressed through improved\ninput validation. \nCVE-2016-4652 : Yubin Fu of Tencent KeenLab working with Trend\nMicro\u0027s Zero Day Initiative\n\nFaceTime\nAvailable for: OS X El Capitan v10.11 and later\nImpact: An attacker in a privileged network position may be able to\ncause a relayed call to continue transmitting audio while appearing\nas if the call terminated\nDescription: User interface inconsistencies existed in the handling\nof relayed calls. These issues were addressed through improved\nFaceTime display logic. \nCVE-2016-4635 : Martin Vigo\n\nGraphics Drivers\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed through\nimproved input validation. \nCVE-2016-4634 : Stefan Esser of SektionEins\n\nImageIO\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A remote attacker may be able to cause a denial of service\nDescription: A memory consumption issue was addressed through\nimproved memory handling. \nCVE-2016-4632 : Evgeny Sidorov of Yandex\n\nImageIO\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A remote attacker may be able to execute arbitrary code\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-4631 : Tyler Bohan of Cisco Talos (talosintel.com\n/vulnerability-reports)\n\nImageIO\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nand OS X El Capitan v10.11 and later\nImpact: A remote attacker may be able to execute arbitrary code\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-4629 : Tyler Bohan of Cisco Talos (talosintel.com\n/vulnerability-reports)\nCVE-2016-4630 : Tyler Bohan of Cisco Talos (talosintel.com\n/vulnerability-reports)\n\nIntel Graphics Driver\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A malicious application may be able to execute arbitrary\ncode with kernel privileges\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-4633 : an anonymous researcher\n\nIOHIDFamily\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: A null pointer dereference was addressed through\nimproved input validation. \nCVE-2016-4626 : Stefan Esser of SektionEins\n\nIOSurface\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: A use-after-free was addressed through improved memory\nmanagement. \nCVE-2016-4625 : Ian Beer of Google Project Zero\n\nKernel\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to execute arbitrary code with\nkernel privileges\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-1863 : Ian Beer of Google Project Zero\nCVE-2016-1864 : Ju Zhu of Trend Micro\nCVE-2016-4582 : Shrek_wzw and Proteas of Qihoo 360 Nirvan Team\n\nKernel\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to cause a system denial of service\nDescription: A null pointer dereference was addressed through\nimproved input validation. \nCVE-2016-1865 : CESG, Marco Grassi (@marcograss) of KeenLab\n(@keen_lab), Tencent\n\nlibc++abi\nAvailable for: OS X El Capitan v10.11 and later\nImpact: An application may be able to execute arbitrary code with\nroot privileges\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-4621 : an anonymous researcher\n\nlibexpat\nAvailable for: OS X El Capitan v10.11 and later\nImpact: Processing maliciously crafted XML may lead to unexpected\napplication termination or arbitrary code execution\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-0718 : Gustavo Grieco\n\nLibreSSL\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A remote attacker may be able to execute arbitrary code\nDescription: Multiple issues existed in LibreSSL before 2.2.7. These\nwere addressed by updating LibreSSL to version 2.2.7. \nCVE-2016-2108 : Huzaifa Sidhpurwala (Red Hat), Hanno Boeck, David Benjamin (Google) Mark Brand,\nIan Beer of Google Project Zero\nCVE-2016-2109 : Brian Carpenter\n\nlibxml2\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nand OS X El Capitan v10.11 and later\nImpact: Parsing a maliciously crafted XML document may lead to\ndisclosure of user information\nDescription: An access issue existed in the parsing of maliciously\ncrafted XML files. This issue was addressed through improved input\nvalidation. \nCVE-2016-4449 : Kostya Serebryany\n\nlibxml2\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nand OS X El Capitan v10.11 and later\nImpact: Multiple vulnerabilities in libxml2\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-1836 : Wei Lei and Liu Yang of Nanyang Technological\nUniversity\nCVE-2016-4447 : Wei Lei and Liu Yang of Nanyang Technological\nUniversity\nCVE-2016-4448 : Apple\nCVE-2016-4483 : Gustavo Grieco\nCVE-2016-4614 : Nick Wellnhofe\nCVE-2016-4615 : Nick Wellnhofer\nCVE-2016-4616 : Michael Paddon\nCVE-2016-4619 : Hanno Boeck\n\nlibxslt\nAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,\nand OS X El Capitan v10.11 and later\nImpact: Multiple vulnerabilities in libxslt\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-1684 : Nicolas GrA(c)goire\nCVE-2016-4607 : Nick Wellnhofer\nCVE-2016-4608 : Nicolas GrA(c)goire\nCVE-2016-4609 : Nick Wellnhofer\nCVE-2016-4610 : Nick Wellnhofer\nCVE-2016-4612 : Nicolas GrA(c)goire\n\nLogin Window\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A malicious application may be able to execute arbitrary\ncode leading to compromise of user information\nDescription: A memory corruption issue was addressed through\nimproved input validation. \nCVE-2016-4640 : Yubin Fu of Tencent KeenLab working with Trend\nMicro\u0027s Zero Day Initiative\n\nLogin Window\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A malicious application may be able to execute arbitrary\ncode leading to the compromise of user information\nDescription: A type confusion issue was addressed through improved\nmemory handling. \nCVE-2016-4641 : Yubin Fu of Tencent KeenLab working with Trend\nMicro\u0027s Zero Day Initiative\n\nLogin Window\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local user may be able to cause a denial of service\nDescription: A memory initialization issue was addressed through\nimproved memory handling. \nCVE-2016-4639 : Yubin Fu of Tencent KeenLab working with Trend\nMicro\u0027s Zero Day Initiative\n\nLogin Window\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A malicious application may be able to gain root privileges\nDescription: A type confusion issue was addressed through improved\nmemory handling. \nCVE-2016-4638 : Yubin Fu of Tencent KeenLab working with Trend\nMicro\u0027s Zero Day Initiative\n\nOpenSSL\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A remote attacker may be able to execute arbitrary code\nDescription: Multiple issues existed in OpenSSL. These issues were resolved by backporting the fixes from OpenSSL 1.0.2h/1.0.1 to OpenSSL 0.9.8. \nCVE-2016-2105 : Guido Vranken\nCVE-2016-2106 : Guido Vranken\nCVE-2016-2107 : Juraj Somorovsky\nCVE-2016-2108 : Huzaifa Sidhpurwala (Red Hat), Hanno Boeck, David Benjamin (Google), Mark Brand and Ian Beer of Google Project Zero\nCVE-2016-2109 : Brian Carpenter\nCVE-2016-2176 : Guido Vranken\n\nQuickTime\nAvailable for: OS X El Capitan v10.11 and later\nImpact: Processing a maliciously crafted FlashPix Bitmap Image may\nlead to unexpected application termination or arbitrary code\nexecution\nDescription: Multiple memory corruption issues were addressed\nthrough improved memory handling. \nCVE-2016-4596 : Ke Liu of Tencent\u0027s Xuanwu Lab\nCVE-2016-4597 : Ke Liu of Tencent\u0027s Xuanwu Lab\nCVE-2016-4600 : Ke Liu of Tencent\u0027s Xuanwu Lab\nCVE-2016-4602 : Ke Liu of Tencent\u0027s Xuanwu Lab\n\nQuickTime\nAvailable for: OS X El Capitan v10.11 and later\nImpact: Processing a maliciously crafted image may lead to arbitrary\ncode execution\nDescription: A memory corruption issue was addressed through\nimproved input validation. \nCVE-2016-4598 : Ke Liu of Tencent\u0027s Xuanwu Lab\n\nQuickTime\nAvailable for: OS X El Capitan v10.11 and later\nImpact: Processing a maliciously crafted SGI file may lead to\narbitrary code execution\nDescription: A memory corruption issue was addressed through\nimproved input validation. \nCVE-2016-4601 : Ke Liu of Tencent\u0027s Xuanwu Lab\n\nQuickTime\nAvailable for: OS X El Capitan v10.11 and later\nImpact: Processing a maliciously crafted Photoshop document may lead\nto unexpected application termination or arbitrary code execution\nDescription: A memory corruption issue was addressed through\nimproved input validation. \nCVE-2016-4599 : Ke Liu of Tencent\u0027s Xuanwu Lab\n\nSafari Login AutoFill\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A user\u0027s password may be visible on screen\nDescription: An issue existed in Safari\u0027s password auto-fill. This\nissue was addressed through improved matching of form fields. \nCVE-2016-4595 : Jonathan Lewis from DeARX Services (PTY) LTD\n\nSandbox Profiles\nAvailable for: OS X El Capitan v10.11 and later\nImpact: A local application may be able to access the process list\nDescription: An access issue existed with privileged API calls. This\nissue was addressed through additional restrictions. \nCVE-2016-4594 : Stefan Esser of SektionEins\n\nNote: OS X El Capitan 10.11.6 includes the security content of Safari\n9.1.2. For further details see https://support.apple.com/kb/HT206900\n\n\nOS X El Capitan v10.11.6 and Security Update 2016-004 may be obtained\nfrom the Mac App Store or Apple\u0027s Software Downloads web site:\nhttp://www.apple.com/support/downloads/\n\nInformation will also be posted to the Apple Security Updates\nweb site: http://support.apple.com/kb/HT201222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n-----BEGIN PGP SIGNATURE-----\nComment: GPGTools - https://gpgtools.org\n\niQIcBAEBCgAGBQJXjXAvAAoJEIOj74w0bLRG/5EP/2v9SJTrO+/4b3A1gqC1ch8y\n+cJ04tXRsO7rvjKT5nCylo30U0Sanz/bUbDx4559YS7/P/IyeyZVheaTJwK8wzEy\npSOPpy35hUuVIw0/p4YsuHDThSBPFMmDljTxH7elkfuBV1lPSrCkyDXc0re2HxWV\nxj68zAxtM0jkkhgcxb2ApZSZVXhrjUZtbY0xEVOoWKKFwbMvKfx+4xSqunwQeS1u\nwevs1EbxfvsZbc3pG+xYcOonbegBzOy9aCvNO1Yv1zG+AYXC5ERMq1vk3PsWOTQN\nZVY1I7mvCaEfvmjq2isRw8XYapAIKISDLwMKBSYrZDQFwPQLRi1VXxQZ67Kq1M3k\nah04/lr0RIcoosIcBqxD2+1UAFjUzEUNFkYivjhuaeegN2QdL7Ujegf1QjdAt8lk\nmmKduxYUDOaRX50Kw7n14ZveJqzE1D5I6QSItaZ9M1vR60a7u91DSj9D87vbt1YC\nJM/Rvf/4vonp1NjwA2JQwCiZfYliBDdn9iiCl8mzxdsSRD/wXcZCs05nnKmKsCfc\n55ET7IwdG3622lVheOJGQZuucwJiTn36zC11XVzZysQd/hLD5rUKUQNX1WOgZdzs\nxPsslXF5MWx9jcdyWVSWxDrN0sFk+GpQFQDuVozP60xuxqR3qQ0TXir2NP39uIF5\nYozOGPQFmX0OviWCQsX6\n=ng+m\n-----END PGP SIGNATURE-----\n. \n\nThe References section of this erratum contains a download link (you must\nlog in to download the update)",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-2108"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002475"
},
{
"db": "BID",
"id": "89752"
},
{
"db": "VULMON",
"id": "CVE-2016-2108"
},
{
"db": "PACKETSTORM",
"id": "142803"
},
{
"db": "PACKETSTORM",
"id": "140056"
},
{
"db": "PACKETSTORM",
"id": "136912"
},
{
"db": "PACKETSTORM",
"id": "139115"
},
{
"db": "PACKETSTORM",
"id": "136937"
},
{
"db": "PACKETSTORM",
"id": "143513"
},
{
"db": "PACKETSTORM",
"id": "137206"
},
{
"db": "PACKETSTORM",
"id": "139167"
},
{
"db": "PACKETSTORM",
"id": "137353"
},
{
"db": "PACKETSTORM",
"id": "137958"
},
{
"db": "PACKETSTORM",
"id": "139116"
}
],
"trust": 2.97
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-2108",
"trust": 3.3
},
{
"db": "BID",
"id": "89752",
"trust": 1.4
},
{
"db": "PACKETSTORM",
"id": "136912",
"trust": 1.2
},
{
"db": "PULSESECURE",
"id": "SA40202",
"trust": 1.1
},
{
"db": "SIEMENS",
"id": "SSA-412672",
"trust": 1.1
},
{
"db": "BID",
"id": "91787",
"trust": 1.1
},
{
"db": "TENABLE",
"id": "TNS-2016-18",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1035721",
"trust": 1.1
},
{
"db": "JUNIPER",
"id": "JSA10759",
"trust": 1.1
},
{
"db": "JVN",
"id": "JVNVU93163809",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU94844193",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002475",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-22-349-21",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-2108",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "142803",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "140056",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "139115",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136937",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "143513",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "137206",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "139167",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "137353",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "137958",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "139116",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-2108"
},
{
"db": "BID",
"id": "89752"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002475"
},
{
"db": "PACKETSTORM",
"id": "142803"
},
{
"db": "PACKETSTORM",
"id": "140056"
},
{
"db": "PACKETSTORM",
"id": "136912"
},
{
"db": "PACKETSTORM",
"id": "139115"
},
{
"db": "PACKETSTORM",
"id": "136937"
},
{
"db": "PACKETSTORM",
"id": "143513"
},
{
"db": "PACKETSTORM",
"id": "137206"
},
{
"db": "PACKETSTORM",
"id": "139167"
},
{
"db": "PACKETSTORM",
"id": "137353"
},
{
"db": "PACKETSTORM",
"id": "137958"
},
{
"db": "PACKETSTORM",
"id": "139116"
},
{
"db": "NVD",
"id": "CVE-2016-2108"
}
]
},
"id": "VAR-201605-0078",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.405729735
},
"last_update_date": "2024-06-12T20:06:13.420000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Android Security Bulletin-July 2016",
"trust": 0.8,
"url": "http://source.android.com/security/bulletin/2016-07-01.html"
},
{
"title": "APPLE-SA-2016-07-18-1 OS X El Capitan v10.11.6 and Security Update 2016-004",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce/2016/jul/msg00000.html"
},
{
"title": "HT206903",
"trust": 0.8,
"url": "https://support.apple.com/en-us/ht206903"
},
{
"title": "HT206903",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/ht206903"
},
{
"title": "HPSBGN03620",
"trust": 0.8,
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05164862"
},
{
"title": "HPSBGN03610",
"trust": 0.8,
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05149345"
},
{
"title": "SB10160",
"trust": 0.8,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10160"
},
{
"title": "NV16-015",
"trust": 0.8,
"url": "http://jpn.nec.com/security-info/secinfo/nv16-015.html"
},
{
"title": "OpenSSL 1.0.1 Series Release Notes",
"trust": 0.8,
"url": "https://www.openssl.org/news/openssl-1.0.1-notes.html"
},
{
"title": "OpenSSL 1.0.2 Series Release Notes",
"trust": 0.8,
"url": "https://www.openssl.org/news/openssl-1.0.2-notes.html"
},
{
"title": "Fix encoding bug in i2c_ASN1_INTEGER",
"trust": 0.8,
"url": "https://git.openssl.org/?p=openssl.git;a=commit;h=3661bb4e7934668bd99ca777ea8b30eedfafa871"
},
{
"title": "Fix ASN1_INTEGER handling.",
"trust": 0.8,
"url": "https://git.openssl.org/?p=openssl.git;a=commit;h=f5da52e308a6aeea6d5f3df98c4da295d7e9cc27"
},
{
"title": "Memory corruption in the ASN.1 encoder (CVE-2016-2108)",
"trust": 0.8,
"url": "https://www.openssl.org/news/secadv/20160503.txt"
},
{
"title": "Oracle Critical Patch Update Advisory - July 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"title": "Oracle Linux Bulletin - April 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
},
{
"title": "Oracle Solaris Third Party Bulletin - April 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"title": "RHSA-2016:0722",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/rhsa-2016-0722.html"
},
{
"title": "RHSA-2016:0996",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/rhsa-2016-0996.html"
},
{
"title": "SA40202",
"trust": 0.8,
"url": "https://kb.pulsesecure.net/articles/pulse_security_advisories/sa40202"
},
{
"title": "JSA10759",
"trust": 0.8,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10759"
},
{
"title": "TLSA-2016-14",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2016/tlsa-2016-14j.html"
},
{
"title": "\u30b5\u30fc\u30d0\u30fb\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u88fd\u54c1\u306b\u304a\u3051\u308bOpenSSL\u306e\u8106\u5f31\u6027(CVE-2016-2108)\u306b\u3088\u308b\u5f71\u97ff\u306b\u3064\u3044\u3066 (hitachi-sec-2016-201)",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/products/it/server/security/info/vulnerable/openssl_cve2016-2108.html"
},
{
"title": "HS16-023",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/prod/comp/soft1/security/info/vuls/hs16-023/index.html"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2016/05/03/openssl_patches/"
},
{
"title": "Red Hat: Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Release on RHEL 7",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20170194 - security advisory"
},
{
"title": "Red Hat: Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Release on RHEL 6",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20170193 - security advisory"
},
{
"title": "Red Hat: Important: openssl security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20162073 - security advisory"
},
{
"title": "Red Hat: CVE-2016-2108",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2016-2108"
},
{
"title": "Ubuntu Security Notice: openssl vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-2959-1"
},
{
"title": "Debian Security Advisories: DSA-3566-1 openssl -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=055972eb84483959232c972f757685e0"
},
{
"title": "Amazon Linux AMI: ALAS-2016-695",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2016-695"
},
{
"title": "Citrix Security Bulletins: Citrix XenServer 7.2 Multiple Security Updates",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins\u0026qid=b7259bee9307e075caf863b54947ad7b"
},
{
"title": "Citrix Security Bulletins: Citrix XenServer Multiple Security Updates",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins\u0026qid=c11f24ab4065121676cfe8313127856c"
},
{
"title": "Red Hat: Important: Red Hat JBoss Core Services Apache HTTP 2.4.23 Release",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20162957 - security advisory"
},
{
"title": "Symantec Security Advisories: SA123 : OpenSSL Vulnerabilities 3-May-2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=5d65f6765e60e5fe9e6998a5bde1aadc"
},
{
"title": "Forcepoint Security Advisories: CVE-2016-2105, 2106, 2107, 2108, 2109, 2176 -- Security Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=forcepoint_security_advisories\u0026qid=01fd01e3d154696ffabfde89f4142310"
},
{
"title": "Tenable Security Advisories: [R3] PVS 5.1.0 Fixes Multiple Third-party Library Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=tns-2016-13"
},
{
"title": "Android Security Bulletins: Android Security Bulletin\u2014July 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=25584b3d319ca9e7cb2fae9ec5dbf5e0"
},
{
"title": "Oracle Linux Bulletins: Oracle Linux Bulletin - April 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=83bbd91f8369c8f064e6d68dac68400f"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - April 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=976a4da35d55283870dbb31b88a6c655"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - July 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=2f446a7e1ea263c0c3a365776c6713f2"
},
{
"title": "Android Security Bulletins: Android Security Bulletin\u2014July 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=fb0fe6abcf6343f263d1cf5da183946c"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - July 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=3a04485ebb79f7fbc2472bf9af5ce489"
},
{
"title": "Tenable Security Advisories: [R7] LCE 4.8.1 Fixes Multiple Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=tns-2016-18"
},
{
"title": "Vuls simulator for Deep Security",
"trust": 0.1,
"url": "https://github.com/kn0630/vulssimulator_ds "
},
{
"title": "satellite-host-cve\nWhat does code do\nWhat versions does it work on\nPrerequisites\nHow to run your code\nExample Output\nKnown issues",
"trust": 0.1,
"url": "https://github.com/redhatsatellite/satellite-host-cve "
},
{
"title": "OpenSSL-CVE-lib",
"trust": 0.1,
"url": "https://github.com/chnzzh/openssl-cve-lib "
},
{
"title": "https://github.com/samreleasenotes/SamsungReleaseNotes",
"trust": 0.1,
"url": "https://github.com/samreleasenotes/samsungreleasenotes "
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/android-security-bulletin-features-two-patch-levels/119056/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-2108"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002475"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-002475"
},
{
"db": "NVD",
"id": "CVE-2016-2108"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.5,
"url": "https://www.openssl.org/news/secadv/20160503.txt"
},
{
"trust": 1.5,
"url": "http://rhn.redhat.com/errata/rhsa-2016-0722.html"
},
{
"trust": 1.4,
"url": "http://source.android.com/security/bulletin/2016-07-01.html"
},
{
"trust": 1.4,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"trust": 1.4,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160504-openssl"
},
{
"trust": 1.4,
"url": "http://support.citrix.com/article/ctx212736"
},
{
"trust": 1.2,
"url": "https://security.gentoo.org/glsa/201612-16"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2017:0194"
},
{
"trust": 1.2,
"url": "http://rhn.redhat.com/errata/rhsa-2016-2056.html"
},
{
"trust": 1.2,
"url": "http://rhn.redhat.com/errata/rhsa-2016-2073.html"
},
{
"trust": 1.1,
"url": "https://kb.pulsesecure.net/articles/pulse_security_advisories/sa40202"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05164862"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2016-0996.html"
},
{
"trust": 1.1,
"url": "http://lists.apple.com/archives/security-announce/2016/jul/msg00000.html"
},
{
"trust": 1.1,
"url": "https://support.apple.com/ht206903"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/91787"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05149345"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/89752"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2016:1137"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00016.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00014.html"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-may/184605.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00018.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00010.html"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-may/183457.html"
},
{
"trust": 1.1,
"url": "http://www.ubuntu.com/usn/usn-2959-1"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00036.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00015.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00017.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00001.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00013.html"
},
{
"trust": 1.1,
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2016\u0026m=slackware-security.542103"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00019.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00055.html"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1035721"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2016/dsa-3566"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00030.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00011.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00008.html"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-may/183607.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00029.html"
},
{
"trust": 1.1,
"url": "https://bto.bluecoat.com/security-advisory/sa123"
},
{
"trust": 1.1,
"url": "http://packetstormsecurity.com/files/136912/slackware-security-advisory-openssl-updates.html"
},
{
"trust": 1.1,
"url": "https://security-center.intel.com/advisory.aspx?intelid=intel-sa-00067\u0026languageid=en-fr"
},
{
"trust": 1.1,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10759"
},
{
"trust": 1.1,
"url": "https://www.tenable.com/security/tns-2016-18"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05386804"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbgn03726en_us"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03756en_us"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03765en_us"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"trust": 1.1,
"url": "https://security.netapp.com/advisory/ntap-20160504-0001/"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2017:0193"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2016-2957.html"
},
{
"trust": 1.1,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
},
{
"trust": 1.1,
"url": "https://git.openssl.org/?p=openssl.git%3ba=commit%3bh=f5da52e308a6aeea6d5f3df98c4da295d7e9cc27"
},
{
"trust": 1.1,
"url": "https://git.openssl.org/?p=openssl.git%3ba=commit%3bh=3661bb4e7934668bd99ca777ea8b30eedfafa871"
},
{
"trust": 1.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2108"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2108"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2109"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2106"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2105"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu94844193/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu93163809/"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-2108"
},
{
"trust": 0.8,
"url": "http://www.aratana.jp/security/detail.php?id=16"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2107"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2016-2108"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2176"
},
{
"trust": 0.4,
"url": "http://www.hpe.com/support/security_bulletin_archive"
},
{
"trust": 0.4,
"url": "http://www.hpe.com/support/subscriber_choice"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2016-2109"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2016-2106"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2016-2105"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.4,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.3,
"url": "http://openssl.org/"
},
{
"trust": 0.3,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1331402"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05149345"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05164862"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1023779"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1024078"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1024319"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5099464"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21989046"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg2c1000158"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1021361"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1021376"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2016-1137.html"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21987903"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1024066"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21988007"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1009147"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1009281"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21983158"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21983909"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21984323"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21984446"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21984583"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21984609"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21984794"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21984920"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21984977"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21985736"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986068"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986152"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986473"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986506"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986563"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986564"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986669"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21987671"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21987779"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21987968"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21988055"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21988071"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21988189"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21988976"
},
{
"trust": 0.3,
"url": "https://gtacknowledge.extremenetworks.com/articles/vulnerability_notice/vn-2016-007-cve-2016-2108-negative-zero"
},
{
"trust": 0.3,
"url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory20.asc"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21982814"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1007982"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.2,
"url": "https://www.hpe.com/info/report-security-vulnerability"
},
{
"trust": 0.2,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c01345499"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/articles/2688611"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/solutions/222023"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4459"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2015-4000"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4000"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3195"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3183"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-3110"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-4459"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2015-3195"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2015-3183"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-3110"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?product=appplatform\u0026downloadtype=securitypatches\u0026version=6.4"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-2107"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0799"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-2842"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-0799"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2842"
},
{
"trust": 0.2,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_n"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/kn0630/vulssimulator_ds"
},
{
"trust": 0.1,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-21"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/2959-1/"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-hpesbhf03756en_us"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2180"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2105"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2178"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2183"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2107"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2178"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2176"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2177"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-7052"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-6304"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-6305"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2106"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2108"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7052"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6306"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2109"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6304"
},
{
"trust": 0.1,
"url": "http://eprint.iacr.org/2016/594.pdf"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6305"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2180"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2177"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2183"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-6306"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2109"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2107"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2176"
},
{
"trust": 0.1,
"url": "http://slackware.com"
},
{
"trust": 0.1,
"url": "http://osuosl.org)"
},
{
"trust": 0.1,
"url": "http://slackware.com/gpg-key"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2105"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2106"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2016-2055.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/jboss_enterprise_application_platform/6.4/index.html"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-hpesbhf03765en_us"
},
{
"trust": 0.1,
"url": "http://h20565.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-a00006123en_"
},
{
"trust": 0.1,
"url": "https://helion.hpwsportal.com"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-3710"
},
{
"trust": 0.1,
"url": "http://docs.hpcloud.com/#helion/releasenotes215.html"
},
{
"trust": 0.1,
"url": "http://docs.hpcloud.com/#helion/installation/upgrade2x_to_215.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0718"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4599"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4601"
},
{
"trust": 0.1,
"url": "https://gpgtools.org"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4449"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4483"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1836"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4600"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1865"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4597"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4596"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4447"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1863"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4582"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4595"
},
{
"trust": 0.1,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1864"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-9862"
},
{
"trust": 0.1,
"url": "http://support.apple.com/kb/ht201222"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4607"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4448"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4598"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1684"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4602"
},
{
"trust": 0.1,
"url": "https://support.apple.com/kb/ht206900"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4594"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en/jboss-enterprise-application-platform/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-2108"
},
{
"db": "BID",
"id": "89752"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002475"
},
{
"db": "PACKETSTORM",
"id": "142803"
},
{
"db": "PACKETSTORM",
"id": "140056"
},
{
"db": "PACKETSTORM",
"id": "136912"
},
{
"db": "PACKETSTORM",
"id": "139115"
},
{
"db": "PACKETSTORM",
"id": "136937"
},
{
"db": "PACKETSTORM",
"id": "143513"
},
{
"db": "PACKETSTORM",
"id": "137206"
},
{
"db": "PACKETSTORM",
"id": "139167"
},
{
"db": "PACKETSTORM",
"id": "137353"
},
{
"db": "PACKETSTORM",
"id": "137958"
},
{
"db": "PACKETSTORM",
"id": "139116"
},
{
"db": "NVD",
"id": "CVE-2016-2108"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2016-2108"
},
{
"db": "BID",
"id": "89752"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002475"
},
{
"db": "PACKETSTORM",
"id": "142803"
},
{
"db": "PACKETSTORM",
"id": "140056"
},
{
"db": "PACKETSTORM",
"id": "136912"
},
{
"db": "PACKETSTORM",
"id": "139115"
},
{
"db": "PACKETSTORM",
"id": "136937"
},
{
"db": "PACKETSTORM",
"id": "143513"
},
{
"db": "PACKETSTORM",
"id": "137206"
},
{
"db": "PACKETSTORM",
"id": "139167"
},
{
"db": "PACKETSTORM",
"id": "137353"
},
{
"db": "PACKETSTORM",
"id": "137958"
},
{
"db": "PACKETSTORM",
"id": "139116"
},
{
"db": "NVD",
"id": "CVE-2016-2108"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-05-05T00:00:00",
"db": "VULMON",
"id": "CVE-2016-2108"
},
{
"date": "2016-05-03T00:00:00",
"db": "BID",
"id": "89752"
},
{
"date": "2016-05-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-002475"
},
{
"date": "2017-06-05T18:18:00",
"db": "PACKETSTORM",
"id": "142803"
},
{
"date": "2016-12-07T16:37:31",
"db": "PACKETSTORM",
"id": "140056"
},
{
"date": "2016-05-04T14:53:10",
"db": "PACKETSTORM",
"id": "136912"
},
{
"date": "2016-10-12T20:28:07",
"db": "PACKETSTORM",
"id": "139115"
},
{
"date": "2016-05-09T14:05:44",
"db": "PACKETSTORM",
"id": "136937"
},
{
"date": "2017-07-26T17:44:00",
"db": "PACKETSTORM",
"id": "143513"
},
{
"date": "2016-05-26T14:44:00",
"db": "PACKETSTORM",
"id": "137206"
},
{
"date": "2016-10-18T13:58:46",
"db": "PACKETSTORM",
"id": "139167"
},
{
"date": "2016-06-08T13:16:00",
"db": "PACKETSTORM",
"id": "137353"
},
{
"date": "2016-07-19T19:45:20",
"db": "PACKETSTORM",
"id": "137958"
},
{
"date": "2016-10-12T23:44:55",
"db": "PACKETSTORM",
"id": "139116"
},
{
"date": "2016-05-05T01:59:04.230000",
"db": "NVD",
"id": "CVE-2016-2108"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2016-2108"
},
{
"date": "2016-10-10T00:14:00",
"db": "BID",
"id": "89752"
},
{
"date": "2017-10-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-002475"
},
{
"date": "2023-11-07T02:30:56.157000",
"db": "NVD",
"id": "CVE-2016-2108"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "89752"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL of ASN.1 Implementation of arbitrary code execution vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-002475"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "89752"
}
],
"trust": 0.3
}
}
VAR-201703-0755
Vulnerability from variot - Updated: 2024-04-19 23:01The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string. Apache Struts2 Contains a vulnerability that allows the execution of arbitrary code. Apache Struts2 In Jakarta Multipart parser A vulnerability exists in the execution of arbitrary code that could allow the execution of arbitrary code. The attack code for this vulnerability has been released.By processing a request crafted by a remote third party, arbitrary code could be executed with the privileges of the application. Apache Struts is prone to a remote code-execution vulnerability. Apache Struts 2.3.5 through 2.3.31 and 2.5 through 2.5.10 are vulnerable. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03723en_us
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: hpesbhf03723en_us Version: 1
HPESBHF03723 rev.1 - HPE Aruba ClearPass Policy Manager, using Apache Struts, Remote Code Execution
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2017-03-29 Last Updated: 2017-03-29
Potential Security Impact: Remote: Code Execution
Source: Hewlett Packard Enterprise, Product Security Response Team
VULNERABILITY SUMMARY A potential security vulnerability has been identified in HPE Aruba ClearPass Policy Manager.
Note: The ClearPass Policy Manager administrative Web interface is affected by the vulnerability. ClearPass Guest, Insight, and Graphite are NOT impacted.
References:
- CVE-2017-5638 - Apache Struts, remote code execution
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
- Aruba ClearPass Policy Manager All versions prior to 6.6.5
BACKGROUND
CVSS Base Metrics ================= Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector
CVE-2017-5638
9.4 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
9.7 (AV:N/AC:L/Au:N/C:C/I:C/A:P)
Information on CVSS is documented in
HPE Customer Notice HPSN-2008-002 here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499
RESOLUTION
HPE Aruba has provided hotfixes for ClearPass 6.6.5, 6.6.4, and 6.5.7. Use one of the following methods to install the appropriate hotfix:
Install the Hotfix Online Using the Software Updates Portal:
-
Open ClearPass Policy Manager and go to Administration - Agents and Software Updates - Software Updates.
-
In the Firmware and Patch Updates area, find the "ClearPass 6.5.7 Hotfix Patch for CVE-2017-5638" or "ClearPass 6.6.4 Hotfix Patch for CVE-2017-5638" patch and click the Download button in its row.
-
Click Install.
-
When the installation is complete and the status is shown as "Needs Restart", proceed to restart ClearPass. After reboot, the status for the patch will be shown as Installed. The ClearPass Policy Manager version number will not change.
Installing the hotfix Offline Using the Patch File from support.arubanetworks.com:
-
Download the "ClearPass 6.5.7 Hotfix Patch for CVE-2017-5638" or "ClearPass 6.6.4 Hotfix Patch for CVE-2017-5638" patch from the Support site.
-
Open the ClearPass Policy Manager Admin UI and go to Administration - Agents and Software Updates - Software Updates.
-
At the bottom of the Firmware and Patch Updates area, click Import Updates and browse to the downloaded patch file. The name and description once imported may differ from the name and remark on the support site as these were adjusted after posting. This is purely a cosmetic discrepancy.
-
Click Install.
-
When the installation is complete and the status is shown as Needs Restart, proceed to restart ClearPass. After reboot, the status for the patch will be shown as Installed. The ClearPass Policy Manager version number will not change.
Workarounds
Restrict access to the Policy Manager Admin Web Interface. This can be accomplished by navigating to Administration - Server Manager - Server Configuration - Server-Name - Network - Restrict Access and only allowing non-public or network management networks.
Note: Please contact HPE Technical Support if any assistance is needed acquiring the software updates.
HISTORY Version:1 (rev.1) - 29 March 2017 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running Hewlett Packard Enterprise (HPE) software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HPE Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hpe.com.
Report: To report a potential security vulnerability for any HPE supported product: Web form: https://www.hpe.com/info/report-security-vulnerability Email: security-alert@hpe.com
Subscribe: To initiate a subscription to receive future HPE Security Bulletin alerts via Email: http://www.hpe.com/support/Subscriber_Choice
Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://www.hpe.com/support/Security_Bulletin_Archive
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HPE General Software HF = HPE Hardware and Firmware MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PV = ProCurve ST = Storage Software UX = HP-UX
Copyright 2016 Hewlett Packard Enterprise
Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett Packard Enterprise and the names of Hewlett Packard Enterprise products referenced herein are trademarks of Hewlett Packard Enterprise in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQEcBAEBCAAGBQJY3BR/AAoJELXhAxt7SZaiMW8H/0+jWL4Evk+KeqP7aYk1msGp 9ih3F2680VrHVsUbSzul3+svnaWTJUgRe7fUTvsh/Q6bx/Eo86yo8iXGjmzETLtY cTuQrHLySo55Pwua9+89V4e13QkRvQ/UmQPYDMPEk9L7wwU9OF0oCpXHQBuWnw07 mKLZ12HaZqM8vJXgwgJFH77Mf3r5TkGFHsrZ0M+2vvxioJIEfmWV/x4eqtvIy6zS C6CX1M9x4xD442XcFfnH0BHA9RL6LOeYngTPYR7IIycvzpqd8kOWunjs38+IJpFR g49ho/NddeZfDKdJcIdfJ+0f3x2h7FPiVadXu1PzdCckhFHkHmrSlVcRbQZ+1R8= =8ljI -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201703-0755",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "struts",
"scope": "eq",
"trust": 1.9,
"vendor": "apache",
"version": "2.3.30"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.9,
"vendor": "apache",
"version": "2.5.8"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.9,
"vendor": "apache",
"version": "2.5.7"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.9,
"vendor": "apache",
"version": "2.5.5"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.9,
"vendor": "apache",
"version": "2.5.2"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.9,
"vendor": "apache",
"version": "2.5.10"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.6,
"vendor": "apache",
"version": "2.5.4"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.6,
"vendor": "apache",
"version": "2.5.3"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.6,
"vendor": "apache",
"version": "2.5.6"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.6,
"vendor": "apache",
"version": "2.5.9"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "2.3.31"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "2.3.28"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "2.3.24"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "2.3.5"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "2.5.1"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "2.5"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "2.3.8"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "2.3.7"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "2.3.29"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "2.3.20"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "2.3.16"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "2.3.15"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "2.3.14"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "2.3.12"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.3.15.1"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.3.15.2"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.3.14.3"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.3.19"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.3.21"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.3.20.3"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.3.17"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.3.14.1"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.3.28.1"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.3.24.2"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.3.16.2"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.3.24.1"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.3.26"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.3.16.1"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.3.13"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.3.6"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.3.14.2"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.3.9"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.3.23"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.3.22"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.3.20.2"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.3.16.3"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.3.25"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.3.10"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.3.20.1"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.3.24.3"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.3.11"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.3.15.3"
},
{
"model": "struts",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.3.27"
},
{
"model": "struts",
"scope": "lte",
"trust": 0.8,
"vendor": "apache",
"version": "2.3.5 from 2.3.31"
},
{
"model": "struts",
"scope": "lte",
"trust": 0.8,
"vendor": "apache",
"version": "2.5 from 2.5.10"
},
{
"model": "esmpro/servermanager",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "6.10 to 6.16"
},
{
"model": "infoframe relational store",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "istorage",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "hs series 5.0.5"
},
{
"model": "staroffice x",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "enterprise v4.0"
},
{
"model": "staroffice x",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "enterprise v5.0"
},
{
"model": "staroffice x",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "enterprise v5.1"
},
{
"model": "staroffice x",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "standard v4.0"
},
{
"model": "staroffice x",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "standard v5.0"
},
{
"model": "staroffice x",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "standard v5.1"
},
{
"model": "webotx developer",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "\"(with developers studio) v9.3\""
},
{
"model": "webotx developer",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "\"(with developers studio) v9.4\""
},
{
"model": "hirdb",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "server version 9"
},
{
"model": "hirdb control manager",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "- server version 9"
},
{
"model": "vrealize operations manager",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0"
},
{
"model": "vrealize hyperic",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.0"
},
{
"model": "vcenter server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5"
},
{
"model": "vcenter server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0"
},
{
"model": "horizon desktop as-a-service platform",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "7.0"
},
{
"model": "horizon desktop as-a-service platform",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0"
},
{
"model": "webcenter sites",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1.18.0"
},
{
"model": "webcenter sites",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.2.1.2.0"
},
{
"model": "webcenter sites",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.2.1.1.0"
},
{
"model": "webcenter sites",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.2.1.0.0"
},
{
"model": "sterling selling and fulfillment foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"model": "sterling selling and fulfillment foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.4"
},
{
"model": "sterling selling and fulfillment foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.2.1"
},
{
"model": "sterling selling and fulfillment foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.2"
},
{
"model": "sterling selling and fulfillment foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "sterling selling and fulfillment foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.3.0"
},
{
"model": "connections",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5"
},
{
"model": "connections",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "connections",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"model": "connections",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "smsgw v100r003c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "smsgw v100r002c11",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "smsgw v100r002c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "secospace antiddos8030 v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "imanager neteco v600r007c91",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "6000"
},
{
"model": "imanager neteco v600r007c90",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "6000"
},
{
"model": "imanager neteco v600r007c80",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "6000"
},
{
"model": "imanager neteco v600r008c20",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "imanager neteco v600r008c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "imanager neteco v600r008c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "imanager neteco v600r007c60spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "imanager neteco v600r007c50",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "imanager neteco v600r007c11",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "espace ecs v300r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "espace ecs v200r003c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "espace ecs v200r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "espace ecs v200r002c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "universal cmdb foundation software cup5",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.22"
},
{
"model": "server automation",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.16"
},
{
"model": "server automation",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.15"
},
{
"model": "server automation",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.14"
},
{
"model": "server automation",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.13"
},
{
"model": "server automation",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.12"
},
{
"model": "server automation",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.10"
},
{
"model": "server automation",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.1"
},
{
"model": "server automation",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.50"
},
{
"model": "server automation",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.20"
},
{
"model": "server automation",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.10"
},
{
"model": "server automation",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.02"
},
{
"model": "server automation",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.01"
},
{
"model": "server automation",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.00"
},
{
"model": "virtualized voice browser",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unity connection",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified sip proxy software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified intelligent contact management enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified intelligence center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified contact center enterprise live data server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "unified contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified communications manager session management edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified communications manager im \u0026 presence service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "socialminer",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime service catalog appliance and virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime license manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "packaged contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "identity services engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "hosted collaboration solution for contact center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "hosted collaboration mediation fulfillment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "finesse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "emergency responder",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "hipchat server",
"scope": "eq",
"trust": 0.3,
"vendor": "atlassian",
"version": "2.0"
},
{
"model": "crowd",
"scope": "eq",
"trust": 0.3,
"vendor": "atlassian",
"version": "2.11"
},
{
"model": "crowd",
"scope": "eq",
"trust": 0.3,
"vendor": "atlassian",
"version": "2.10.1"
},
{
"model": "crowd",
"scope": "eq",
"trust": 0.3,
"vendor": "atlassian",
"version": "2.9.5"
},
{
"model": "crowd",
"scope": "eq",
"trust": 0.3,
"vendor": "atlassian",
"version": "2.9.4"
},
{
"model": "crowd",
"scope": "eq",
"trust": 0.3,
"vendor": "atlassian",
"version": "2.9.3"
},
{
"model": "crowd",
"scope": "eq",
"trust": 0.3,
"vendor": "atlassian",
"version": "2.9.2"
},
{
"model": "crowd",
"scope": "eq",
"trust": 0.3,
"vendor": "atlassian",
"version": "2.9.1"
},
{
"model": "crowd",
"scope": "eq",
"trust": 0.3,
"vendor": "atlassian",
"version": "2.9"
},
{
"model": "crowd",
"scope": "eq",
"trust": 0.3,
"vendor": "atlassian",
"version": "2.8.8"
},
{
"model": "crowd",
"scope": "eq",
"trust": 0.3,
"vendor": "atlassian",
"version": "2.8.3"
},
{
"model": "bamboo",
"scope": "eq",
"trust": 0.3,
"vendor": "atlassian",
"version": "5.15"
},
{
"model": "bamboo",
"scope": "eq",
"trust": 0.3,
"vendor": "atlassian",
"version": "5.12"
},
{
"model": "bamboo",
"scope": "eq",
"trust": 0.3,
"vendor": "atlassian",
"version": "5.11"
},
{
"model": "bamboo",
"scope": "eq",
"trust": 0.3,
"vendor": "atlassian",
"version": "5.10"
},
{
"model": "bamboo",
"scope": "eq",
"trust": 0.3,
"vendor": "atlassian",
"version": "5.1"
},
{
"model": "bamboo",
"scope": "eq",
"trust": 0.3,
"vendor": "atlassian",
"version": "5.12.3.1"
},
{
"model": "bamboo",
"scope": "eq",
"trust": 0.3,
"vendor": "atlassian",
"version": "5.11.4.1"
},
{
"model": "vcenter server 6.5b",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": null
},
{
"model": "sterling selling and fulfillment foundation 9.5.0-sfp2",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "sterling selling and fulfillment foundation 9.4.0-sfp3",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "sterling selling and fulfillment foundation 9.3.0-sfp5",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "sterling selling and fulfillment foundation sfp6",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.2.1-"
},
{
"model": "sterling selling and fulfillment foundation sfp6",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.2.0-"
},
{
"model": "sterling selling and fulfillment foundation sfp6",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.0-"
},
{
"model": "virtualized voice browser su1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"model": "unity connection",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "12.0"
},
{
"model": "unity connection",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"model": "unity connection",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.0"
},
{
"model": "unified sip proxy software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.1"
},
{
"model": "unified intelligent contact management enterprise",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5(1)"
},
{
"model": "unified intelligent contact management enterprise",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.0(2)"
},
{
"model": "unified intelligent contact management enterprise",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(3)"
},
{
"model": "unified intelligent contact management enterprise",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0(2)"
},
{
"model": "unified intelligence center es03",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5(1)"
},
{
"model": "unified contact center express su1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"model": "unified contact center enterprise live data server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "-11.5(1)"
},
{
"model": "unified contact center enterprise live data server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "-11.0(2)"
},
{
"model": "unified contact center enterprise live data server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "-10.5(3)"
},
{
"model": "unified contact center enterprise live data server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "-10.0(2)"
},
{
"model": "unified contact center enterprise",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5(1)"
},
{
"model": "unified contact center enterprise",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.0(2)"
},
{
"model": "unified contact center enterprise",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(3)"
},
{
"model": "unified contact center enterprise",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0(2)"
},
{
"model": "socialminer su1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"model": "prime license manager 11.5 su1a",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mediasense",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"model": "hosted collaboration solution for contact center",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5(1)"
},
{
"model": "hosted collaboration solution for contact center",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.0(2)"
},
{
"model": "hosted collaboration solution for contact center",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(3)"
},
{
"model": "hosted collaboration solution for contact center",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0(2)"
},
{
"model": "finesse es2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5"
},
{
"model": "hipchat server",
"scope": "ne",
"trust": 0.3,
"vendor": "atlassian",
"version": "2.2.2"
},
{
"model": "crowd",
"scope": "ne",
"trust": 0.3,
"vendor": "atlassian",
"version": "2.11.1"
},
{
"model": "crowd",
"scope": "ne",
"trust": 0.3,
"vendor": "atlassian",
"version": "2.10.3"
},
{
"model": "crowd",
"scope": "ne",
"trust": 0.3,
"vendor": "atlassian",
"version": "2.9.7"
},
{
"model": "bamboo",
"scope": "ne",
"trust": 0.3,
"vendor": "atlassian",
"version": "5.15.3"
},
{
"model": "bamboo",
"scope": "ne",
"trust": 0.3,
"vendor": "atlassian",
"version": "5.14.5"
},
{
"model": "struts",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": "2.5.10.1"
},
{
"model": "struts",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": "2.3.32"
}
],
"sources": [
{
"db": "BID",
"id": "96729"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001621"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-152"
},
{
"db": "NVD",
"id": "CVE-2017-5638"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apache:struts:2.3.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:struts:2.3.28:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:struts:2.3.20.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:struts:2.3.15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:struts:2.3.25:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:struts:2.3.14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:struts:2.3.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:struts:2.3.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:struts:2.3.24.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:struts:2.3.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:struts:2.3.24.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:struts:2.3.22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:struts:2.3.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:struts:2.3.16.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:struts:2.3.23:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:struts:2.3.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:struts:2.3.24.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:struts:2.3.15.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:struts:2.3.29:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:struts:2.3.14.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:struts:2.3.19:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:struts:2.3.20.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:struts:2.3.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:struts:2.3.30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:struts:2.3.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:struts:2.3.24:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:struts:2.3.28.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:struts:2.3.14.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:struts:2.3.20.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:struts:2.3.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:struts:2.3.15.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:struts:2.3.16.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:struts:2.3.26:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:struts:2.3.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:struts:2.3.27:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:struts:2.3.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:struts:2.3.21:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:struts:2.3.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:struts:2.3.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:struts:2.3.15.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:struts:2.3.16.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:struts:2.3.14.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apache:struts:2.5.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:struts:2.5.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:struts:2.5.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:struts:2.5.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:struts:2.5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:struts:2.5.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:struts:2.5.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:struts:2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:struts:2.5.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:struts:2.5.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:struts:2.5.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-5638"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Nike Zheng",
"sources": [
{
"db": "BID",
"id": "96729"
}
],
"trust": 0.3
},
"cve": "CVE-2017-5638",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2017-5638",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-5638",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-5638",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNNVD",
"id": "CNNVD-201703-152",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2017-5638",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2017-5638"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001621"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-152"
},
{
"db": "NVD",
"id": "CVE-2017-5638"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string. Apache Struts2 Contains a vulnerability that allows the execution of arbitrary code. Apache Struts2 In Jakarta Multipart parser A vulnerability exists in the execution of arbitrary code that could allow the execution of arbitrary code. The attack code for this vulnerability has been released.By processing a request crafted by a remote third party, arbitrary code could be executed with the privileges of the application. Apache Struts is prone to a remote code-execution vulnerability. \nApache Struts 2.3.5 through 2.3.31 and 2.5 through 2.5.10 are vulnerable. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03723en_us\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: hpesbhf03723en_us\nVersion: 1\n\nHPESBHF03723 rev.1 - HPE Aruba ClearPass Policy Manager, using Apache Struts,\nRemote Code Execution\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2017-03-29\nLast Updated: 2017-03-29\n\nPotential Security Impact: Remote: Code Execution\n\nSource: Hewlett Packard Enterprise, Product Security Response Team\n\nVULNERABILITY SUMMARY\nA potential security vulnerability has been identified in HPE Aruba ClearPass\nPolicy Manager. \n\n**Note:** The ClearPass Policy Manager administrative Web interface is\naffected by the vulnerability. ClearPass Guest, Insight, and Graphite are NOT\nimpacted. \n\nReferences:\n\n - CVE-2017-5638 - Apache Struts, remote code execution\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \n\n - Aruba ClearPass Policy Manager All versions prior to 6.6.5\n\nBACKGROUND\n\n CVSS Base Metrics\n =================\n Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector\n\n CVE-2017-5638\n 9.4 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L\n 9.7 (AV:N/AC:L/Au:N/C:C/I:C/A:P)\n\n Information on CVSS is documented in\n HPE Customer Notice HPSN-2008-002 here:\n\nhttps://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499\n\nRESOLUTION\n\nHPE Aruba has provided hotfixes for ClearPass 6.6.5, 6.6.4, and 6.5.7. Use\none of the following methods to install the appropriate hotfix:\n\nInstall the Hotfix Online Using the Software Updates Portal:\n \n 1. Open ClearPass Policy Manager and go to Administration - Agents and\nSoftware\n Updates - Software Updates. \n \n 2. In the Firmware and Patch Updates area, find the \"ClearPass 6.5.7\nHotfix\n Patch for CVE-2017-5638\" or \"ClearPass 6.6.4 Hotfix Patch for\nCVE-2017-5638\"\n patch and click the Download button in its row. \n \n 3. Click Install. \n \n 4. When the installation is complete and the status is shown as \"Needs\n Restart\", proceed to restart ClearPass. After reboot, the status for the\n patch will be shown as Installed. The ClearPass Policy Manager version\n number will not change. \n\n \nInstalling the hotfix Offline Using the Patch File from\nsupport.arubanetworks.com:\n \n 1. Download the \"ClearPass 6.5.7 Hotfix Patch for CVE-2017-5638\" or\n \"ClearPass 6.6.4 Hotfix Patch for CVE-2017-5638\" patch from the Support\nsite. \n \n 2. Open the ClearPass Policy Manager Admin UI and go to Administration -\n Agents and Software Updates - Software Updates. \n 3. At the bottom of the Firmware and Patch Updates area, click Import\nUpdates\n and browse to the downloaded patch file. The name and description once\n imported may differ from the name and remark on the support site\n as these were adjusted after posting. This is purely a cosmetic\ndiscrepancy. \n \n 4. Click Install. \n \n 5. When the installation is complete and the status is shown as Needs\nRestart,\n proceed to restart ClearPass. After reboot, the status for the patch will\n be shown as Installed. The ClearPass Policy Manager version number will\n not change. \n\n\nWorkarounds\n- ----------- \nRestrict access to the Policy Manager Admin Web Interface. This can be\naccomplished by navigating to Administration - Server Manager -\nServer Configuration - Server-Name - Network - Restrict Access and\nonly allowing non-public or network management networks. \n\n**Note:** Please contact HPE Technical Support if any assistance is needed\nacquiring the software updates. \n\nHISTORY\nVersion:1 (rev.1) - 29 March 2017 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running Hewlett Packard Enterprise (HPE) software\nproducts should be applied in accordance with the customer\u0027s patch management\npolicy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HPE Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hpe.com. \n\nReport: To report a potential security vulnerability for any HPE supported\nproduct:\n Web form: https://www.hpe.com/info/report-security-vulnerability\n Email: security-alert@hpe.com\n\nSubscribe: To initiate a subscription to receive future HPE Security Bulletin\nalerts via Email: http://www.hpe.com/support/Subscriber_Choice\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here: http://www.hpe.com/support/Security_Bulletin_Archive\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HPE General Software\nHF = HPE Hardware and Firmware\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPV = ProCurve\nST = Storage Software\nUX = HP-UX\n\nCopyright 2016 Hewlett Packard Enterprise\n\nHewlett Packard Enterprise shall not be liable for technical or editorial\nerrors or omissions contained herein. The information provided is provided\n\"as is\" without warranty of any kind. To the extent permitted by law, neither\nHP or its affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. Hewlett\nPackard Enterprise and the names of Hewlett Packard Enterprise products\nreferenced herein are trademarks of Hewlett Packard Enterprise in the United\nStates and other countries. Other product and company names mentioned herein\nmay be trademarks of their respective owners. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQEcBAEBCAAGBQJY3BR/AAoJELXhAxt7SZaiMW8H/0+jWL4Evk+KeqP7aYk1msGp\n9ih3F2680VrHVsUbSzul3+svnaWTJUgRe7fUTvsh/Q6bx/Eo86yo8iXGjmzETLtY\ncTuQrHLySo55Pwua9+89V4e13QkRvQ/UmQPYDMPEk9L7wwU9OF0oCpXHQBuWnw07\nmKLZ12HaZqM8vJXgwgJFH77Mf3r5TkGFHsrZ0M+2vvxioJIEfmWV/x4eqtvIy6zS\nC6CX1M9x4xD442XcFfnH0BHA9RL6LOeYngTPYR7IIycvzpqd8kOWunjs38+IJpFR\ng49ho/NddeZfDKdJcIdfJ+0f3x2h7FPiVadXu1PzdCckhFHkHmrSlVcRbQZ+1R8=\n=8ljI\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-5638"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001621"
},
{
"db": "BID",
"id": "96729"
},
{
"db": "VULMON",
"id": "CVE-2017-5638"
},
{
"db": "PACKETSTORM",
"id": "142055"
},
{
"db": "PACKETSTORM",
"id": "141863"
}
],
"trust": 2.16
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=41570",
"trust": 0.2,
"type": "exploit"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2017-5638"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-5638",
"trust": 3.0
},
{
"db": "CERT/CC",
"id": "VU#834067",
"trust": 2.7
},
{
"db": "BID",
"id": "96729",
"trust": 1.9
},
{
"db": "EXPLOIT-DB",
"id": "41614",
"trust": 1.6
},
{
"db": "EXPLOIT-DB",
"id": "41570",
"trust": 1.6
},
{
"db": "SECTRACK",
"id": "1037973",
"trust": 1.6
},
{
"db": "LENOVO",
"id": "LEN-14200",
"trust": 1.6
},
{
"db": "PACKETSTORM",
"id": "141494",
"trust": 1.6
},
{
"db": "JVN",
"id": "JVNVU93610402",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001621",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201703-152",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2017-5638",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "142055",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "141863",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2017-5638"
},
{
"db": "BID",
"id": "96729"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001621"
},
{
"db": "PACKETSTORM",
"id": "142055"
},
{
"db": "PACKETSTORM",
"id": "141863"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-152"
},
{
"db": "NVD",
"id": "CVE-2017-5638"
}
]
},
"id": "VAR-201703-0755",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.5
},
"last_update_date": "2024-04-19T23:01:51.687000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "WW-3025",
"trust": 0.8,
"url": "https://issues.apache.org/jira/browse/ww-3025"
},
{
"title": "Alternate Libraries",
"trust": 0.8,
"url": "https://cwiki.apache.org/confluence/display/ww/file+upload#fileupload-alternatelibraries"
},
{
"title": "S2-045: Possible Remote Code Execution when performing file upload based on Jakarta Multipart parser.",
"trust": 0.8,
"url": "https://struts.apache.org/docs/s2-045.html"
},
{
"title": "Uses default error key if specified key doesn\u0027t exist (3523064)",
"trust": 0.8,
"url": "https://git1-us-west.apache.org/repos/asf?p=struts.git;a=commit;h=352306493971e7d5a756d61780d57a76eb1f519a"
},
{
"title": "Uses default error key if specified key doesn\u0027t exist (6b8272c)",
"trust": 0.8,
"url": "https://git1-us-west.apache.org/repos/asf?p=struts.git;a=commit;h=6b8272ce47160036ed120a48345d9aa884477228"
},
{
"title": "Content-Type: Malicious - New Apache Struts2 0-day Under Attack",
"trust": 0.8,
"url": "http://blog.talosintelligence.com/2017/03/apache-0-day-exploited.html"
},
{
"title": "hitachi-sec-2017-110",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/prod/comp/soft1/global/security/info/vuls/hitachi-sec-2017-110/index.html"
},
{
"title": "NV17-013",
"trust": 0.8,
"url": "http://jpn.nec.com/security-info/secinfo/nv17-013.html"
},
{
"title": "hitachi-sec-2017-110",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/prod/comp/soft1/security/info/vuls/hitachi-sec-2017-110/index.html"
},
{
"title": "Veritas NetBackup: \u4efb\u610f\u306e\u30b3\u30de\u30f3\u30c9\u304c\u5b9f\u884c\u3055\u308c\u308b\u8106\u5f31\u6027(CVE-2017-5638) (2017\u5e749\u67081\u65e5)",
"trust": 0.8,
"url": "http://www.fujitsu.com/jp/products/software/resources/condition/security/products-fujitsu/solution/veritas201712.html"
},
{
"title": "Apache Struts 2 Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=67948"
},
{
"title": "Cisco: Apache Struts2 Jakarta Multipart Parser File Upload Code Execution Vulnerability Affecting Cisco Products",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20170310-struts2"
},
{
"title": "CVE-2017-5638",
"trust": 0.1,
"url": "https://github.com/readloud/cve-2017-5638 "
},
{
"title": "cve-2017-5638",
"trust": 0.1,
"url": "https://github.com/jrrdev/cve-2017-5638 "
},
{
"title": "apache-struts-v2-CVE-2017-5638",
"trust": 0.1,
"url": "https://github.com/cafnet/apache-struts-v2-cve-2017-5638 "
},
{
"title": "struts-vulnerability-demo",
"trust": 0.1,
"url": "https://github.com/corpbob/struts-vulnerability-demo "
},
{
"title": "struts2_cve-2017-5638",
"trust": 0.1,
"url": "https://github.com/m3ssap0/struts2_cve-2017-5638 "
},
{
"title": "struts-rce-cve-2017-5638",
"trust": 0.1,
"url": "https://github.com/riyazwalikar/struts-rce-cve-2017-5638 "
},
{
"title": "equifax-data-breach",
"trust": 0.1,
"url": "https://github.com/raul23/equifax-data-breach "
},
{
"title": "CVE-2017-5638",
"trust": 0.1,
"url": "https://github.com/colorblindpentester/cve-2017-5638 "
},
{
"title": "struts2-rce",
"trust": 0.1,
"url": "https://github.com/sotudeko/struts2-rce "
},
{
"title": "vuln-struts2-vm",
"trust": 0.1,
"url": "https://github.com/evolvesecurity/vuln-struts2-vm "
},
{
"title": "Apache-Struts-2-CVE-2017-5638-Exploit",
"trust": 0.1,
"url": "https://github.com/dock0d1/apache-struts-2-cve-2017-5638-exploit "
},
{
"title": "struts2-rce",
"trust": 0.1,
"url": "https://github.com/rjd3/struts2-rce "
},
{
"title": "Struts2-045-RCE",
"trust": 0.1,
"url": "https://github.com/rayscri/struts2-045-rce "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2017-5638"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001621"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-152"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-001621"
},
{
"db": "NVD",
"id": "CVE-2017-5638"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://www.kb.cert.org/vuls/id/834067"
},
{
"trust": 1.9,
"url": "https://github.com/rapid7/metasploit-framework/issues/8064"
},
{
"trust": 1.9,
"url": "https://cwiki.apache.org/confluence/display/ww/s2-045"
},
{
"trust": 1.6,
"url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2017-002.txt"
},
{
"trust": 1.6,
"url": "https://cwiki.apache.org/confluence/display/ww/s2-046"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/96729"
},
{
"trust": 1.6,
"url": "https://arstechnica.com/security/2017/03/critical-vulnerability-under-massive-attack-imperils-high-impact-sites/"
},
{
"trust": 1.6,
"url": "https://www.symantec.com/security-center/network-protection-security-advisories/sa145"
},
{
"trust": 1.6,
"url": "http://blog.trendmicro.com/trendlabs-security-intelligence/cve-2017-5638-apache-struts-vulnerability-remote-code-execution/"
},
{
"trust": 1.6,
"url": "https://exploit-db.com/exploits/41570"
},
{
"trust": 1.6,
"url": "https://packetstormsecurity.com/files/141494/s2-45-poc.py.txt"
},
{
"trust": 1.6,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"trust": 1.6,
"url": "https://github.com/mazen160/struts-pwn"
},
{
"trust": 1.6,
"url": "https://support.lenovo.com/us/en/product_security/len-14200"
},
{
"trust": 1.6,
"url": "https://struts.apache.org/docs/s2-046.html"
},
{
"trust": 1.6,
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbgn03733en_us"
},
{
"trust": 1.6,
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03723en_us"
},
{
"trust": 1.6,
"url": "https://security.netapp.com/advisory/ntap-20170310-0001/"
},
{
"trust": 1.6,
"url": "https://twitter.com/theog150/status/841146956135124993"
},
{
"trust": 1.6,
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbgn03749en_us"
},
{
"trust": 1.6,
"url": "https://www.exploit-db.com/exploits/41614/"
},
{
"trust": 1.6,
"url": "https://struts.apache.org/docs/s2-045.html"
},
{
"trust": 1.6,
"url": "http://www.eweek.com/security/apache-struts-vulnerability-under-attack.html"
},
{
"trust": 1.6,
"url": "http://blog.talosintelligence.com/2017/03/apache-0-day-exploited.html"
},
{
"trust": 1.6,
"url": "http://www.securitytracker.com/id/1037973"
},
{
"trust": 1.6,
"url": "https://isc.sans.edu/diary/22169"
},
{
"trust": 1.6,
"url": "https://www.imperva.com/blog/2017/03/cve-2017-5638-new-remote-code-execution-rce-vulnerability-in-apache-struts-2/"
},
{
"trust": 1.0,
"url": "https://git1-us-west.apache.org/repos/asf?p=struts.git%3ba=commit%3bh=352306493971e7d5a756d61780d57a76eb1f519a"
},
{
"trust": 1.0,
"url": "https://git1-us-west.apache.org/repos/asf?p=struts.git%3ba=commit%3bh=6b8272ce47160036ed120a48345d9aa884477228"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r1125f3044a0946d1e7e6f125a6170b58d413ebd4a95157e4608041c7%40%3cannounce.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3cannounce.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r90890afea72a9571d666820b2fe5942a0a5f86be406fa31da3dd0922%40%3cannounce.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://nmap.org/nsedoc/scripts/http-vuln-cve2017-5638.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-5638"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20170308-struts.html"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2017/at170009.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu93610402/index.html"
},
{
"trust": 0.8,
"url": "https://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2017-5638"
},
{
"trust": 0.6,
"url": "https://git1-us-west.apache.org/repos/asf?p=struts.git;a=commit;h=6b8272ce47160036ed120a48345d9aa884477228"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c@%3cannounce.apache.org%3e"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r90890afea72a9571d666820b2fe5942a0a5f86be406fa31da3dd0922@%3cannounce.apache.org%3e"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r1125f3044a0946d1e7e6f125a6170b58d413ebd4a95157e4608041c7@%3cannounce.apache.org%3e"
},
{
"trust": 0.6,
"url": "http-vuln-cve2017-5638.html"
},
{
"trust": 0.6,
"url": "https://nmap.org/nsedoc/scripts/"
},
{
"trust": 0.6,
"url": "https://git1-us-west.apache.org/repos/asf?p=struts.git;a=commit;h=352306493971e7d5a756d61780d57a76eb1f519a"
},
{
"trust": 0.6,
"url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20170316-01-struts2-cn"
},
{
"trust": 0.4,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-hpesbgn03733en_us"
},
{
"trust": 0.3,
"url": "http://www.apache.org/"
},
{
"trust": 0.3,
"url": "http://struts.apache.org/"
},
{
"trust": 0.3,
"url": "https://confluence.atlassian.com/bamboo/bamboo-security-advisory-2017-03-10-876857850.html"
},
{
"trust": 0.3,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1430326"
},
{
"trust": 0.3,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20170310-struts2"
},
{
"trust": 0.3,
"url": "https://confluence.atlassian.com/crowd/crowd-security-advisory-2017-03-10-876857916.html"
},
{
"trust": 0.3,
"url": "https://confluence.atlassian.com/display/hc/hipchat+server+security+advisory+2017-03-09"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-hpesbgn03749en_us"
},
{
"trust": 0.3,
"url": "http://www.huawei.com/en/psirt/security-notices/2017/huawei-sn-20170313-01-struts2-en"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg22000444"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg22001736"
},
{
"trust": 0.3,
"url": "http://www.vmware.com/security/advisories/vmsa-2017-0004.html"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-5638"
},
{
"trust": 0.2,
"url": "http://www.hpe.com/support/security_bulletin_archive"
},
{
"trust": 0.2,
"url": "https://www.hpe.com/info/report-security-vulnerability"
},
{
"trust": 0.2,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c01345499"
},
{
"trust": 0.2,
"url": "http://www.hpe.com/support/subscriber_choice"
},
{
"trust": 0.1,
"url": "https://softwaresupport.hpe.com/group/softwaresupport/search-result/-/facets"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-hpesbhf03723en_us"
}
],
"sources": [
{
"db": "BID",
"id": "96729"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001621"
},
{
"db": "PACKETSTORM",
"id": "142055"
},
{
"db": "PACKETSTORM",
"id": "141863"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-152"
},
{
"db": "NVD",
"id": "CVE-2017-5638"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2017-5638"
},
{
"db": "BID",
"id": "96729"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001621"
},
{
"db": "PACKETSTORM",
"id": "142055"
},
{
"db": "PACKETSTORM",
"id": "141863"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-152"
},
{
"db": "NVD",
"id": "CVE-2017-5638"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-03-11T00:00:00",
"db": "VULMON",
"id": "CVE-2017-5638"
},
{
"date": "2017-03-06T00:00:00",
"db": "BID",
"id": "96729"
},
{
"date": "2017-03-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-001621"
},
{
"date": "2017-04-07T18:18:00",
"db": "PACKETSTORM",
"id": "142055"
},
{
"date": "2017-03-30T16:04:25",
"db": "PACKETSTORM",
"id": "141863"
},
{
"date": "2017-03-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201703-152"
},
{
"date": "2017-03-11T02:59:00.150000",
"db": "NVD",
"id": "CVE-2017-5638"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2017-5638"
},
{
"date": "2017-05-26T07:00:00",
"db": "BID",
"id": "96729"
},
{
"date": "2017-10-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-001621"
},
{
"date": "2021-02-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201703-152"
},
{
"date": "2023-11-07T02:49:27.957000",
"db": "NVD",
"id": "CVE-2017-5638"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201703-152"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apache Struts2 Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-001621"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "96729"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-152"
}
],
"trust": 0.9
}
}
VAR-201512-0395
Vulnerability from variot - Updated: 2024-04-19 19:46Serialized-object interfaces in certain Cisco Collaboration and Social Media; Endpoint Clients and Client Software; Network Application, Service, and Acceleration; Network and Content Security Devices; Network Management and Provisioning; Routing and Switching - Enterprise and Service Provider; Unified Computing; Voice and Unified Communications Devices; Video, Streaming, TelePresence, and Transcoding Devices; Wireless; and Cisco Hosted Services products allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library. The TP-LINK EAP Controller is TP-LINK's software for remotely controlling wireless access point devices. EAP Controller for Linux lacks user authentication for RMI service commands, as well as utilizes an outdated vulnerable version of Apache commons-collections, which may allow an attacker to implement deserialization attacks and control the EAP Controller server. plural Cisco The serialized object interface of the product contains an arbitrary command execution vulnerability. http://cwe.mitre.org/data/definitions/502.htmlSkillfully crafted serialized by a third party Java An arbitrary command may be executed through the object. Apache Commons Collections (ACC) The library deserialization process is vulnerable. Java Application ACC When using the library directly or within the range accessible by specifying the class path ACC If a library is installed, arbitrary code may be executed. Apache Commons Collections (ACC) Library http://commons.apache.org/proper/commons-collections/ Deserialize untrusted data (CWE-502) 2015 Year 1 Held on the moon AppSec California 2015 In Gabriel Lawrence Mr. and Chris Frohoff He talked about a vulnerability that could deserialize untrusted data and showed that it could execute arbitrary code. Any use of the serialization function that is not appropriate Java Application or Java Libraries are affected by this vulnerability. Deserialize untrusted data (CWE-502) http://cwe.mitre.org/data/definitions/502.html Gabriel Lawrence Mr. and Chris Frohoff Mr. Lecture http://frohoff.github.io/appseccali-marshalling-pickles/ 2015 Year 11 A month Foxglove Security of Stephen Breen Mr. this problem Apache Commons Collections (ACC) Exist in the library, especially for deserializing untrusted data InvokerTransformer It was pointed out that arbitrary code could be executed when using classes. ACC Software that uses the library, WebSphere , Jenkins , WebLogic , OpenNMS Etc. are also affected. Foxglove Security of Stephen Breen Mr (What Do WebLogic, WebSphere, JBoss, Jenkins, OpenNMS, and Your Application Have in Common? This Vulnerability.) http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/ Jenkins https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11 WebLogic http://www.oracle.com/technetwork/topics/security/alert-cve-2015-4852-2763333.html?elq_mid=31793&sh=&cmid=WWSU12091612MPP001C179 ACC Library version 3.2.1 , 4.0 Both are affected by this vulnerability. version 3.2.1 , 4.0 https://blogs.apache.org/foundation/entry/apache_commons_statement_to_widespread Apache Software Fondation Has posted an official view of the vulnerability on its blog. Here you can find advice on countermeasures and links to related information. In addition, entries related to this vulnerability (COLLECTIONS-580) Is built on a bug management system. Official view https://blogs.apache.org/foundation/entry/apache_commons_statement_to_widespread Entries related to this vulnerability (COLLECTIONS-580) https://issues.apache.org/jira/browse/COLLECTIONS-580 ACC other than, Groovy And Spring The same problem is being investigated for these issues. Lawrence Mr. and Frohoff In his presentation material, Java not only Python And Ruby It is stated that the same problem exists in applications and libraries written in the above. Regardless of the programming language or library used, it is important to fully consider the data serialization capabilities from the software design stage.Apache Commons Collections I'm using a library Java Application or Java Library is optional Java It may be possible to execute code. Also, ACC Even if the library is not used directly, it can be accessed by specifying the class path. ACC If the library exists, any Java It may be possible to execute code. Oracle WebLogic is an application server based on Java (J2EE) architecture of Oracle Corporation of the United States. Red Hat JBOSS is an open source J2EE-based application server from Red Hat. CloudBees Jenkins CI (formerly known as Hudson Labs) is a set of Java-based continuous integration tools developed by CloudBees. OpenNMS is a set of enterprise-level, Java / XML-based distributed network and system monitoring and management platform from the American OpenNMS company. It can extend or add Java collections framework. A remote command execution vulnerability exists in Java's deserialization process. A remote attacker can exploit this vulnerability by constructing an automatically executed code call chain to attach malicious code to user input and execute arbitrary Java functions or bytecode. The following products and versions are affected: JBoss Enterprise Application Platform 6.4.4, 5.2.0, 4.3.0_CP10, AS (Wildly) 6 and earlier, A-MQ 6.2.0, Fuse 6.2.0, SOA Platform (SOA-P) 5.3.1, Data Grid (JDG) 6.5.0, BRMS (BRMS) 6.1.0, BPMS (BPMS) 6.1.0, Data Virtualization (JDV) 6.1.0, Fuse Service Works (FSW) version 6.0.0, Enterprise Web Server (EWS) version 2.1, version 3.0, Jenkins version 1.555, WebSphere, WebLogic, OpenNMS. Apache Commons Collections(ACC)是美国阿帕奇(Apache)软件基金会的一个Apache Commons项目的Commons Proper(可重复利用Java组件库)中的组件,它可以扩展或增加Java集合框架.
多款Cisco产品的ACC库中使用的Java反序列化过程中存在安全漏洞。远程攻击者可通过提交特制的输入利用该漏洞执行任意代码。以下产品及版本受到影响:Cisco Digital Life RMS 1.8.1.1版本,Broadband Access Center Telco Wireless 3.8.1版本;SocialMiner,WebEx Meetings Server 1.x版本,2.x版本;NAC Agent for Windows;InTracer,Network Admission Control (NAC),Visual Quality Experience Server,Visual Quality Experience Tools Server;ASA CX and Cisco Prime Security Manager,Clean Access Manager,NAC Appliance (Clean Access Server),NAC Guest Server,NAC Server,Secure Access Control System (ACS);Access Registrar Appliance,Cloupia Unified Infrastructure Controller,Configuration Professional,Digital Media Manager,Insight Reporter,Prime Access Registrar Appliance,Prime Access Registrar,Prime Collaboration Provisioning,Prime Home,Prime LAN Management Solution (LMS - Solaris),Prime Optical for SPs,Prime Performance Manager,Prime Provisioning for SPs,Prime Provisioning,Prime Service Catalog Virtual Appliance,Security Manager,Data Center Analytics Framework (DCAF);Broadband Access Center Telco Wireless;Computer Telephony Integration Object Server (CTIOS),Hosted Collaboration Mediation Fulfillment,IM and Presence Service (CUPS),IP Interoperability and Collaboration System (IPICS),Management Heartbeat Server,MediaSense,MeetingPlace,Unified Communications Manager (UCM),Unified Communications Manager Session Management Edition (SME),Unified Contact Center Enterprise,Unified Intelligence Center,Unified Intelligent Contact Management Enterprise,Unified Sip Proxy;Media Experience Engines (MXE),Show and Share,TelePresence Exchange System (CTX),Videoscape Conductor;Business Video Services Automation Software (BV),Cloud Email Security,Registered Envelope Service (CRES),Unified Services Delivery Platform (CUSDP),Communication/Collaboration Sizing Tool, Virtue Machine Placement Tool,Unified Communications Upgrade Readiness Assessment,DCAF UCS Collector,Network Change and Configuration Management,Partner Supporting Service (PSS) 1.x版本,SI component of Partner Supporting Service,Serial Number Assessment Service (SNAS),Smart Net Total Care (SNTC). -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
Cisco Security Advisory: Vulnerability in Java Deserialization Affecting Cisco Products
Advisory ID: cisco-sa-20151209-java-deserialization
Revision 1.0
For Public Release: 2015 December 9 16:00 GMT +---------------------------------------------------------------------
Summary
A vulnerability in the Java deserialization used by the Apache Commons Collections (ACC) library could allow an unauthenticated, remote attacker to execute arbitrary code. The report contains detailed proof-of-concept code for a number of applications, including WebSphere Application Server, JBoss, Jenkins, OpenNMS, and WebLogic. A wide range of potential impacts includes allowing the attacker to obtain sensitive information.
Object serialization is a technique that many programming languages use to convert an object into a sequence of bits for transfer purposes. Deserialization is a technique that reassembles those bits back to an object.
Many applications accept serialized objects from the network without performing input validation checks before deserializing it.
Additional details about the vulnerability are available at the following links:
Official Vulnerability Note from CERT: http://www.kb.cert.org/vuls/id/576313
Foxglove Security: http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/
Apache Commons Statement: https://blogs.apache.org/foundation/entry/apache_commons_statement_to_widespread
Oracle Security Alert: https://blogs.oracle.com/security/entry/security_alert_cve_2015_4852
Cisco will release software updates that address this vulnerability. There are no workarounds that mitigate this vulnerability.
This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151209-java-deserialization
-----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org
iQIcBAEBCAAGBQJWaE9BAAoJEIpI1I6i1Mx31a0QALya6VDmcGiyx3AlCzsKGISc 3NJP4PPjVFGjHQmB/+bXn1zXLZ63JgbOZuG9pLxhmJpPMxQI8jeXEHqzVmrA9cOj u/QRGkITxQaRS50cwFJXPDOVWWCTcHLhuk83Ofih8vhC8UPBy1FGMBl5rpVLDkG9 ue8yX5ACEQ078F78dpcnJmbv1Hxu021wI+nM3pn7C/aOrJ1wSNop8KkFZ+VHzbKY aeuMFqhal+ePx+JoIC4JMrTll/BLxjI17tKrzXas6D4zKNGSO0WxnEFjDWuPlc89 2y3DnaVc0eeAVPy3ODN6wJzuro4w69z1GrvXPkBfVe9WNKD1lMGRUPMRwnb/zjxu DT8Ms4LDaVCLDZ01ox3BpuZIDBP1q2Xk6ToObeHUNMSDM9IuMeVOz9BtxJxO8Yp/ YfVaoqkM6Vrf5oXKUvWow0r19+ODp18JUnc8qT7Cj0b9PwtlOUqpsNE+cAzPyZh7 UBYLPm2AZypOgw4ryUf66p3l+NGLvLdA+A1u0m+YfXSrsuEFCosUeppmZMvgzEME 7TDSbOlt6yj9W/U3ioYbhLWk1D2whTyDybXz4MLaPTPxfxozyePOcthU7R/PVGrU M0Do8nugnDXE0rYVRooF3+A/6ahoKUb9QR00O4xN4A94lfXqgc6t+180S4vavgxS g9ZP7zYVhaDCRufDoNVI =nsL1 -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05376917
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c05376917 Version: 1
HPSBMU03685 rev.1 - HPE Insight Control server provisioning (ICsp), Multiple Remote Vulnerabilities
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2017-01-18 Last Updated: 2017-01-18
Potential Security Impact: Remote: Arbitrary Code Execution, Arbitrary Command Execution, Denial of Service (DoS), Disclosure of Sensitive Information, Unauthorized Access to Files
Source: Hewlett Packard Enterprise, Product Security Response Team
VULNERABILITY SUMMARY Multiple potential security vulnerabilities have been identified in HPE Insight Control server provisioning (ICsp) software. The vulnerabilities could be exploited remotely resulting in Denial of Service (DoS), arbitrary code execution, arbitrary command execution, unauthorized access to files or disclosure of sensitive information.
References:
- CVE-2015-6420 - Cisco routing and switching, execution of code
- CVE-2016-0702 - OpenSSL, disclosure of information, "CacheBleed"
- CVE-2016-0705 - OpenSSL, denial of service (DoS)
- CVE-2016-0797 - OpenSSL, denial of service (DoS)
- CVE-2016-0799 - OpenSSL, denial of service (DoS)
- CVE-2016-2842 - OpenSSL, denial of service (DoS)
- CVE-2015-7547 - glibc, denial of service (DoS)
- CVE-2014-0050 - Apache Commons FileUpload, denial of service (DoS)
- CVE-2014-4877 - wget, execution of arbitrary code
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
- HP Insight Control server provisioning all versions prior to 7.6
BACKGROUND
CVSS Base Metrics ================= Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector
CVE-2014-0050
7.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVE-2014-4877
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVE-2015-6420
7.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVE-2015-7547
5.6 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVE-2016-0702
2.9 CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1.9 (AV:L/AC:M/Au:N/C:P/I:N/A:N)
CVE-2016-0705
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2016-0797
5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVE-2016-0799
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2016-2842
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Information on CVSS is documented in
HPE Customer Notice HPSN-2008-002 here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499
RESOLUTION
HPE has made the following software updates available to resolve the vulnerabilities for the impacted versions of HPE Insight Control server provisioning (ICsp). Please download the latest version of Insight Control server provisioning (ICsp)-7.6 from the following location:
* https://h20392.www2.hpe.com/portal/swdepot/displayProductInfo.do?productNumb r=IMDVD
HISTORY Version:1 (rev.1) - 18 January 2017 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running Hewlett Packard Enterprise (HPE) software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HPE Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hpe.com.
Report: To report a potential security vulnerability for any HPE supported product: Web form: https://www.hpe.com/info/report-security-vulnerability Email: security-alert@hpe.com
Subscribe: To initiate a subscription to receive future HPE Security Bulletin alerts via Email: http://www.hpe.com/support/Subscriber_Choice
Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://www.hpe.com/support/Security_Bulletin_Archive
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HPE General Software HF = HPE Hardware and Firmware MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PV = ProCurve ST = Storage Software UX = HP-UX
Copyright 2016 Hewlett Packard Enterprise
Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett Packard Enterprise and the names of Hewlett Packard Enterprise products referenced herein are trademarks of Hewlett Packard Enterprise in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201512-0395",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "commons collections",
"scope": "eq",
"trust": 2.2,
"vendor": "apache",
"version": "4.0"
},
{
"model": "commons collections",
"scope": "lte",
"trust": 1.8,
"vendor": "apache",
"version": "3.2.1"
},
{
"model": "capssuite",
"scope": null,
"trust": 1.6,
"vendor": "nec",
"version": null
},
{
"model": "infoframe relational store",
"scope": null,
"trust": 1.6,
"vendor": "nec",
"version": null
},
{
"model": "systemdirector enterprise",
"scope": null,
"trust": 1.6,
"vendor": "nec",
"version": null
},
{
"model": "webotx",
"scope": null,
"trust": 1.6,
"vendor": "nec",
"version": null
},
{
"model": "commons collections",
"scope": "eq",
"trust": 1.2,
"vendor": "apache",
"version": "3.2.1"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "tp link",
"version": null
},
{
"model": "commons collections",
"scope": "lte",
"trust": 0.8,
"vendor": "apache",
"version": "4.0"
},
{
"model": "eap controller",
"scope": "eq",
"trust": 0.3,
"vendor": "tp link",
"version": "2.5.3"
},
{
"model": "eap controller",
"scope": "eq",
"trust": 0.3,
"vendor": "tp link",
"version": "2.4.8"
},
{
"model": "insight control",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5.1"
},
{
"model": "insight control",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5"
},
{
"model": "insight control",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"model": "insight control",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"model": "insight control",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"model": "webex meetings server 2.5mr2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.99.2"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.0.997"
},
{
"model": "webex meetings server mr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "webex meetings server 2.0mr2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5.1.6"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5.1.131"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5(.1.6)"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5(.1.131)"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.1"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "visual quality experience tools server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "visual quality experience server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "virtue machine placement tool",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "videoscape conductor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified sip proxy",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified services delivery platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified intelligent contact management enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified intelligence center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified communications upgrade readiness assessment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified communications manager session management edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence exchange system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "socialminer",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smart net total care",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "si component of partner supporting service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "show and share",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "serial number assessment service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "secure access control system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "registered envelope service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime service catalog virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime provisioning for sps",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime performance manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime optical for sps",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime lan management solution",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime home",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime collaboration provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime access registrar appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime access registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "partner supporting service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "network admission control",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nac server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nac manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nac guest server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nac agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "meetingplace",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "media experience engines",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "management heartbeat server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ip interoperability and collaboration system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "intracer",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "insight reporter",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "im and presence service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "hosted collaboration mediation fulfillment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "digital media manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "digital life rms",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.8.1.1"
},
{
"model": "dcaf ucs collector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "data center analytics framework",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "configuration professional",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "computer telephony integration object server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "communication sizing tool",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "collaboration sizing tool",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cloupia unified infrastructure controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cloud email security",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "clean access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "business video services automation software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "broadband access center telco wireless",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.8.1"
},
{
"model": "asa cx and cisco prime security manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "access registrar appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jenkins",
"scope": "eq",
"trust": 0.3,
"vendor": "jenkins ci",
"version": "0"
},
{
"model": "commons collections",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "3.0"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#581311"
},
{
"db": "BID",
"id": "78872"
},
{
"db": "BID",
"id": "77521"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006448"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005930"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-420"
},
{
"db": "NVD",
"id": "CVE-2015-6420"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apache:commons_collections:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.2.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:commons_collections:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6420"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "foxglovesecurity",
"sources": [
{
"db": "BID",
"id": "77521"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-421"
}
],
"trust": 0.9
},
"cve": "CVE-2015-6420",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2015-6420",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "IPA",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2015-005930",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2015-6420",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "IPA",
"id": "JVNDB-2015-005930",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201512-420",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2015-6420",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-6420"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006448"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005930"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-420"
},
{
"db": "NVD",
"id": "CVE-2015-6420"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Serialized-object interfaces in certain Cisco Collaboration and Social Media; Endpoint Clients and Client Software; Network Application, Service, and Acceleration; Network and Content Security Devices; Network Management and Provisioning; Routing and Switching - Enterprise and Service Provider; Unified Computing; Voice and Unified Communications Devices; Video, Streaming, TelePresence, and Transcoding Devices; Wireless; and Cisco Hosted Services products allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library. The TP-LINK EAP Controller is TP-LINK\u0027s software for remotely controlling wireless access point devices. EAP Controller for Linux lacks user authentication for RMI service commands, as well as utilizes an outdated vulnerable version of Apache commons-collections, which may allow an attacker to implement deserialization attacks and control the EAP Controller server. plural Cisco The serialized object interface of the product contains an arbitrary command execution vulnerability. http://cwe.mitre.org/data/definitions/502.htmlSkillfully crafted serialized by a third party Java An arbitrary command may be executed through the object. Apache Commons Collections (ACC) The library deserialization process is vulnerable. Java Application ACC When using the library directly or within the range accessible by specifying the class path ACC If a library is installed, arbitrary code may be executed. Apache Commons Collections (ACC) Library http://commons.apache.org/proper/commons-collections/ Deserialize untrusted data (CWE-502) 2015 Year 1 Held on the moon AppSec California 2015 In Gabriel Lawrence Mr. and Chris Frohoff He talked about a vulnerability that could deserialize untrusted data and showed that it could execute arbitrary code. Any use of the serialization function that is not appropriate Java Application or Java Libraries are affected by this vulnerability. Deserialize untrusted data (CWE-502) http://cwe.mitre.org/data/definitions/502.html Gabriel Lawrence Mr. and Chris Frohoff Mr. Lecture http://frohoff.github.io/appseccali-marshalling-pickles/ 2015 Year 11 A month Foxglove Security of Stephen Breen Mr. this problem Apache Commons Collections (ACC) Exist in the library, especially for deserializing untrusted data InvokerTransformer It was pointed out that arbitrary code could be executed when using classes. ACC Software that uses the library, WebSphere , Jenkins , WebLogic , OpenNMS Etc. are also affected. Foxglove Security of Stephen Breen Mr (What Do WebLogic, WebSphere, JBoss, Jenkins, OpenNMS, and Your Application Have in Common? This Vulnerability.) http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/ Jenkins https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11 WebLogic http://www.oracle.com/technetwork/topics/security/alert-cve-2015-4852-2763333.html?elq_mid=31793\u0026sh=\u0026cmid=WWSU12091612MPP001C179 ACC Library version 3.2.1 , 4.0 Both are affected by this vulnerability. version 3.2.1 , 4.0 https://blogs.apache.org/foundation/entry/apache_commons_statement_to_widespread Apache Software Fondation Has posted an official view of the vulnerability on its blog. Here you can find advice on countermeasures and links to related information. In addition, entries related to this vulnerability (COLLECTIONS-580) Is built on a bug management system. Official view https://blogs.apache.org/foundation/entry/apache_commons_statement_to_widespread Entries related to this vulnerability (COLLECTIONS-580) https://issues.apache.org/jira/browse/COLLECTIONS-580 ACC other than, Groovy And Spring The same problem is being investigated for these issues. Lawrence Mr. and Frohoff In his presentation material, Java not only Python And Ruby It is stated that the same problem exists in applications and libraries written in the above. Regardless of the programming language or library used, it is important to fully consider the data serialization capabilities from the software design stage.Apache Commons Collections I\u0027m using a library Java Application or Java Library is optional Java It may be possible to execute code. Also, ACC Even if the library is not used directly, it can be accessed by specifying the class path. ACC If the library exists, any Java It may be possible to execute code. Oracle WebLogic is an application server based on Java (J2EE) architecture of Oracle Corporation of the United States. Red Hat JBOSS is an open source J2EE-based application server from Red Hat. CloudBees Jenkins CI (formerly known as Hudson Labs) is a set of Java-based continuous integration tools developed by CloudBees. OpenNMS is a set of enterprise-level, Java / XML-based distributed network and system monitoring and management platform from the American OpenNMS company. It can extend or add Java collections framework. \nA remote command execution vulnerability exists in Java\u0027s deserialization process. A remote attacker can exploit this vulnerability by constructing an automatically executed code call chain to attach malicious code to user input and execute arbitrary Java functions or bytecode. The following products and versions are affected: JBoss Enterprise Application Platform 6.4.4, 5.2.0, 4.3.0_CP10, AS (Wildly) 6 and earlier, A-MQ 6.2.0, Fuse 6.2.0, SOA Platform (SOA-P) 5.3.1, Data Grid (JDG) 6.5.0, BRMS (BRMS) 6.1.0, BPMS (BPMS) 6.1.0, Data Virtualization (JDV) 6.1.0, Fuse Service Works (FSW) version 6.0.0, Enterprise Web Server (EWS) version 2.1, version 3.0, Jenkins version 1.555, WebSphere, WebLogic, OpenNMS. Apache Commons Collections\uff08ACC\uff09\u662f\u7f8e\u56fd\u963f\u5e15\u5947\uff08Apache\uff09\u8f6f\u4ef6\u57fa\u91d1\u4f1a\u7684\u4e00\u4e2aApache Commons\u9879\u76ee\u7684Commons Proper\uff08\u53ef\u91cd\u590d\u5229\u7528Java\u7ec4\u4ef6\u5e93\uff09\u4e2d\u7684\u7ec4\u4ef6\uff0c\u5b83\u53ef\u4ee5\u6269\u5c55\u6216\u589e\u52a0Java\u96c6\u5408\u6846\u67b6. \n\n\u591a\u6b3eCisco\u4ea7\u54c1\u7684ACC\u5e93\u4e2d\u4f7f\u7528\u7684Java\u53cd\u5e8f\u5217\u5316\u8fc7\u7a0b\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u63d0\u4ea4\u7279\u5236\u7684\u8f93\u5165\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\u4ee5\u4e0b\u4ea7\u54c1\u53ca\u7248\u672c\u53d7\u5230\u5f71\u54cd\uff1aCisco Digital Life RMS 1.8.1.1\u7248\u672c\uff0cBroadband Access Center Telco Wireless 3.8.1\u7248\u672c\uff1bSocialMiner\uff0cWebEx Meetings Server 1.x\u7248\u672c\uff0c2.x\u7248\u672c\uff1bNAC Agent for Windows\uff1bInTracer\uff0cNetwork Admission Control (NAC)\uff0cVisual Quality Experience Server\uff0cVisual Quality Experience Tools Server\uff1bASA CX and Cisco Prime Security Manager\uff0cClean Access Manager\uff0cNAC Appliance (Clean Access Server)\uff0cNAC Guest Server\uff0cNAC Server\uff0cSecure Access Control System (ACS)\uff1bAccess Registrar Appliance\uff0cCloupia Unified Infrastructure Controller\uff0cConfiguration Professional\uff0cDigital Media Manager\uff0cInsight Reporter\uff0cPrime Access Registrar Appliance\uff0cPrime Access Registrar\uff0cPrime Collaboration Provisioning\uff0cPrime Home\uff0cPrime LAN Management Solution (LMS - Solaris)\uff0cPrime Optical for SPs\uff0cPrime Performance Manager\uff0cPrime Provisioning for SPs\uff0cPrime Provisioning\uff0cPrime Service Catalog Virtual Appliance\uff0cSecurity Manager\uff0cData Center Analytics Framework (DCAF)\uff1bBroadband Access Center Telco Wireless\uff1bComputer Telephony Integration Object Server (CTIOS)\uff0cHosted Collaboration Mediation Fulfillment\uff0cIM and Presence Service (CUPS)\uff0cIP Interoperability and Collaboration System (IPICS)\uff0cManagement Heartbeat Server\uff0cMediaSense\uff0cMeetingPlace\uff0cUnified Communications Manager (UCM)\uff0cUnified Communications Manager Session Management Edition (SME)\uff0cUnified Contact Center Enterprise\uff0cUnified Intelligence Center\uff0cUnified Intelligent Contact Management Enterprise\uff0cUnified Sip Proxy\uff1bMedia Experience Engines (MXE)\uff0cShow and Share\uff0cTelePresence Exchange System (CTX)\uff0cVideoscape Conductor\uff1bBusiness Video Services Automation Software (BV)\uff0cCloud Email Security\uff0cRegistered Envelope Service (CRES)\uff0cUnified Services Delivery Platform (CUSDP)\uff0cCommunication/Collaboration Sizing Tool, Virtue Machine Placement Tool\uff0cUnified Communications Upgrade Readiness Assessment\uff0cDCAF UCS Collector\uff0cNetwork Change and Configuration Management\uff0cPartner Supporting Service (PSS) 1.x\u7248\u672c\uff0cSI component of Partner Supporting Service\uff0cSerial Number Assessment Service (SNAS)\uff0cSmart Net Total Care (SNTC). -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nCisco Security Advisory: Vulnerability in Java Deserialization Affecting Cisco Products\n\nAdvisory ID: cisco-sa-20151209-java-deserialization\n\nRevision 1.0\n\nFor Public Release: 2015 December 9 16:00 GMT\n+---------------------------------------------------------------------\n\nSummary\n=======\n\nA vulnerability in the Java deserialization used by the Apache Commons Collections (ACC) library could allow an unauthenticated, remote attacker to execute arbitrary code. The report contains detailed proof-of-concept code for a number of applications, including WebSphere Application Server, JBoss, Jenkins, OpenNMS, and WebLogic. A wide range of potential impacts includes allowing the attacker to obtain sensitive information. \n\nObject serialization is a technique that many programming languages use to convert an object into a sequence of bits for transfer purposes. Deserialization is a technique that reassembles those bits back to an object. \n\nMany applications accept serialized objects from the network without performing input validation checks before deserializing it. \n\nAdditional details about the vulnerability are available at the following links:\n\nOfficial Vulnerability Note from CERT:\nhttp://www.kb.cert.org/vuls/id/576313\n\nFoxglove Security:\nhttp://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/\n\nApache Commons Statement:\nhttps://blogs.apache.org/foundation/entry/apache_commons_statement_to_widespread\n\nOracle Security Alert:\nhttps://blogs.oracle.com/security/entry/security_alert_cve_2015_4852\n\nCisco will release software updates that address this vulnerability. There are no workarounds that mitigate this vulnerability. \n\nThis advisory is available at the following link:\nhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151209-java-deserialization\n\n-----BEGIN PGP SIGNATURE-----\nComment: GPGTools - http://gpgtools.org\n\niQIcBAEBCAAGBQJWaE9BAAoJEIpI1I6i1Mx31a0QALya6VDmcGiyx3AlCzsKGISc\n3NJP4PPjVFGjHQmB/+bXn1zXLZ63JgbOZuG9pLxhmJpPMxQI8jeXEHqzVmrA9cOj\nu/QRGkITxQaRS50cwFJXPDOVWWCTcHLhuk83Ofih8vhC8UPBy1FGMBl5rpVLDkG9\nue8yX5ACEQ078F78dpcnJmbv1Hxu021wI+nM3pn7C/aOrJ1wSNop8KkFZ+VHzbKY\naeuMFqhal+ePx+JoIC4JMrTll/BLxjI17tKrzXas6D4zKNGSO0WxnEFjDWuPlc89\n2y3DnaVc0eeAVPy3ODN6wJzuro4w69z1GrvXPkBfVe9WNKD1lMGRUPMRwnb/zjxu\nDT8Ms4LDaVCLDZ01ox3BpuZIDBP1q2Xk6ToObeHUNMSDM9IuMeVOz9BtxJxO8Yp/\nYfVaoqkM6Vrf5oXKUvWow0r19+ODp18JUnc8qT7Cj0b9PwtlOUqpsNE+cAzPyZh7\nUBYLPm2AZypOgw4ryUf66p3l+NGLvLdA+A1u0m+YfXSrsuEFCosUeppmZMvgzEME\n7TDSbOlt6yj9W/U3ioYbhLWk1D2whTyDybXz4MLaPTPxfxozyePOcthU7R/PVGrU\nM0Do8nugnDXE0rYVRooF3+A/6ahoKUb9QR00O4xN4A94lfXqgc6t+180S4vavgxS\ng9ZP7zYVhaDCRufDoNVI\n=nsL1\n-----END PGP SIGNATURE-----\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05376917\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c05376917\nVersion: 1\n\nHPSBMU03685 rev.1 - HPE Insight Control server provisioning (ICsp), Multiple\nRemote Vulnerabilities\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2017-01-18\nLast Updated: 2017-01-18\n\nPotential Security Impact: Remote: Arbitrary Code Execution, Arbitrary\nCommand Execution, Denial of Service (DoS), Disclosure of Sensitive\nInformation, Unauthorized Access to Files\n\nSource: Hewlett Packard Enterprise, Product Security Response Team\n\nVULNERABILITY SUMMARY\nMultiple potential security vulnerabilities have been identified in HPE\nInsight Control server provisioning (ICsp) software. The vulnerabilities\ncould be exploited remotely resulting in Denial of Service (DoS), arbitrary\ncode execution, arbitrary command execution, unauthorized access to files or\ndisclosure of sensitive information. \n\nReferences:\n\n - CVE-2015-6420 - Cisco routing and switching, execution of code\n - CVE-2016-0702 - OpenSSL, disclosure of information, \"CacheBleed\"\n - CVE-2016-0705 - OpenSSL, denial of service (DoS)\n - CVE-2016-0797 - OpenSSL, denial of service (DoS)\n - CVE-2016-0799 - OpenSSL, denial of service (DoS)\n - CVE-2016-2842 - OpenSSL, denial of service (DoS)\n - CVE-2015-7547 - glibc, denial of service (DoS)\n - CVE-2014-0050 - Apache Commons FileUpload, denial of service (DoS) \n - CVE-2014-4877 - wget, execution of arbitrary code\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \n\n - HP Insight Control server provisioning all versions prior to 7.6\n\nBACKGROUND\n\n CVSS Base Metrics\n =================\n Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector\n\n CVE-2014-0050\n 7.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L\n 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)\n\n CVE-2014-4877\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)\n\n CVE-2015-6420\n 7.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L\n 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)\n\n CVE-2015-7547\n 5.6 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L\n 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n\n CVE-2016-0702\n 2.9 CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N\n 1.9 (AV:L/AC:M/Au:N/C:P/I:N/A:N)\n\n CVE-2016-0705\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2016-0797\n 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\n 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n CVE-2016-0799\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2016-2842\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n Information on CVSS is documented in\n HPE Customer Notice HPSN-2008-002 here:\n\nhttps://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499\n\nRESOLUTION\n\nHPE has made the following software updates available to resolve the\nvulnerabilities for the impacted versions of HPE Insight Control server\nprovisioning (ICsp). Please download the latest version of Insight Control\nserver provisioning (ICsp)-7.6 from the following location: \n\n *\n\u003chttps://h20392.www2.hpe.com/portal/swdepot/displayProductInfo.do?productNumb\nr=IMDVD\u003e\n\nHISTORY\nVersion:1 (rev.1) - 18 January 2017 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running Hewlett Packard Enterprise (HPE) software\nproducts should be applied in accordance with the customer\u0027s patch management\npolicy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HPE Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hpe.com. \n\nReport: To report a potential security vulnerability for any HPE supported\nproduct:\n Web form: https://www.hpe.com/info/report-security-vulnerability\n Email: security-alert@hpe.com\n\nSubscribe: To initiate a subscription to receive future HPE Security Bulletin\nalerts via Email: http://www.hpe.com/support/Subscriber_Choice\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here: http://www.hpe.com/support/Security_Bulletin_Archive\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HPE General Software\nHF = HPE Hardware and Firmware\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPV = ProCurve\nST = Storage Software\nUX = HP-UX\n\nCopyright 2016 Hewlett Packard Enterprise\n\nHewlett Packard Enterprise shall not be liable for technical or editorial\nerrors or omissions contained herein. The information provided is provided\n\"as is\" without warranty of any kind. To the extent permitted by law, neither\nHP or its affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. Hewlett\nPackard Enterprise and the names of Hewlett Packard Enterprise products\nreferenced herein are trademarks of Hewlett Packard Enterprise in the United\nStates and other countries. Other product and company names mentioned herein\nmay be trademarks of their respective owners",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6420"
},
{
"db": "CERT/CC",
"id": "VU#581311"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006448"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005930"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-421"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-241"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-420"
},
{
"db": "BID",
"id": "77521"
},
{
"db": "VULMON",
"id": "CVE-2015-6420"
},
{
"db": "PACKETSTORM",
"id": "134752"
},
{
"db": "PACKETSTORM",
"id": "140605"
}
],
"trust": 5.22
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6420",
"trust": 2.9
},
{
"db": "CERT/CC",
"id": "VU#576313",
"trust": 2.8
},
{
"db": "CERT/CC",
"id": "VU#581311",
"trust": 2.7
},
{
"db": "BID",
"id": "78872",
"trust": 1.9
},
{
"db": "JVN",
"id": "JVNVU94276522",
"trust": 1.6
},
{
"db": "TENABLE",
"id": "TRA-2017-14",
"trust": 1.6
},
{
"db": "TENABLE",
"id": "TRA-2017-23",
"trust": 1.6
},
{
"db": "BID",
"id": "77521",
"trust": 0.9
},
{
"db": "JVN",
"id": "JVNVU96340370",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006448",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005930",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201512-421",
"trust": 0.6
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2015/11/11/3",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201511-241",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.3165",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201512-420",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2015-6420",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "134752",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "140605",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#581311"
},
{
"db": "VULMON",
"id": "CVE-2015-6420"
},
{
"db": "BID",
"id": "78872"
},
{
"db": "BID",
"id": "77521"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006448"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005930"
},
{
"db": "PACKETSTORM",
"id": "134752"
},
{
"db": "PACKETSTORM",
"id": "140605"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-421"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-241"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-420"
},
{
"db": "NVD",
"id": "CVE-2015-6420"
}
]
},
"id": "VAR-201512-0395",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.4424944225
},
"last_update_date": "2024-04-19T19:46:59.905000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20151209-java-deserialization",
"trust": 1.6,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20151209-java-deserialization"
},
{
"title": "NV16-002",
"trust": 1.6,
"url": "http://jpn.nec.com/security-info/secinfo/nv16-002.html"
},
{
"title": "Apache Commons statement to widespread Java object de-serialisation vulnerability",
"trust": 1.6,
"url": "https://blogs.apache.org/foundation/entry/apache_commons_statement_to_widespread"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://commons.apache.org/proper/commons-collections/"
},
{
"title": "COLLECTIONS-580: Arbitrary remote code execution with InvokerTransformer",
"trust": 0.8,
"url": "https://issues.apache.org/jira/browse/collections-580"
},
{
"title": "HS16-010",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/prod/comp/soft1/global/security/info/vuls/hs16-010/index.html"
},
{
"title": "1970575",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21970575"
},
{
"title": "Jenkins Security Advisory 2015-11-11",
"trust": 0.8,
"url": "https://wiki.jenkins-ci.org/display/security/jenkins+security+advisory+2015-11-11"
},
{
"title": "Secure Coding Guidelines for Java SE",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/java/seccodeguide-139067.html#8"
},
{
"title": "Oracle Security Alert for CVE-2015-4852",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2015-4852-2763333.html"
},
{
"title": "HS16-010",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/prod/comp/soft1/security/info/vuls/hs16-010/index.html"
},
{
"title": "\u65e5\u7acb\u30c7\u30a3\u30b9\u30af\u30a2\u30ec\u30a4\u30b7\u30b9\u30c6\u30e0\u306b\u304a\u3051\u308bSVP \u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30db\u30fc\u30eb",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/products/it/storage-solutions/techsupport/sec_info/sec_acc20160328.html"
},
{
"title": "Multiple Cisco product Apache Commons Collections Fixes for library arbitrary code execution vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=90854"
},
{
"title": "Debian CVElist Bug Report Logs: logback: CVE-2017-5929: serialization vulnerability affecting the SocketServer and ServerSocketReceiver components",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=a2fcdf172bb6bcdc6b94a705615d0184"
},
{
"title": "Cisco: Vulnerability in Java Deserialization Affecting Cisco Products",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20151209-java-deserialization"
},
{
"title": "IBM: Security Bulletin: Multiple vulnerabilities in IBM WebSphere eXtreme Scale Liberty Deployment.",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=79b8774da31f52ed0fc7f5e9561104e9"
},
{
"title": "IBM: Security Bulletin: Multiple vulnerability issues affect IBM Spectrum Symphony 7.3.1",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=c47c09015d1429df4a71453000607351"
},
{
"title": "IBM: IBM Security Bulletin: IBM Security Privileged Identity Manager is affected by multiple security vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=8580d3cd770371e2ef0f68ca624b80b0"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - July 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=5f8c525f1408011628af1792207b2099"
},
{
"title": "fake-vulnerabilities-java-maven",
"trust": 0.1,
"url": "https://github.com/xthk/fake-vulnerabilities-java-maven "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/andy-r2c/mavenjavatest "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/learngove/examplejavamaven "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/cheatahh/jvm-reverseshell "
},
{
"title": "apkRepair",
"trust": 0.1,
"url": "https://github.com/qiqiapink/apkrepair "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-6420"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006448"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005930"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-420"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-Other",
"trust": 1.6
},
{
"problemtype": "CWE-502",
"trust": 1.0
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-006448"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005930"
},
{
"db": "NVD",
"id": "CVE-2015-6420"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "https://www.kb.cert.org/vuls/id/576313"
},
{
"trust": 2.6,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20151209-java-deserialization"
},
{
"trust": 2.1,
"url": "http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/"
},
{
"trust": 1.9,
"url": "https://www.kb.cert.org/vuls/id/581311"
},
{
"trust": 1.6,
"url": "http://jvn.jp/vu/jvnvu94276522/index.html"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/78872"
},
{
"trust": 1.6,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05376917"
},
{
"trust": 1.6,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"trust": 1.6,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05390722"
},
{
"trust": 1.6,
"url": "https://www.tenable.com/security/research/tra-2017-14"
},
{
"trust": 1.6,
"url": "https://www.tenable.com/security/research/tra-2017-23"
},
{
"trust": 1.4,
"url": "http://frohoff.github.io/appseccali-marshalling-pickles/"
},
{
"trust": 1.0,
"url": "https://blogs.apache.org/foundation/entry/apache_commons_statement_to_widespread"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r352e40ca9874d1beb4ad95403792adca7eb295e6bc3bd7b65fabcc21%40%3ccommits.samza.apache.org%3e"
},
{
"trust": 0.9,
"url": "https://issues.apache.org/jira/browse/collections-580"
},
{
"trust": 0.8,
"url": "https://www.tp-link.com/en/download/eap220.html#controller_software"
},
{
"trust": 0.8,
"url": "https://docs.oracle.com/javase/8/docs/technotes/guides/rmi/rmi_security_recommendations.html"
},
{
"trust": 0.8,
"url": "http://cwe.mitre.org/data/definitions/306.html"
},
{
"trust": 0.8,
"url": "http://cwe.mitre.org/data/definitions/502.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6420"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu96340370/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6420"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/77521"
},
{
"trust": 0.6,
"url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2015-4852-2763333.html?elq_mid=31793\u0026sh=\u0026cmid=wwsu12091612mpp001c179"
},
{
"trust": 0.6,
"url": "https://wiki.jenkins-ci.org/display/security/jenkins+security+advisory+2015-11-11"
},
{
"trust": 0.6,
"url": "http://www.openwall.com/lists/oss-security/2015/11/11/3"
},
{
"trust": 0.6,
"url": "http://www.infoq.com/news/2015/11/commons-exploit"
},
{
"trust": 0.6,
"url": "https://tersesystems.com/2015/11/08/closing-the-open-door-of-java-object-serialization/"
},
{
"trust": 0.6,
"url": "http://mail-archives.apache.org/mod_mbox/commons-dev/201511.mbox/%3c20151106222553.00002c57.ecki@zusammenkunft.net%3e"
},
{
"trust": 0.6,
"url": "http://www.slideshare.net/frohoff1/appseccali-2015-marshalling-pickles"
},
{
"trust": 0.6,
"url": "https://www.youtube.com/watch?v=vviy3o-euvq"
},
{
"trust": 0.6,
"url": "https://commons.apache.org/proper/commons-collections/"
},
{
"trust": 0.6,
"url": "https://www.securecoding.cert.org/confluence/pages/viewpage.action?pageid=27492407"
},
{
"trust": 0.6,
"url": "http://www.oracle.com/technetwork/java/seccodeguide-139067.html#8"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r352e40ca9874d1beb4ad95403792adca7eb295e6bc3bd7b65fabcc21@%3ccommits.samza.apache.org%3e"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10967469"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-websphere-extreme-scale-liberty-deployment/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-identified-in-ibm-storediq/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-planning-analytics-workspace-is-affected-by-security-vulnerabilities-2/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerability-issues-affect-ibm-spectrum-symphony-7-3-1/"
},
{
"trust": 0.6,
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10958165"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.3165/"
},
{
"trust": 0.4,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05376917"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
},
{
"trust": 0.3,
"url": "http://seclists.org/oss-sec/2015/q4/237"
},
{
"trust": 0.3,
"url": "http://seclists.org/oss-sec/2015/q4/241"
},
{
"trust": 0.1,
"url": "https://blogs.oracle.com/security/entry/security_alert_cve_2015_4852"
},
{
"trust": 0.1,
"url": "http://gpgtools.org"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0797"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/support/security_bulletin_archive"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-4877"
},
{
"trust": 0.1,
"url": "https://www.hpe.com/info/report-security-vulnerability"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7547"
},
{
"trust": 0.1,
"url": "http://www.hpe.com/support/subscriber_choice"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0702"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2842"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-6420"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0705"
},
{
"trust": 0.1,
"url": "https://h20392.www2.hpe.com/portal/swdepot/displayproductinfo.do?productnumb"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0050"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c01345499"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0799"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#581311"
},
{
"db": "BID",
"id": "78872"
},
{
"db": "BID",
"id": "77521"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006448"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005930"
},
{
"db": "PACKETSTORM",
"id": "134752"
},
{
"db": "PACKETSTORM",
"id": "140605"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-421"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-241"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-420"
},
{
"db": "NVD",
"id": "CVE-2015-6420"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#581311"
},
{
"db": "VULMON",
"id": "CVE-2015-6420"
},
{
"db": "BID",
"id": "78872"
},
{
"db": "BID",
"id": "77521"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006448"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005930"
},
{
"db": "PACKETSTORM",
"id": "134752"
},
{
"db": "PACKETSTORM",
"id": "140605"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-421"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-241"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-420"
},
{
"db": "NVD",
"id": "CVE-2015-6420"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-09-26T00:00:00",
"db": "CERT/CC",
"id": "VU#581311"
},
{
"date": "2015-12-15T00:00:00",
"db": "VULMON",
"id": "CVE-2015-6420"
},
{
"date": "2015-12-09T00:00:00",
"db": "BID",
"id": "78872"
},
{
"date": "2015-11-08T00:00:00",
"db": "BID",
"id": "77521"
},
{
"date": "2015-12-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006448"
},
{
"date": "2015-11-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005930"
},
{
"date": "2015-12-10T17:22:52",
"db": "PACKETSTORM",
"id": "134752"
},
{
"date": "2017-01-19T13:56:50",
"db": "PACKETSTORM",
"id": "140605"
},
{
"date": "2015-11-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201512-421"
},
{
"date": "2015-11-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201511-241"
},
{
"date": "2015-12-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201512-420"
},
{
"date": "2015-12-15T05:59:07.823000",
"db": "NVD",
"id": "CVE-2015-6420"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-11-08T00:00:00",
"db": "CERT/CC",
"id": "VU#581311"
},
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2015-6420"
},
{
"date": "2018-09-27T06:00:00",
"db": "BID",
"id": "78872"
},
{
"date": "2015-12-08T22:09:00",
"db": "BID",
"id": "77521"
},
{
"date": "2018-09-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006448"
},
{
"date": "2018-02-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005930"
},
{
"date": "2015-12-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201512-421"
},
{
"date": "2015-11-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201511-241"
},
{
"date": "2021-05-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201512-420"
},
{
"date": "2023-11-07T02:26:50.673000",
"db": "NVD",
"id": "CVE-2015-6420"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "134752"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-421"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-241"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-420"
}
],
"trust": 1.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "TP-Link EAP Controller lacks RMI authentication and is vulnerable to deserialization attacks",
"sources": [
{
"db": "CERT/CC",
"id": "VU#581311"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "78872"
},
{
"db": "BID",
"id": "77521"
}
],
"trust": 0.6
}
}
VAR-201609-0349
Vulnerability from variot - Updated: 2023-12-25 21:44The ssl3_read_bytes function in record/rec_layer_s3.c in OpenSSL 1.1.0 before 1.1.0a allows remote attackers to cause a denial of service (infinite loop) by triggering a zero-length record in an SSL_peek call. OpenSSL is prone to denial-of-service vulnerability. An attacker may exploit this issue to cause a denial-of-service condition. OpenSSL version 1.1.0 is vulnerable.
Gentoo Linux Security Advisory GLSA 201612-16
https://security.gentoo.org/
Severity: Normal Title: OpenSSL: Multiple vulnerabilities Date: December 07, 2016 Bugs: #581234, #585142, #585276, #591454, #592068, #592074, #592082, #594500, #595186 ID: 201612-16
Synopsis
Multiple vulnerabilities have been found in OpenSSL, the worst of which allows attackers to conduct a time based side-channel attack.
Background
OpenSSL is an Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) as well as a general purpose cryptography library.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-libs/openssl < 1.0.2j >= 1.0.2j
Description
Multiple vulnerabilities have been discovered in OpenSSL. Please review the CVE identifiers and the International Association for Cryptologic Research's (IACR) paper, "Make Sure DSA Signing Exponentiations Really are Constant-Time" for further details.
Workaround
There is no known workaround at this time.
Resolution
All OpenSSL users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/openssl-1.0.2j"
References
[ 1 ] CVE-2016-2105 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2105 [ 2 ] CVE-2016-2106 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2106 [ 3 ] CVE-2016-2107 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2107 [ 4 ] CVE-2016-2108 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2108 [ 5 ] CVE-2016-2109 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2109 [ 6 ] CVE-2016-2176 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2176 [ 7 ] CVE-2016-2177 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2177 [ 8 ] CVE-2016-2178 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2178 [ 9 ] CVE-2016-2180 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2180 [ 10 ] CVE-2016-2183 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2183 [ 11 ] CVE-2016-6304 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6304 [ 12 ] CVE-2016-6305 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6305 [ 13 ] CVE-2016-6306 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6306 [ 14 ] CVE-2016-7052 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7052 [ 15 ] Make Sure DSA Signing Exponentiations Really are Constant-Time http://eprint.iacr.org/2016/594.pdf
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201612-16
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. OpenSSL Security Advisory [22 Sep 2016] ========================================
OCSP Status Request extension unbounded memory growth (CVE-2016-6304)
Severity: High
A malicious client can send an excessively large OCSP Status Request extension. If that client continually requests renegotiation, sending a large OCSP Status Request extension each time, then there will be unbounded memory growth on the server. This will eventually lead to a Denial Of Service attack through memory exhaustion. Servers with a default configuration are vulnerable even if they do not support OCSP. Builds using the "no-ocsp" build time option are not affected.
Servers using OpenSSL versions prior to 1.0.1g are not vulnerable in a default configuration, instead only if an application explicitly enables OCSP stapling support.
OpenSSL 1.1.0 users should upgrade to 1.1.0a OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 29th August 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL development team.
SSL_peek() hang on empty record (CVE-2016-6305)
Severity: Moderate
OpenSSL 1.1.0 SSL/TLS will hang during a call to SSL_peek() if the peer sends an empty record. This could be exploited by a malicious peer in a Denial Of Service attack.
OpenSSL 1.1.0 users should upgrade to 1.1.0a
This issue was reported to OpenSSL on 10th September 2016 by Alex Gaynor. The fix was developed by Matt Caswell of the OpenSSL development team.
SWEET32 Mitigation (CVE-2016-2183)
Severity: Low
SWEET32 (https://sweet32.info) is an attack on older block cipher algorithms that use a block size of 64 bits. In mitigation for the SWEET32 attack DES based ciphersuites have been moved from the HIGH cipherstring group to MEDIUM in OpenSSL 1.0.1 and OpenSSL 1.0.2. OpenSSL 1.1.0 since release has had these ciphersuites disabled by default.
OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 16th August 2016 by Karthikeyan Bhargavan and Gaetan Leurent (INRIA). The fix was developed by Rich Salz of the OpenSSL development team.
OOB write in MDC2_Update() (CVE-2016-6303)
Severity: Low
An overflow can occur in MDC2_Update() either if called directly or through the EVP_DigestUpdate() function using MDC2. If an attacker is able to supply very large amounts of input data after a previous call to EVP_EncryptUpdate() with a partial block then a length check can overflow resulting in a heap corruption.
The amount of data needed is comparable to SIZE_MAX which is impractical on most platforms.
OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 11th August 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL development team.
Malformed SHA512 ticket DoS (CVE-2016-6302)
Severity: Low
If a server uses SHA512 for TLS session ticket HMAC it is vulnerable to a DoS attack where a malformed ticket will result in an OOB read which will ultimately crash.
The use of SHA512 in TLS session tickets is comparatively rare as it requires a custom server callback and ticket lookup mechanism.
OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 19th August 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL development team.
OOB write in BN_bn2dec() (CVE-2016-2182)
Severity: Low
The function BN_bn2dec() does not check the return value of BN_div_word(). This can cause an OOB write if an application uses this function with an overly large BIGNUM. This could be a problem if an overly large certificate or CRL is printed out from an untrusted source. TLS is not affected because record limits will reject an oversized certificate before it is parsed.
OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 2nd August 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL development team.
OOB read in TS_OBJ_print_bio() (CVE-2016-2180)
Severity: Low
The function TS_OBJ_print_bio() misuses OBJ_obj2txt(): the return value is the total length the OID text representation would use and not the amount of data written. This will result in OOB reads when large OIDs are presented.
OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 21st July 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL development team.
Pointer arithmetic undefined behaviour (CVE-2016-2177)
Severity: Low
Avoid some undefined pointer arithmetic
A common idiom in the codebase is to check limits in the following manner: "p + len > limit"
Where "p" points to some malloc'd data of SIZE bytes and limit == p + SIZE
"len" here could be from some externally supplied data (e.g. from a TLS message).
The rules of C pointer arithmetic are such that "p + len" is only well defined where len <= SIZE. Therefore the above idiom is actually undefined behaviour.
For example this could cause problems if some malloc implementation provides an address for "p" such that "p + len" actually overflows for values of len that are too big and therefore p + len < limit.
OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 4th May 2016 by Guido Vranken. The fix was developed by Matt Caswell of the OpenSSL development team.
Constant time flag not preserved in DSA signing (CVE-2016-2178)
Severity: Low
Operations in the DSA signing algorithm should run in constant time in order to avoid side channel attacks. A flaw in the OpenSSL DSA implementation means that a non-constant time codepath is followed for certain operations. This has been demonstrated through a cache-timing attack to be sufficient for an attacker to recover the private DSA key.
OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 23rd May 2016 by César Pereida (Aalto University), Billy Brumley (Tampere University of Technology), and Yuval Yarom (The University of Adelaide and NICTA). The fix was developed by César Pereida.
DTLS buffered message DoS (CVE-2016-2179)
Severity: Low
In a DTLS connection where handshake messages are delivered out-of-order those messages that OpenSSL is not yet ready to process will be buffered for later use. Under certain circumstances, a flaw in the logic means that those messages do not get removed from the buffer even though the handshake has been completed. An attacker could force up to approx. 15 messages to remain in the buffer when they are no longer required. These messages will be cleared when the DTLS connection is closed. The default maximum size for a message is 100k. Therefore the attacker could force an additional 1500k to be consumed per connection. By opening many simulataneous connections an attacker could cause a DoS attack through memory exhaustion.
OpenSSL 1.0.2 DTLS users should upgrade to 1.0.2i OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 22nd June 2016 by Quan Luo. The fix was developed by Matt Caswell of the OpenSSL development team.
DTLS replay protection DoS (CVE-2016-2181)
Severity: Low
A flaw in the DTLS replay attack protection mechanism means that records that arrive for future epochs update the replay protection "window" before the MAC for the record has been validated. This could be exploited by an attacker by sending a record for the next epoch (which does not have to decrypt or have a valid MAC), with a very large sequence number. This means that all subsequent legitimate packets are dropped causing a denial of service for a specific DTLS connection.
OpenSSL 1.0.2 DTLS users should upgrade to 1.0.2i OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 21st November 2015 by the OCAP audit team. The fix was developed by Matt Caswell of the OpenSSL development team.
Certificate message OOB reads (CVE-2016-6306)
Severity: Low
In OpenSSL 1.0.2 and earlier some missing message length checks can result in OOB reads of up to 2 bytes beyond an allocated buffer. There is a theoretical DoS risk but this has not been observed in practice on common platforms.
The messages affected are client certificate, client certificate request and server certificate. As a result the attack can only be performed against a client or a server which enables client authentication.
OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 22nd August 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL development team.
Excessive allocation of memory in tls_get_message_header() (CVE-2016-6307)
Severity: Low
A TLS message includes 3 bytes for its length in the header for the message. This would allow for messages up to 16Mb in length. Messages of this length are excessive and OpenSSL includes a check to ensure that a peer is sending reasonably sized messages in order to avoid too much memory being consumed to service a connection. A flaw in the logic of version 1.1.0 means that memory for the message is allocated too early, prior to the excessive message length check. Due to way memory is allocated in OpenSSL this could mean an attacker could force up to 21Mb to be allocated to service a connection. This could lead to a Denial of Service through memory exhaustion. However, the excessive message length check still takes place, and this would cause the connection to immediately fail. Assuming that the application calls SSL_free() on the failed conneciton in a timely manner then the 21Mb of allocated memory will then be immediately freed again. Therefore the excessive memory allocation will be transitory in nature. This then means that there is only a security impact if:
1) The application does not call SSL_free() in a timely manner in the event that the connection fails or 2) The application is working in a constrained environment where there is very little free memory or 3) The attacker initiates multiple connection attempts such that there are multiple connections in a state where memory has been allocated for the connection; SSL_free() has not yet been called; and there is insufficient memory to service the multiple requests.
Except in the instance of (1) above any Denial Of Service is likely to be transitory because as soon as the connection fails the memory is subsequently freed again in the SSL_free() call. However there is an increased risk during this period of application crashes due to the lack of memory - which would then mean a more serious Denial of Service.
This issue does not affect DTLS users.
OpenSSL 1.1.0 TLS users should upgrade to 1.1.0a
This issue was reported to OpenSSL on 18th September 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL development team.
Excessive allocation of memory in dtls1_preprocess_fragment() (CVE-2016-6308)
Severity: Low
This issue is very similar to CVE-2016-6307. The underlying defect is different but the security analysis and impacts are the same except that it impacts DTLS.
A DTLS message includes 3 bytes for its length in the header for the message. This would allow for messages up to 16Mb in length. Messages of this length are excessive and OpenSSL includes a check to ensure that a peer is sending reasonably sized messages in order to avoid too much memory being consumed to service a connection. A flaw in the logic of version 1.1.0 means that memory for the message is allocated too early, prior to the excessive message length check. Due to way memory is allocated in OpenSSL this could mean an attacker could force up to 21Mb to be allocated to service a connection. This could lead to a Denial of Service through memory exhaustion. However, the excessive message length check still takes place, and this would cause the connection to immediately fail. Assuming that the application calls SSL_free() on the failed conneciton in a timely manner then the 21Mb of allocated memory will then be immediately freed again. Therefore the excessive memory allocation will be transitory in nature. This then means that there is only a security impact if:
1) The application does not call SSL_free() in a timely manner in the event that the connection fails or 2) The application is working in a constrained environment where there is very little free memory or 3) The attacker initiates multiple connection attempts such that there are multiple connections in a state where memory has been allocated for the connection; SSL_free() has not yet been called; and there is insufficient memory to service the multiple requests.
Except in the instance of (1) above any Denial Of Service is likely to be transitory because as soon as the connection fails the memory is subsequently freed again in the SSL_free() call. However there is an increased risk during this period of application crashes due to the lack of memory - which would then mean a more serious Denial of Service.
This issue does not affect TLS users.
OpenSSL 1.1.0 DTLS users should upgrade to 1.1.0a
This issue was reported to OpenSSL on 18th September 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL development team.
Note
As per our previous announcements and our Release Strategy (https://www.openssl.org/policies/releasestrat.html), support for OpenSSL version 1.0.1 will cease on 31st December 2016. No security updates for that version will be provided after that date. Users of 1.0.1 are advised to upgrade.
Support for versions 0.9.8 and 1.0.0 ended on 31st December 2015. Those versions are no longer receiving security updates.
References
URL for this Security Advisory: https://www.openssl.org/news/secadv/20160922.txt
Note: the online version of the advisory may be updated with additional details over time.
For details of OpenSSL severity classifications please see: https://www.openssl.org/policies/secpolicy.html
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201609-0349",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.1.0"
},
{
"model": "esmpro/serveragentservice",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "all versions (linux edition )"
},
{
"model": "openssl",
"scope": "lt",
"trust": 0.8,
"vendor": "openssl",
"version": "1.1.0"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "express v8.2 to v9.4"
},
{
"model": "enterpriseidentitymanager",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "enterprise v8.2 to v9.4"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "st ard v8.2 to v9.4"
},
{
"model": "ix2000 series",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "ix3000 series",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "secureware/pki application development kit",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "ver3.2"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "foundation v8.2 to v8.5"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.8,
"vendor": "openssl",
"version": "1.1.0a"
},
{
"model": "ix1000 series",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "webotx enterprise service bus",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v8.2 to v8.5"
},
{
"model": "webotx portal",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v8.2 to v9.1"
},
{
"model": "capssuite",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v3.0 to v4.0"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "sg3600 all series"
},
{
"model": "paging server",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "0"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.10"
},
{
"model": "webex centers t32",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "sterling connect:express for unix ifix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.13150-13"
},
{
"model": "clean access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus series blade switches 4.1 e1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4000"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.9"
},
{
"model": "telepresence content server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "proactive network operations center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.5"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "69010"
},
{
"model": "anyconnect secure mobility client for linux",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.7"
},
{
"model": "ucs central software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance media server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.13"
},
{
"model": "stealthwatch management console",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ios and cisco ios xe software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "16.2"
},
{
"model": "anyconnect secure mobility client for android",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.7"
},
{
"model": "jabber software development kit",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"model": "computer telephony integration object server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified workforce optimization",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "industrial router 1.2.1rb4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "910"
},
{
"model": "ip interoperability and collaboration system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "asr series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50000"
},
{
"model": "edge digital media player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3400"
},
{
"model": "nexus series switches standalone nx-os mode",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9000-0"
},
{
"model": "unified contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus series switches standalone nx-os mode 7.0 i5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9000-"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.11"
},
{
"model": "nexus series switches 5.2.8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7000"
},
{
"model": "anyconnect secure mobility client for desktop platforms",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"model": "jabber guest",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime license manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance ptz ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.9"
},
{
"model": "series digital media players 5.3.6 rb3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4300"
},
{
"model": "stealthwatch flowcollector sflow",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "visual quality experience server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2.2"
},
{
"model": "video surveillance series ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "60002.9"
},
{
"model": "content security management appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime collaboration provisioning",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6"
},
{
"model": "agent for openflow",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.3"
},
{
"model": "anyconnect secure mobility client for desktop platforms",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.4"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.8"
},
{
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.4.0"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1"
},
{
"model": "ons series multiservice provisioning platforms",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "telepresence sx series ce8.2.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "prime collaboration assurance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "asa next-generation firewall services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "email security appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0.1"
},
{
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8200"
},
{
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.1"
},
{
"model": "unified communications manager im \u0026 presence service (formerly c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ios and cisco ios xe software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "16.3"
},
{
"model": "webex meetings for blackberry",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security virtual server protection for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.1"
},
{
"model": "firesight system software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.0.1.3"
},
{
"model": "anyconnect secure mobility client for mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x4.0.7"
},
{
"model": "common services platform collector",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.11"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"model": "partner support service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "media services interface",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cloud web security",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime collaboration assurance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6"
},
{
"model": "jabber for iphone and ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0"
},
{
"model": "unified attendant console advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "common services platform collector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "anyconnect secure mobility client for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence mx series ce8.2.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "spectrum control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.8"
},
{
"model": "webex meetings client on-premises",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "unified intelligence center",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6(1)"
},
{
"model": "services provisioning platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ucs b-series blade servers",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1.3"
},
{
"model": "nac appliance clean access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.6"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10000"
},
{
"model": "jabber for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "asa next-generation firewall services",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1.2"
},
{
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.0.0"
},
{
"model": "unified attendant console premium edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "api gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1.2.4.0"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.5"
},
{
"model": "services provisioning platform sfp1.1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mysql workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.1.5"
},
{
"model": "video surveillance series high-definition ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40000"
},
{
"model": "jabber for android",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"model": "anyconnect secure mobility client for desktop platforms",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3.4"
},
{
"model": "series digital media players 5.3.6 rb3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4400"
},
{
"model": "video surveillance series ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30002.9"
},
{
"model": "mysql workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.3.8"
},
{
"model": "stealthwatch identity",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "aironet series access points",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "270016.2"
},
{
"model": "application policy infrastructure controller",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2(1)"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.2"
},
{
"model": "aironet series access points",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "270016.1"
},
{
"model": "unified workforce optimization quality management solution 11.5 su1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "show and share",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence system ex series tc7.3.7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "universal small cell iuh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.5"
},
{
"model": "ucs director",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jabber client framework components",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"model": "telepresence isdn link",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence profile series tc7.3.7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings client on-premises t32",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "dcm series d9900 digital content manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70006.2.19"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.5.1"
},
{
"model": "unified attendant console business edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tealeaf customer experience",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "aironet series access points",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "270016.4"
},
{
"model": "enterprise manager ops center",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1.4"
},
{
"model": "mds series multilayer switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"model": "prime network services controller 1.01u",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "oss support tools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.9.15.9.8"
},
{
"model": "firesight system software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.4.0.10"
},
{
"model": "worklight consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.0"
},
{
"model": "universal small cell series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50000"
},
{
"model": "nexus series switches 5.2 sv3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1000v"
},
{
"model": "telepresence system tx1310",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified communications domain manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence server on multiparty media and",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3103204.4"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.4"
},
{
"model": "nac guest server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "enterprise content delivery system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.11"
},
{
"model": "anyconnect secure mobility client for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence system ex series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime collaboration deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex business suite",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "dx series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ios and cisco ios xe software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "15.5(3)"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.18"
},
{
"model": "anyconnect secure mobility client for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus series blade switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40000"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.11"
},
{
"model": "telepresence system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "500-376.1"
},
{
"model": "jabber for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"model": "telepresence profile series ce8.2.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "enterprise manager base platform",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "13.1.0.0"
},
{
"model": "ace30 application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.28"
},
{
"model": "edge digital media player 1.6rb5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "300"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "69450"
},
{
"model": "telepresence isdn gateway mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83210"
},
{
"model": "wireless lan controller",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.4"
},
{
"model": "jabber software development kit",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "uc integration for microsoft lync",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6.3"
},
{
"model": "unified contact center enterprise",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6.1"
},
{
"model": "spa112 2-port phone adapter",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.4.2"
},
{
"model": "telepresence system tx1310",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1"
},
{
"model": "connected grid routers",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.3"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.4.1.2"
},
{
"model": "enterprise manager base platform",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1"
},
{
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3"
},
{
"model": "telepresence mx series tc7.3.7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ip interoperability and collaboration system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0(1)"
},
{
"model": "spa122 analog telephone adapter with router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "universal small cell series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "50003.5.12.23"
},
{
"model": "universal small cell series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50003.4.2.0"
},
{
"model": "connected grid routers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "uc integration for microsoft lync",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unity express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "13000"
},
{
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.0"
},
{
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.4"
},
{
"model": "tandberg codian isdn gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jabber guest",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.9"
},
{
"model": "digital media manager 5.3.6 rb3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "series digital media players",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44000"
},
{
"model": "ata series analog terminal adaptors",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1901.3"
},
{
"model": "prime network services controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ata series analog terminal adaptors",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1900"
},
{
"model": "asr series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "500021.2"
},
{
"model": "ons series multiservice provisioning platforms",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1545410.7"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.12"
},
{
"model": "telepresence system series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "worklight consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.2"
},
{
"model": "hosted collaboration mediation fulfillment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified communications manager session management edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified ip conference phone 10.3.1sr4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8831"
},
{
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.0"
},
{
"model": "webex meetings server multimedia platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.7"
},
{
"model": "prime network registrar",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.3.5"
},
{
"model": "series stackable managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"model": "prime access registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified intelligent contact management enterprise",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6.1"
},
{
"model": "stealthwatch flowcollector netflow",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ucs manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "network analysis module",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2(2)"
},
{
"model": "video surveillance 4300e and 4500e high-definition ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified attendant console department edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ip series phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "78000"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "27000"
},
{
"model": "onepk all-in-one virtual machine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "industrial router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9100"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "unified intelligence center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video distribution suite for internet streaming",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "13006.1"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.7.1"
},
{
"model": "cloupia unified infrastructure controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50000"
},
{
"model": "telepresence system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11006.1"
},
{
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.20"
},
{
"model": "packaged contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "agent desktop for cisco unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.0"
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"model": "adaptive security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.2"
},
{
"model": "telepresence sx series tc7.3.7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "tealeaf customer experience",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.5"
},
{
"model": "nac appliance clean access server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"model": "firesight system software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1.0.1"
},
{
"model": "webex meetings for windows phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "80"
},
{
"model": "spa232d multi-line dect analog telephone adapter",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime optical for service providers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smart care",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "edge digital media player 1.2rb1.0.3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "340"
},
{
"model": "universal small cell cloudbase factory recovery root filesystem",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.99.4"
},
{
"model": "network performance analysis",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "60006.2.19"
},
{
"model": "unified ip conference phone for third-party call control",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "webex meetings for windows phone",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "82.8"
},
{
"model": "spectrum control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.10"
},
{
"model": "universal small cell cloudbase factory recovery root filesystem",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "secure access control system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.8.0.32.7"
},
{
"model": "telepresence integrator c series ce8.2.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.3"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2"
},
{
"model": "webex meetings client hosted",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.13"
},
{
"model": "content security management appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1.140"
},
{
"model": "security virtual server protection for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"model": "stealthwatch udp director",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus series switches 5.2.8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6000"
},
{
"model": "intrusion prevention system solutions",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified ip conference phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"model": "jabber client framework components",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime ip express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified sip proxy software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.4"
},
{
"model": "mysql workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.1.4"
},
{
"model": "security manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jabber for mac",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"model": "netflow generation appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified sip proxy software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "99510"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89450"
},
{
"model": "telepresence supervisor mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "80500"
},
{
"model": "telepresence server and mse",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "701087104.4"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.10"
},
{
"model": "ucs series and series fabric interconnects",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "620063000"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.12"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2.2"
},
{
"model": "webex meeting center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.11"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.4"
},
{
"model": "netflow generation appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.1(1)"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.13"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.5.2"
},
{
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.2"
},
{
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.71"
},
{
"model": "socialminer",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "spa112 2-port phone adapter",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance series high-definition ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "40002.9"
},
{
"model": "intracer",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.3"
},
{
"model": "jabber for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "oss support tools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.8.15.7.15"
},
{
"model": "prime infrastructure",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "telepresence video communication server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance 4300e and 4500e high-definition ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.9"
},
{
"model": "computer telephony integration object server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6.1"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11000"
},
{
"model": "telepresence sx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence server on multiparty media and",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3103200"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.1"
},
{
"model": "content security appliance update servers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"model": "videoscape anyres live",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9.7.2"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "99710"
},
{
"model": "firesight system software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.4.1.9"
},
{
"model": "universal small cell iuh",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.17.3"
},
{
"model": "ata analog telephone adaptor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1870"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1.1"
},
{
"model": "ios and cisco ios xe software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "16.4"
},
{
"model": "telepresence system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "500-326.1"
},
{
"model": "unity express",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10"
},
{
"model": "expressway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "virtualization experience media edition",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"model": "vm virtualbox",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "5.1.8"
},
{
"model": "small business series managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3000"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.6"
},
{
"model": "telepresence system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10006.1"
},
{
"model": "telepresence isdn gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32410"
},
{
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "edge digital media player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3000"
},
{
"model": "series smart plus switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2200"
},
{
"model": "enterprise manager ops center",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.2.2"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1000v0"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.5.1"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.6"
},
{
"model": "virtual security gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.5"
},
{
"model": "telepresence tx9000 series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "series digital media players",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "43000"
},
{
"model": "telepresence system series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30006.1"
},
{
"model": "universal small cell series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70003.4.2.0"
},
{
"model": "unity connection",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.13"
},
{
"model": "ucs b-series blade servers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ucs standalone c-series rack server integrated management cont",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "telepresence integrator c series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "spectrum control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.9"
},
{
"model": "enterprise content delivery system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.9"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.5.1"
},
{
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.3"
},
{
"model": "mds series multilayer switches 5.2.8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9000"
},
{
"model": "series digital media players 5.4.1 rb4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4300"
},
{
"model": "ucs standalone c-series rack server integrated management cont",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "-3.0"
},
{
"model": "ios and cisco ios xe software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "16.1"
},
{
"model": "prime network",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence tx9000 series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1"
},
{
"model": "prime performance manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tealeaf customer experience on cloud network capture add-on",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "16.1.01"
},
{
"model": "smart net total care local collector appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "prime collaboration provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.12"
},
{
"model": "project openssl 1.1.0a",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "connected grid routers",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "15.8.9"
},
{
"model": "network analysis module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.5.2"
},
{
"model": "nexus series fabric switches aci mode",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9000-0"
},
{
"model": "prime performance manager sp1611",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.7"
},
{
"model": "worklight consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.1"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.12"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.22"
},
{
"model": "unified ip phone 9.3 sr3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6901"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.16"
},
{
"model": "telepresence server and mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "701087100"
},
{
"model": "mds series multilayer switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "90006.2.19"
},
{
"model": "aironet series access points",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "270015.5(3)"
},
{
"model": "spectrum control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.11"
},
{
"model": "telepresence server on virtual machine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus series switches 5.2.8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"model": "digital media manager 5.4.1 rb4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "unified workforce optimization quality management solution",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "telepresence integrator c series tc7.3.7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "spa122 analog telephone adapter with router",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.4.2"
},
{
"model": "cloud object storage",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.1"
},
{
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.2"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.14"
},
{
"model": "unified intelligent contact management enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "application and content networking system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "anyconnect secure mobility client for ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ace application control engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "47100"
},
{
"model": "oss support tools",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "8.15.17.3.14"
},
{
"model": "anyconnect secure mobility client for mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x0"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.4.1.2"
},
{
"model": "tealeaf customer experience",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.2"
},
{
"model": "prime infrastructure plug and play standalone gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "virtual security gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1.6"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "50006.2.19"
},
{
"model": "telepresence conductor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "application policy infrastructure controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jabber for mac",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jabber for iphone and ipad",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"model": "prime network registrar",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0"
},
{
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.1"
},
{
"model": "telepresence video communication server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x8.8.3"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.4.1"
},
{
"model": "series digital media players 5.4.1 rb4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4400"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0"
},
{
"model": "multicast manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "aironet series access points",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "270016.3"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"model": "anyconnect secure mobility client for ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.7"
},
{
"model": "secure access control system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.8.0.32.8"
},
{
"model": "webex node for mcs",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence mcu",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5(1.89)"
},
{
"model": "management appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "anyconnect secure mobility client for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.7"
},
{
"model": "videoscape anyres live",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance ptz ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video distribution suite for internet streaming",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.003(002)"
},
{
"model": "telepresence server on multiparty media",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8204.4"
},
{
"model": "telepresence serial gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.3"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89610"
},
{
"model": "expressway series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x8.8.3"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.3"
},
{
"model": "prime network",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "431"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500-320"
},
{
"model": "unified attendant console enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.26"
},
{
"model": "network analysis module 6.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "telepresence system ex series ce8.2.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "prime data center network manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mxe series media experience engines",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "35000"
},
{
"model": "universal small cell cloudbase factory recovery root filesystem",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.17.3"
},
{
"model": "videoscape control suite",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ip series phones vpn feature",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8800-0"
},
{
"model": "tandberg codian mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83200"
},
{
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.3.0"
},
{
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.0"
},
{
"model": "enterprise manager base platform",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "13.2.0.0"
},
{
"model": "tealeaf customer experience",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"model": "unified meetingplace 8.6mr1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "telepresence mx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tapi service provider",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance series ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70002.9"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500-370"
},
{
"model": "spa525g 5-line ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence profile series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "secure access control system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified ip conference phone for third-party call control 9.3 sr3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8831"
},
{
"model": "unified ip series phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "79000"
},
{
"model": "spa232d multi-line dect analog telephone adapter",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.4.2"
},
{
"model": "nexus series fabric switches aci mode",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9000-0"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.6"
},
{
"model": "visual quality experience tools server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "virtualization experience media edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "enterprise manager ops center",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.3.2"
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.7"
},
{
"model": "registered envelope service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "universal small cell series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70003.5.12.23"
},
{
"model": "firesight system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings client hosted t32",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "unified meetingplace",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security virtual server protection for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1"
},
{
"model": "unified contact center express",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6"
},
{
"model": "webex meetings server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.1.30"
}
],
"sources": [
{
"db": "BID",
"id": "93149"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004991"
},
{
"db": "NVD",
"id": "CVE-2016-6305"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-594"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-6305"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201609-594"
}
],
"trust": 0.6
},
"cve": "CVE-2016-6305",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2016-6305",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2016-6305",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-6305",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201609-594",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2016-6305",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-6305"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004991"
},
{
"db": "NVD",
"id": "CVE-2016-6305"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-594"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The ssl3_read_bytes function in record/rec_layer_s3.c in OpenSSL 1.1.0 before 1.1.0a allows remote attackers to cause a denial of service (infinite loop) by triggering a zero-length record in an SSL_peek call. OpenSSL is prone to denial-of-service vulnerability. \nAn attacker may exploit this issue to cause a denial-of-service condition. \nOpenSSL version 1.1.0 is vulnerable. \n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201612-16\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: OpenSSL: Multiple vulnerabilities\n Date: December 07, 2016\n Bugs: #581234, #585142, #585276, #591454, #592068, #592074,\n #592082, #594500, #595186\n ID: 201612-16\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in OpenSSL, the worst of which\nallows attackers to conduct a time based side-channel attack. \n\nBackground\n==========\n\nOpenSSL is an Open Source toolkit implementing the Secure Sockets Layer\n(SSL v2/v3) and Transport Layer Security (TLS v1) as well as a general\npurpose cryptography library. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 dev-libs/openssl \u003c 1.0.2j \u003e= 1.0.2j\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in OpenSSL. Please review\nthe CVE identifiers and the International Association for Cryptologic\nResearch\u0027s (IACR) paper, \"Make Sure DSA Signing Exponentiations Really\nare Constant-Time\" for further details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll OpenSSL users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-1.0.2j\"\n\nReferences\n==========\n\n[ 1 ] CVE-2016-2105\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2105\n[ 2 ] CVE-2016-2106\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2106\n[ 3 ] CVE-2016-2107\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2107\n[ 4 ] CVE-2016-2108\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2108\n[ 5 ] CVE-2016-2109\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2109\n[ 6 ] CVE-2016-2176\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2176\n[ 7 ] CVE-2016-2177\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2177\n[ 8 ] CVE-2016-2178\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2178\n[ 9 ] CVE-2016-2180\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2180\n[ 10 ] CVE-2016-2183\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2183\n[ 11 ] CVE-2016-6304\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6304\n[ 12 ] CVE-2016-6305\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6305\n[ 13 ] CVE-2016-6306\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6306\n[ 14 ] CVE-2016-7052\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7052\n[ 15 ] Make Sure DSA Signing Exponentiations Really are Constant-Time\n http://eprint.iacr.org/2016/594.pdf\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201612-16\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2016 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n\n. \nOpenSSL Security Advisory [22 Sep 2016]\n========================================\n\nOCSP Status Request extension unbounded memory growth (CVE-2016-6304)\n=====================================================================\n\nSeverity: High\n\nA malicious client can send an excessively large OCSP Status Request extension. \nIf that client continually requests renegotiation, sending a large OCSP Status\nRequest extension each time, then there will be unbounded memory growth on the\nserver. This will eventually lead to a Denial Of Service attack through memory\nexhaustion. Servers with a default configuration are vulnerable even if they do\nnot support OCSP. Builds using the \"no-ocsp\" build time option are not affected. \n\nServers using OpenSSL versions prior to 1.0.1g are not vulnerable in a default\nconfiguration, instead only if an application explicitly enables OCSP stapling\nsupport. \n\nOpenSSL 1.1.0 users should upgrade to 1.1.0a\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 29th August 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL\ndevelopment team. \n\nSSL_peek() hang on empty record (CVE-2016-6305)\n===============================================\n\nSeverity: Moderate\n\nOpenSSL 1.1.0 SSL/TLS will hang during a call to SSL_peek() if the peer sends an\nempty record. This could be exploited by a malicious peer in a Denial Of Service\nattack. \n\nOpenSSL 1.1.0 users should upgrade to 1.1.0a\n\nThis issue was reported to OpenSSL on 10th September 2016 by Alex Gaynor. The\nfix was developed by Matt Caswell of the OpenSSL development team. \n\nSWEET32 Mitigation (CVE-2016-2183)\n==================================\n\nSeverity: Low\n\nSWEET32 (https://sweet32.info) is an attack on older block cipher algorithms\nthat use a block size of 64 bits. In mitigation for the SWEET32 attack DES based\nciphersuites have been moved from the HIGH cipherstring group to MEDIUM in\nOpenSSL 1.0.1 and OpenSSL 1.0.2. OpenSSL 1.1.0 since release has had these\nciphersuites disabled by default. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 16th August 2016 by Karthikeyan\nBhargavan and Gaetan Leurent (INRIA). The fix was developed by Rich Salz of the\nOpenSSL development team. \n\nOOB write in MDC2_Update() (CVE-2016-6303)\n==========================================\n\nSeverity: Low\n\nAn overflow can occur in MDC2_Update() either if called directly or\nthrough the EVP_DigestUpdate() function using MDC2. If an attacker\nis able to supply very large amounts of input data after a previous\ncall to EVP_EncryptUpdate() with a partial block then a length check\ncan overflow resulting in a heap corruption. \n\nThe amount of data needed is comparable to SIZE_MAX which is impractical\non most platforms. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 11th August 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL\ndevelopment team. \n\nMalformed SHA512 ticket DoS (CVE-2016-6302)\n===========================================\n\nSeverity: Low\n\nIf a server uses SHA512 for TLS session ticket HMAC it is vulnerable to a\nDoS attack where a malformed ticket will result in an OOB read which will\nultimately crash. \n\nThe use of SHA512 in TLS session tickets is comparatively rare as it requires\na custom server callback and ticket lookup mechanism. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 19th August 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL\ndevelopment team. \n\nOOB write in BN_bn2dec() (CVE-2016-2182)\n========================================\n\nSeverity: Low\n\nThe function BN_bn2dec() does not check the return value of BN_div_word(). \nThis can cause an OOB write if an application uses this function with an\noverly large BIGNUM. This could be a problem if an overly large certificate\nor CRL is printed out from an untrusted source. TLS is not affected because\nrecord limits will reject an oversized certificate before it is parsed. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 2nd August 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL\ndevelopment team. \n\nOOB read in TS_OBJ_print_bio() (CVE-2016-2180)\n==============================================\n\nSeverity: Low\n\nThe function TS_OBJ_print_bio() misuses OBJ_obj2txt(): the return value is\nthe total length the OID text representation would use and not the amount\nof data written. This will result in OOB reads when large OIDs are presented. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 21st July 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL\ndevelopment team. \n\nPointer arithmetic undefined behaviour (CVE-2016-2177)\n======================================================\n\nSeverity: Low\n\nAvoid some undefined pointer arithmetic\n\nA common idiom in the codebase is to check limits in the following manner:\n\"p + len \u003e limit\"\n\nWhere \"p\" points to some malloc\u0027d data of SIZE bytes and\nlimit == p + SIZE\n\n\"len\" here could be from some externally supplied data (e.g. from a TLS\nmessage). \n\nThe rules of C pointer arithmetic are such that \"p + len\" is only well\ndefined where len \u003c= SIZE. Therefore the above idiom is actually\nundefined behaviour. \n\nFor example this could cause problems if some malloc implementation\nprovides an address for \"p\" such that \"p + len\" actually overflows for\nvalues of len that are too big and therefore p + len \u003c limit. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 4th May 2016 by Guido Vranken. The\nfix was developed by Matt Caswell of the OpenSSL development team. \n\nConstant time flag not preserved in DSA signing (CVE-2016-2178)\n===============================================================\n\nSeverity: Low\n\nOperations in the DSA signing algorithm should run in constant time in order to\navoid side channel attacks. A flaw in the OpenSSL DSA implementation means that\na non-constant time codepath is followed for certain operations. This has been\ndemonstrated through a cache-timing attack to be sufficient for an attacker to\nrecover the private DSA key. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 23rd May 2016 by C\u00e9sar Pereida (Aalto\nUniversity), Billy Brumley (Tampere University of Technology), and Yuval Yarom\n(The University of Adelaide and NICTA). The fix was developed by C\u00e9sar Pereida. \n\nDTLS buffered message DoS (CVE-2016-2179)\n=========================================\n\nSeverity: Low\n\nIn a DTLS connection where handshake messages are delivered out-of-order those\nmessages that OpenSSL is not yet ready to process will be buffered for later\nuse. Under certain circumstances, a flaw in the logic means that those messages\ndo not get removed from the buffer even though the handshake has been completed. \nAn attacker could force up to approx. 15 messages to remain in the buffer when\nthey are no longer required. These messages will be cleared when the DTLS\nconnection is closed. The default maximum size for a message is 100k. Therefore\nthe attacker could force an additional 1500k to be consumed per connection. By\nopening many simulataneous connections an attacker could cause a DoS attack\nthrough memory exhaustion. \n\nOpenSSL 1.0.2 DTLS users should upgrade to 1.0.2i\nOpenSSL 1.0.1 DTLS users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 22nd June 2016 by Quan Luo. The fix was\ndeveloped by Matt Caswell of the OpenSSL development team. \n\nDTLS replay protection DoS (CVE-2016-2181)\n==========================================\n\nSeverity: Low\n\nA flaw in the DTLS replay attack protection mechanism means that records that\narrive for future epochs update the replay protection \"window\" before the MAC\nfor the record has been validated. This could be exploited by an attacker by\nsending a record for the next epoch (which does not have to decrypt or have a\nvalid MAC), with a very large sequence number. This means that all subsequent\nlegitimate packets are dropped causing a denial of service for a specific\nDTLS connection. \n\nOpenSSL 1.0.2 DTLS users should upgrade to 1.0.2i\nOpenSSL 1.0.1 DTLS users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 21st November 2015 by the OCAP audit team. \nThe fix was developed by Matt Caswell of the OpenSSL development team. \n\nCertificate message OOB reads (CVE-2016-6306)\n=============================================\n\nSeverity: Low\n\nIn OpenSSL 1.0.2 and earlier some missing message length checks can result in\nOOB reads of up to 2 bytes beyond an allocated buffer. There is a theoretical\nDoS risk but this has not been observed in practice on common platforms. \n\nThe messages affected are client certificate, client certificate request and\nserver certificate. As a result the attack can only be performed against\na client or a server which enables client authentication. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 22nd August 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL\ndevelopment team. \n\nExcessive allocation of memory in tls_get_message_header() (CVE-2016-6307)\n==========================================================================\n\nSeverity: Low\n\nA TLS message includes 3 bytes for its length in the header for the message. \nThis would allow for messages up to 16Mb in length. Messages of this length are\nexcessive and OpenSSL includes a check to ensure that a peer is sending\nreasonably sized messages in order to avoid too much memory being consumed to\nservice a connection. A flaw in the logic of version 1.1.0 means that memory for\nthe message is allocated too early, prior to the excessive message length\ncheck. Due to way memory is allocated in OpenSSL this could mean an attacker\ncould force up to 21Mb to be allocated to service a connection. This could lead\nto a Denial of Service through memory exhaustion. However, the excessive message\nlength check still takes place, and this would cause the connection to\nimmediately fail. Assuming that the application calls SSL_free() on the failed\nconneciton in a timely manner then the 21Mb of allocated memory will then be\nimmediately freed again. Therefore the excessive memory allocation will be\ntransitory in nature. This then means that there is only a security impact if:\n\n1) The application does not call SSL_free() in a timely manner in the\nevent that the connection fails\nor\n2) The application is working in a constrained environment where there\nis very little free memory\nor\n3) The attacker initiates multiple connection attempts such that there\nare multiple connections in a state where memory has been allocated for\nthe connection; SSL_free() has not yet been called; and there is\ninsufficient memory to service the multiple requests. \n\nExcept in the instance of (1) above any Denial Of Service is likely to\nbe transitory because as soon as the connection fails the memory is\nsubsequently freed again in the SSL_free() call. However there is an\nincreased risk during this period of application crashes due to the lack\nof memory - which would then mean a more serious Denial of Service. \n\nThis issue does not affect DTLS users. \n\nOpenSSL 1.1.0 TLS users should upgrade to 1.1.0a\n\nThis issue was reported to OpenSSL on 18th September 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL\ndevelopment team. \n\nExcessive allocation of memory in dtls1_preprocess_fragment() (CVE-2016-6308)\n=============================================================================\n\nSeverity: Low\n\nThis issue is very similar to CVE-2016-6307. The underlying defect is different\nbut the security analysis and impacts are the same except that it impacts DTLS. \n\nA DTLS message includes 3 bytes for its length in the header for the message. \nThis would allow for messages up to 16Mb in length. Messages of this length are\nexcessive and OpenSSL includes a check to ensure that a peer is sending\nreasonably sized messages in order to avoid too much memory being consumed to\nservice a connection. A flaw in the logic of version 1.1.0 means that memory for\nthe message is allocated too early, prior to the excessive message length\ncheck. Due to way memory is allocated in OpenSSL this could mean an attacker\ncould force up to 21Mb to be allocated to service a connection. This could lead\nto a Denial of Service through memory exhaustion. However, the excessive message\nlength check still takes place, and this would cause the connection to\nimmediately fail. Assuming that the application calls SSL_free() on the failed\nconneciton in a timely manner then the 21Mb of allocated memory will then be\nimmediately freed again. Therefore the excessive memory allocation will be\ntransitory in nature. This then means that there is only a security impact if:\n\n1) The application does not call SSL_free() in a timely manner in the\nevent that the connection fails\nor\n2) The application is working in a constrained environment where there\nis very little free memory\nor\n3) The attacker initiates multiple connection attempts such that there\nare multiple connections in a state where memory has been allocated for\nthe connection; SSL_free() has not yet been called; and there is\ninsufficient memory to service the multiple requests. \n\nExcept in the instance of (1) above any Denial Of Service is likely to\nbe transitory because as soon as the connection fails the memory is\nsubsequently freed again in the SSL_free() call. However there is an\nincreased risk during this period of application crashes due to the lack\nof memory - which would then mean a more serious Denial of Service. \n\nThis issue does not affect TLS users. \n\nOpenSSL 1.1.0 DTLS users should upgrade to 1.1.0a\n\nThis issue was reported to OpenSSL on 18th September 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL\ndevelopment team. \n\nNote\n====\n\nAs per our previous announcements and our Release Strategy\n(https://www.openssl.org/policies/releasestrat.html), support for OpenSSL\nversion 1.0.1 will cease on 31st December 2016. No security updates for that\nversion will be provided after that date. Users of 1.0.1 are advised to\nupgrade. \n\nSupport for versions 0.9.8 and 1.0.0 ended on 31st December 2015. Those\nversions are no longer receiving security updates. \n\nReferences\n==========\n\nURL for this Security Advisory:\nhttps://www.openssl.org/news/secadv/20160922.txt\n\nNote: the online version of the advisory may be updated with additional details\nover time. \n\nFor details of OpenSSL severity classifications please see:\nhttps://www.openssl.org/policies/secpolicy.html\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-6305"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004991"
},
{
"db": "BID",
"id": "93149"
},
{
"db": "VULMON",
"id": "CVE-2016-6305"
},
{
"db": "PACKETSTORM",
"id": "140056"
},
{
"db": "PACKETSTORM",
"id": "169633"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-6305",
"trust": 3.0
},
{
"db": "BID",
"id": "93149",
"trust": 2.0
},
{
"db": "SIEMENS",
"id": "SSA-412672",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1036879",
"trust": 1.7
},
{
"db": "TENABLE",
"id": "TNS-2016-21",
"trust": 1.7
},
{
"db": "TENABLE",
"id": "TNS-2016-20",
"trust": 1.7
},
{
"db": "TENABLE",
"id": "TNS-2016-16",
"trust": 1.7
},
{
"db": "JUNIPER",
"id": "JSA10759",
"trust": 1.7
},
{
"db": "JVN",
"id": "JVNVU98667810",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004991",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201609-594",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-22-349-21",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-6305",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "140056",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169633",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-6305"
},
{
"db": "BID",
"id": "93149"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004991"
},
{
"db": "PACKETSTORM",
"id": "140056"
},
{
"db": "PACKETSTORM",
"id": "169633"
},
{
"db": "NVD",
"id": "CVE-2016-6305"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-594"
}
]
},
"id": "VAR-201609-0349",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.3797576935714285
},
"last_update_date": "2023-12-25T21:44:27.109000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20160927-openssl",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160927-openssl"
},
{
"title": "OpenSSL 1.1.0 hangs (CPU pegged) when SSL_peek is used with TLSv1 #1563",
"trust": 0.8,
"url": "https://github.com/openssl/openssl/issues/1563"
},
{
"title": "1995039",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039"
},
{
"title": "NV17-001",
"trust": 0.8,
"url": "http://jpn.nec.com/security-info/secinfo/nv17-001.html"
},
{
"title": "OpenSSL 1.1.0 Series Release Notes",
"trust": 0.8,
"url": "https://www.openssl.org/news/openssl-1.1.0-notes.html"
},
{
"title": "Fix a hang with SSL_peek()",
"trust": 0.8,
"url": "https://git.openssl.org/?p=openssl.git;a=commit;h=63658103d4441924f8dbfc517b99bb54758a98b9"
},
{
"title": "SSL_peek() hang on empty record (CVE-2016-6305)",
"trust": 0.8,
"url": "https://www.openssl.org/news/secadv/20160922.txt"
},
{
"title": "Oracle Critical Patch Update Advisory - October 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"title": "SA132",
"trust": 0.8,
"url": "https://bto.bluecoat.com/security-advisory/sa132"
},
{
"title": "SA40312",
"trust": 0.8,
"url": "https://kb.pulsesecure.net/articles/pulse_security_advisories/sa40312"
},
{
"title": "JSA10759",
"trust": 0.8,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10759"
},
{
"title": "TNS-2016-16",
"trust": 0.8,
"url": "https://www.tenable.com/security/tns-2016-16"
},
{
"title": "OpenSSL Security vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=64372"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2016/09/23/openssl_swats_a_dozen_bugs_one_notable_nasty/"
},
{
"title": "Red Hat: CVE-2016-6305",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2016-6305"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - January 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=69e9536e77203a3c76b24dd89f4f9300"
},
{
"title": "Tenable Security Advisories: [R7] Nessus 6.9 Fixes Multiple Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=tns-2016-16"
},
{
"title": "Symantec Security Advisories: SA132 : OpenSSL Vulnerabilities 22-Sep-2016 and 26-Sep-2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=1e6dcaf5dac6ef96a7d917a8c1393040"
},
{
"title": "Cisco: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: September 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20160927-openssl"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=05aabe19d38058b7814ef5514aab4c0c"
},
{
"title": "Tenable Security Advisories: [R3] PVS 5.2.0 Fixes Multiple Third-party Library Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=tns-2016-20"
},
{
"title": "Tenable Security Advisories: [R2] LCE 4.8.2 Fixes Multiple Third-party Library Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=tns-2016-21"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - July 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=2f446a7e1ea263c0c3a365776c6713f2"
},
{
"title": "Forcepoint Security Advisories: CVE-2016-2180 to -2183, -6302 to -6309, -2179, -7052 OpenSSL Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=forcepoint_security_advisories\u0026qid=a9dd8a175d084c7432b7ad47715ac50c"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - April 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=4019ca77f50c7a34e4d97833e6f3321e"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - April 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=143b3fb255063c81571469eaa3cf0a87"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=523d3f220a64ff01dd95e064bd37566a"
},
{
"title": "hackerone-publicy-disclosed",
"trust": 0.1,
"url": "https://github.com/imhunterand/hackerone-publicy-disclosed "
},
{
"title": "OpenSSL-CVE-lib",
"trust": 0.1,
"url": "https://github.com/chnzzh/openssl-cve-lib "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-6305"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004991"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-594"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-004991"
},
{
"db": "NVD",
"id": "CVE-2016-6305"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039"
},
{
"trust": 1.8,
"url": "https://www.openssl.org/news/secadv/20160922.txt"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/93149"
},
{
"trust": 1.8,
"url": "https://security.gentoo.org/glsa/201612-16"
},
{
"trust": 1.7,
"url": "https://github.com/openssl/openssl/issues/1563"
},
{
"trust": 1.7,
"url": "https://bto.bluecoat.com/security-advisory/sa132"
},
{
"trust": 1.7,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10759"
},
{
"trust": 1.7,
"url": "https://www.tenable.com/security/tns-2016-16"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1036879"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"trust": 1.7,
"url": "https://www.tenable.com/security/tns-2016-21"
},
{
"trust": 1.7,
"url": "https://www.tenable.com/security/tns-2016-20"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
},
{
"trust": 1.1,
"url": "https://git.openssl.org/?p=openssl.git%3ba=commit%3bh=63658103d4441924f8dbfc517b99bb54758a98b9"
},
{
"trust": 0.9,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160927-openssl"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-6305"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu98667810/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-6305"
},
{
"trust": 0.8,
"url": "http://www.bizmobile.co.jp/news_02.php?id=4069\u0026nc=1"
},
{
"trust": 0.6,
"url": "https://git.openssl.org/?p=openssl.git;a=commit;h=63658103d4441924f8dbfc517b99bb54758a98b9"
},
{
"trust": 0.3,
"url": "http://openssl.org/"
},
{
"trust": 0.3,
"url": "https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-openssl-affect-ibm-worklight-and-ibm-mobilefirst-platform-foundation-2/"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1024507"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1021643"
},
{
"trust": 0.3,
"url": "https://www.openssl.org/news/vulnerabilities.html"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21993061"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21994534"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21994861"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995129"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995392"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995393"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995691"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg2c1000242"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2180"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2178"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2177"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6306"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6304"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6305"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2183"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/20.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-6305"
},
{
"trust": 0.1,
"url": "https://github.com/imhunterand/hackerone-publicy-disclosed"
},
{
"trust": 0.1,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-21"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=49001"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2107"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2109"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2106"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2105"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2183"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2107"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2178"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2176"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-7052"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-6304"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-6305"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2108"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2106"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2108"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7052"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2105"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2109"
},
{
"trust": 0.1,
"url": "http://eprint.iacr.org/2016/594.pdf"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2176"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2180"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2177"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-6306"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6308"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/policies/secpolicy.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6303"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6302"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2182"
},
{
"trust": 0.1,
"url": "https://sweet32.info)"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/policies/releasestrat.html),"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2179"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2181"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6307"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-6305"
},
{
"db": "BID",
"id": "93149"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004991"
},
{
"db": "PACKETSTORM",
"id": "140056"
},
{
"db": "PACKETSTORM",
"id": "169633"
},
{
"db": "NVD",
"id": "CVE-2016-6305"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-594"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2016-6305"
},
{
"db": "BID",
"id": "93149"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004991"
},
{
"db": "PACKETSTORM",
"id": "140056"
},
{
"db": "PACKETSTORM",
"id": "169633"
},
{
"db": "NVD",
"id": "CVE-2016-6305"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-594"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-09-26T00:00:00",
"db": "VULMON",
"id": "CVE-2016-6305"
},
{
"date": "2016-09-22T00:00:00",
"db": "BID",
"id": "93149"
},
{
"date": "2016-09-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-004991"
},
{
"date": "2016-12-07T16:37:31",
"db": "PACKETSTORM",
"id": "140056"
},
{
"date": "2016-09-22T12:12:12",
"db": "PACKETSTORM",
"id": "169633"
},
{
"date": "2016-09-26T19:59:01.597000",
"db": "NVD",
"id": "CVE-2016-6305"
},
{
"date": "2016-09-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201609-594"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2016-6305"
},
{
"date": "2017-05-02T01:06:00",
"db": "BID",
"id": "93149"
},
{
"date": "2017-10-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-004991"
},
{
"date": "2023-11-07T02:33:57.163000",
"db": "NVD",
"id": "CVE-2016-6305"
},
{
"date": "2022-12-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201609-594"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201609-594"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL of record/rec_layer_s3.c of ssl3_read_bytes Service disruption in functions (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-004991"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201609-594"
}
],
"trust": 0.6
}
}
VAR-201609-0352
Vulnerability from variot - Updated: 2023-12-25 20:38statem/statem.c in OpenSSL 1.1.0a does not consider memory-block movement after a realloc call, which allows remote attackers to cause a denial of service (use-after-free) or possibly execute arbitrary code via a crafted TLS session. Supplementary information : CWE Vulnerability type by CWE-416: Use After Free ( Use of freed memory ) Has been identified. OpenSSL is prone to a remote code execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201609-0352",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "openssl",
"scope": "eq",
"trust": 2.4,
"vendor": "openssl",
"version": "1.1.0a"
},
{
"model": "paging server",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "0"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.10"
},
{
"model": "webex centers t32",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "sterling connect:express for unix ifix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.13150-13"
},
{
"model": "clean access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus series blade switches 4.1 e1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4000"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.9"
},
{
"model": "telepresence content server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "proactive network operations center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "69010"
},
{
"model": "anyconnect secure mobility client for linux",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.7"
},
{
"model": "ucs central software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance media server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.13"
},
{
"model": "stealthwatch management console",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ios and cisco ios xe software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "16.2"
},
{
"model": "anyconnect secure mobility client for android",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.7"
},
{
"model": "jabber software development kit",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"model": "computer telephony integration object server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified workforce optimization",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "industrial router 1.2.1rb4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "910"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1209"
},
{
"model": "ip interoperability and collaboration system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "asr series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50000"
},
{
"model": "edge digital media player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3400"
},
{
"model": "nexus series switches standalone nx-os mode",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9000-0"
},
{
"model": "unified contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus series switches standalone nx-os mode 7.0 i5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9000-"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.11"
},
{
"model": "nexus series switches 5.2.8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7000"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3361"
},
{
"model": "anyconnect secure mobility client for desktop platforms",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"model": "jabber guest",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime license manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance ptz ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.9"
},
{
"model": "series digital media players 5.3.6 rb3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4300"
},
{
"model": "stealthwatch flowcollector sflow",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3394"
},
{
"model": "visual quality experience server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jd edwards enterpriseone tools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.1.1"
},
{
"model": "video surveillance series ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "60002.9"
},
{
"model": "content security management appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime collaboration provisioning",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6"
},
{
"model": "agent for openflow",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "anyconnect secure mobility client for desktop platforms",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.4"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.8"
},
{
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.4.0"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1"
},
{
"model": "ons series multiservice provisioning platforms",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "telepresence sx series ce8.2.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "prime collaboration assurance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "asa next-generation firewall services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "email security appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0.1"
},
{
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8200"
},
{
"model": "unified communications manager im \u0026 presence service (formerly c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ios and cisco ios xe software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "16.3"
},
{
"model": "webex meetings for blackberry",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security virtual server protection for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.1"
},
{
"model": "firesight system software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.0.1.3"
},
{
"model": "anyconnect secure mobility client for mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x4.0.7"
},
{
"model": "common services platform collector",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.11"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"model": "partner support service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "media services interface",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cloud web security",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime collaboration assurance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6"
},
{
"model": "jabber for iphone and ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0"
},
{
"model": "unified attendant console advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "common services platform collector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "anyconnect secure mobility client for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence mx series ce8.2.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "spectrum control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.8"
},
{
"model": "webex meetings client on-premises",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "unified intelligence center",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6(1)"
},
{
"model": "services provisioning platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ucs b-series blade servers",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1.3"
},
{
"model": "nac appliance clean access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.6"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10000"
},
{
"model": "jabber for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "asa next-generation firewall services",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1.2"
},
{
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.0.0"
},
{
"model": "unified attendant console premium edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "api gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1.2.4.0"
},
{
"model": "services provisioning platform sfp1.1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jabber for android",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"model": "video surveillance series high-definition ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40000"
},
{
"model": "anyconnect secure mobility client for desktop platforms",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3.4"
},
{
"model": "project openssl 1.1.0a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "series digital media players 5.3.6 rb3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4400"
},
{
"model": "video surveillance series ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30002.9"
},
{
"model": "stealthwatch identity",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "aironet series access points",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "270016.2"
},
{
"model": "application policy infrastructure controller",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2(1)"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.2"
},
{
"model": "aironet series access points",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "270016.1"
},
{
"model": "unified workforce optimization quality management solution 11.5 su1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "show and share",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence system ex series tc7.3.7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "universal small cell iuh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.5"
},
{
"model": "ucs director",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jabber client framework components",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"model": "telepresence isdn link",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence profile series tc7.3.7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings client on-premises t32",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "dcm series d9900 digital content manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70006.2.19"
},
{
"model": "unified attendant console business edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "aironet series access points",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "270016.4"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.54"
},
{
"model": "enterprise manager ops center",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1.4"
},
{
"model": "mds series multilayer switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"model": "prime network services controller 1.01u",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "oss support tools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.9.15.9.8"
},
{
"model": "firesight system software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.4.0.10"
},
{
"model": "worklight consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.0"
},
{
"model": "universal small cell series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50000"
},
{
"model": "nexus series switches 5.2 sv3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1000v"
},
{
"model": "telepresence system tx1310",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified communications domain manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence server on multiparty media and",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3103204.4"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.4"
},
{
"model": "nac guest server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "enterprise content delivery system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.11"
},
{
"model": "anyconnect secure mobility client for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence system ex series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime collaboration deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex business suite",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "dx series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ios and cisco ios xe software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "15.5(3)"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.18"
},
{
"model": "anyconnect secure mobility client for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus series blade switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40000"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.11"
},
{
"model": "telepresence system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "500-376.1"
},
{
"model": "jabber for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"model": "telepresence profile series ce8.2.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "enterprise manager base platform",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "13.1.0.0"
},
{
"model": "ace30 application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.28"
},
{
"model": "edge digital media player 1.6rb5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "300"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "69450"
},
{
"model": "telepresence isdn gateway mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83210"
},
{
"model": "wireless lan controller",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.4"
},
{
"model": "jabber software development kit",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "uc integration for microsoft lync",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6.3"
},
{
"model": "unified contact center enterprise",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6.1"
},
{
"model": "spa112 2-port phone adapter",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.4.2"
},
{
"model": "telepresence system tx1310",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1"
},
{
"model": "connected grid routers",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.3"
},
{
"model": "enterprise manager base platform",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1"
},
{
"model": "telepresence mx series tc7.3.7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ip interoperability and collaboration system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0(1)"
},
{
"model": "spa122 analog telephone adapter with router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "universal small cell series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "50003.5.12.23"
},
{
"model": "universal small cell series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50003.4.2.0"
},
{
"model": "connected grid routers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "uc integration for microsoft lync",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1768"
},
{
"model": "unity express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "13000"
},
{
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.0"
},
{
"model": "tandberg codian isdn gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jabber guest",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.9"
},
{
"model": "digital media manager 5.3.6 rb3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "series digital media players",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44000"
},
{
"model": "ata series analog terminal adaptors",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1901.3"
},
{
"model": "prime network services controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ata series analog terminal adaptors",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1900"
},
{
"model": "asr series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "500021.2"
},
{
"model": "ons series multiservice provisioning platforms",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1545410.7"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.12"
},
{
"model": "telepresence system series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "worklight consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.2"
},
{
"model": "hosted collaboration mediation fulfillment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified communications manager session management edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified ip conference phone 10.3.1sr4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8831"
},
{
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.0"
},
{
"model": "webex meetings server multimedia platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.7"
},
{
"model": "prime network registrar",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.3.5"
},
{
"model": "series stackable managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"model": "prime access registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified intelligent contact management enterprise",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6.1"
},
{
"model": "stealthwatch flowcollector netflow",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ucs manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "network analysis module",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2(2)"
},
{
"model": "video surveillance 4300e and 4500e high-definition ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified attendant console department edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ip series phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "78000"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "27000"
},
{
"model": "onepk all-in-one virtual machine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3387"
},
{
"model": "industrial router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9100"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "unified intelligence center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video distribution suite for internet streaming",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "13006.1"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.7.1"
},
{
"model": "cloupia unified infrastructure controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50000"
},
{
"model": "telepresence system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11006.1"
},
{
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.20"
},
{
"model": "packaged contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "agent desktop for cisco unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.0"
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"model": "adaptive security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence sx series tc7.3.7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.5"
},
{
"model": "nac appliance clean access server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"model": "firesight system software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1.0.1"
},
{
"model": "webex meetings for windows phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "80"
},
{
"model": "spa232d multi-line dect analog telephone adapter",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime optical for service providers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smart care",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "edge digital media player 1.2rb1.0.3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "340"
},
{
"model": "universal small cell cloudbase factory recovery root filesystem",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.99.4"
},
{
"model": "network performance analysis",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "60006.2.19"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.55"
},
{
"model": "unified ip conference phone for third-party call control",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "webex meetings for windows phone",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "82.8"
},
{
"model": "spectrum control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.10"
},
{
"model": "universal small cell cloudbase factory recovery root filesystem",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "secure access control system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.8.0.32.7"
},
{
"model": "telepresence integrator c series ce8.2.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2"
},
{
"model": "webex meetings client hosted",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.13"
},
{
"model": "content security management appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1.140"
},
{
"model": "security virtual server protection for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"model": "stealthwatch udp director",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus series switches 5.2.8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6000"
},
{
"model": "intrusion prevention system solutions",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified ip conference phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"model": "jabber client framework components",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime ip express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified sip proxy software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.4"
},
{
"model": "security manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jabber for mac",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"model": "netflow generation appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified sip proxy software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "99510"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89450"
},
{
"model": "telepresence supervisor mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "80500"
},
{
"model": "telepresence server and mse",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "701087104.4"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.10"
},
{
"model": "ucs series and series fabric interconnects",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "620063000"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.12"
},
{
"model": "webex meeting center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.11"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.4"
},
{
"model": "netflow generation appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.1(1)"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.13"
},
{
"model": "socialminer",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "spa112 2-port phone adapter",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance series high-definition ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "40002.9"
},
{
"model": "intracer",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.3"
},
{
"model": "jabber for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "oss support tools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.8.15.7.15"
},
{
"model": "prime infrastructure",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "telepresence video communication server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance 4300e and 4500e high-definition ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.9"
},
{
"model": "computer telephony integration object server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6.1"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11000"
},
{
"model": "telepresence sx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence server on multiparty media and",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3103200"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.1"
},
{
"model": "content security appliance update servers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"model": "videoscape anyres live",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9.7.2"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "99710"
},
{
"model": "transportation management",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"model": "firesight system software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.4.1.9"
},
{
"model": "universal small cell iuh",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.17.3"
},
{
"model": "ata analog telephone adaptor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1870"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1.1"
},
{
"model": "ios and cisco ios xe software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "16.4"
},
{
"model": "telepresence system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "500-326.1"
},
{
"model": "unity express",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10"
},
{
"model": "expressway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "virtualization experience media edition",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"model": "vm virtualbox",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "5.1.8"
},
{
"model": "small business series managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3000"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.6"
},
{
"model": "telepresence system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10006.1"
},
{
"model": "telepresence isdn gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32410"
},
{
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "edge digital media player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3000"
},
{
"model": "series smart plus switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2200"
},
{
"model": "enterprise manager ops center",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.2.2"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1000v0"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.5.1"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.6"
},
{
"model": "virtual security gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.5"
},
{
"model": "telepresence tx9000 series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "series digital media players",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "43000"
},
{
"model": "telepresence system series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30006.1"
},
{
"model": "universal small cell series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70003.4.2.0"
},
{
"model": "unity connection",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.13"
},
{
"model": "ucs b-series blade servers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ucs standalone c-series rack server integrated management cont",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "telepresence integrator c series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "spectrum control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.9"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3381"
},
{
"model": "enterprise content delivery system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.9"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"model": "mds series multilayer switches 5.2.8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9000"
},
{
"model": "series digital media players 5.4.1 rb4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4300"
},
{
"model": "ucs standalone c-series rack server integrated management cont",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "-3.0"
},
{
"model": "ios and cisco ios xe software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "16.1"
},
{
"model": "prime network",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence tx9000 series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1"
},
{
"model": "prime performance manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smart net total care local collector appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "prime collaboration provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.12"
},
{
"model": "connected grid routers",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "15.8.9"
},
{
"model": "network analysis module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus series fabric switches aci mode",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9000-0"
},
{
"model": "prime performance manager sp1611",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.7"
},
{
"model": "worklight consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.1"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.12"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.22"
},
{
"model": "unified ip phone 9.3 sr3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6901"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.16"
},
{
"model": "telepresence server and mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "701087100"
},
{
"model": "mds series multilayer switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "90006.2.19"
},
{
"model": "aironet series access points",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "270015.5(3)"
},
{
"model": "spectrum control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.11"
},
{
"model": "telepresence server on virtual machine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus series switches 5.2.8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"model": "security network controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3376"
},
{
"model": "digital media manager 5.4.1 rb4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "unified workforce optimization quality management solution",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "telepresence integrator c series tc7.3.7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "spa122 analog telephone adapter with router",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.4.2"
},
{
"model": "cloud object storage",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.1"
},
{
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.2"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.14"
},
{
"model": "unified intelligent contact management enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "application and content networking system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "anyconnect secure mobility client for ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ace application control engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "47100"
},
{
"model": "oss support tools",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "8.15.17.3.14"
},
{
"model": "anyconnect secure mobility client for mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x0"
},
{
"model": "prime infrastructure plug and play standalone gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "virtual security gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1.6"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "50006.2.19"
},
{
"model": "telepresence conductor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "application policy infrastructure controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jabber for mac",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jabber for iphone and ipad",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"model": "prime network registrar",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0"
},
{
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.1"
},
{
"model": "telepresence video communication server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x8.8.3"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.4.1"
},
{
"model": "series digital media players 5.4.1 rb4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4400"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0"
},
{
"model": "multicast manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "aironet series access points",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "270016.3"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"model": "anyconnect secure mobility client for ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.7"
},
{
"model": "secure access control system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.8.0.32.8"
},
{
"model": "webex node for mcs",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence mcu",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5(1.89)"
},
{
"model": "management appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "anyconnect secure mobility client for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.7"
},
{
"model": "videoscape anyres live",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance ptz ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video distribution suite for internet streaming",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.003(002)"
},
{
"model": "telepresence server on multiparty media",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8204.4"
},
{
"model": "telepresence serial gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.3"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89610"
},
{
"model": "expressway series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x8.8.3"
},
{
"model": "prime network",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "431"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500-320"
},
{
"model": "unified attendant console enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "transportation management",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.1"
},
{
"model": "unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.26"
},
{
"model": "network analysis module 6.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "telepresence system ex series ce8.2.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "prime data center network manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mxe series media experience engines",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "35000"
},
{
"model": "universal small cell cloudbase factory recovery root filesystem",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.17.3"
},
{
"model": "videoscape control suite",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ip series phones vpn feature",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8800-0"
},
{
"model": "tandberg codian mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83200"
},
{
"model": "flex system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.3.0"
},
{
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.0"
},
{
"model": "enterprise manager base platform",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "13.2.0.0"
},
{
"model": "unified meetingplace 8.6mr1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "telepresence mx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tapi service provider",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance series ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70002.9"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500-370"
},
{
"model": "spa525g 5-line ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence profile series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "secure access control system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified ip conference phone for third-party call control 9.3 sr3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8831"
},
{
"model": "unified ip series phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "79000"
},
{
"model": "spa232d multi-line dect analog telephone adapter",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.4.2"
},
{
"model": "nexus series fabric switches aci mode",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9000-0"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.6"
},
{
"model": "visual quality experience tools server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "virtualization experience media edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "enterprise manager ops center",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.3.2"
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.7"
},
{
"model": "registered envelope service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "universal small cell series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70003.5.12.23"
},
{
"model": "firesight system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings client hosted t32",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "unified meetingplace",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security virtual server protection for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1"
},
{
"model": "unified contact center express",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6"
},
{
"model": "webex meetings server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.1.30"
}
],
"sources": [
{
"db": "BID",
"id": "93177"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004995"
},
{
"db": "NVD",
"id": "CVE-2016-6309"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-598"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.1.0a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-6309"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201609-598"
}
],
"trust": 0.6
},
"cve": "CVE-2016-6309",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2016-6309",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2016-6309",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-6309",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNNVD",
"id": "CNNVD-201609-598",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2016-6309",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-6309"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004995"
},
{
"db": "NVD",
"id": "CVE-2016-6309"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-598"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "statem/statem.c in OpenSSL 1.1.0a does not consider memory-block movement after a realloc call, which allows remote attackers to cause a denial of service (use-after-free) or possibly execute arbitrary code via a crafted TLS session. Supplementary information : CWE Vulnerability type by CWE-416: Use After Free ( Use of freed memory ) Has been identified. OpenSSL is prone to a remote code execution vulnerability. \nAn attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-6309"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004995"
},
{
"db": "BID",
"id": "93177"
},
{
"db": "VULMON",
"id": "CVE-2016-6309"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-6309",
"trust": 2.8
},
{
"db": "BID",
"id": "93177",
"trust": 1.4
},
{
"db": "JUNIPER",
"id": "JSA10759",
"trust": 1.1
},
{
"db": "TENABLE",
"id": "TNS-2016-16",
"trust": 1.1
},
{
"db": "TENABLE",
"id": "TNS-2016-20",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1036885",
"trust": 1.1
},
{
"db": "JVN",
"id": "JVNVU99474230",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004995",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201609-598",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2016-6309",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-6309"
},
{
"db": "BID",
"id": "93177"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004995"
},
{
"db": "NVD",
"id": "CVE-2016-6309"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-598"
}
]
},
"id": "VAR-201609-0352",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.3797576935714285
},
"last_update_date": "2023-12-25T20:38:46.477000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20160927-openssl",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160927-openssl"
},
{
"title": "OpenSSL 1.1.0 Series Release Notes",
"trust": 0.8,
"url": "https://www.openssl.org/news/openssl-1.1.0-notes.html"
},
{
"title": "Fix Use After Free for large message sizes",
"trust": 0.8,
"url": "https://git.openssl.org/?p=openssl.git;a=commit;h=acacbfa7565c78d2273c0b2a2e5e803f44afefeb"
},
{
"title": "Fix Use After Free for large message sizes (CVE-2016-6309)",
"trust": 0.8,
"url": "https://www.openssl.org/news/secadv/20160926.txt"
},
{
"title": "Oracle Critical Patch Update Advisory - October 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"title": "OpenSSL Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=64376"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2016/09/26/openssl_patches_last_weeks_patch/"
},
{
"title": "Red Hat: CVE-2016-6309",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2016-6309"
},
{
"title": "Arch Linux Issues: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=cve-2016-6309"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - January 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=69e9536e77203a3c76b24dd89f4f9300"
},
{
"title": "Tenable Security Advisories: [R7] Nessus 6.9 Fixes Multiple Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=tns-2016-16"
},
{
"title": "Symantec Security Advisories: SA132 : OpenSSL Vulnerabilities 22-Sep-2016 and 26-Sep-2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=1e6dcaf5dac6ef96a7d917a8c1393040"
},
{
"title": "Cisco: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: September 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20160927-openssl"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=05aabe19d38058b7814ef5514aab4c0c"
},
{
"title": "Tenable Security Advisories: [R3] PVS 5.2.0 Fixes Multiple Third-party Library Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=tns-2016-20"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - July 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=2f446a7e1ea263c0c3a365776c6713f2"
},
{
"title": "Forcepoint Security Advisories: CVE-2016-2180 to -2183, -6302 to -6309, -2179, -7052 OpenSSL Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=forcepoint_security_advisories\u0026qid=a9dd8a175d084c7432b7ad47715ac50c"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - April 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=4019ca77f50c7a34e4d97833e6f3321e"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - April 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=143b3fb255063c81571469eaa3cf0a87"
},
{
"title": "SEEKER_dataset",
"trust": 0.1,
"url": "https://github.com/sf4bin/seeker_dataset "
},
{
"title": "honggfuzz",
"trust": 0.1,
"url": "https://github.com/khadas/android_external_honggfuzz "
},
{
"title": "honggfuzz",
"trust": 0.1,
"url": "https://github.com/crdroid-r/external_honggfuzz "
},
{
"title": "honggfuzz",
"trust": 0.1,
"url": "https://github.com/yaap/external_honggfuzz "
},
{
"title": "articles",
"trust": 0.1,
"url": "https://github.com/xinali/articles "
},
{
"title": "honggfuzz",
"trust": 0.1,
"url": "https://github.com/dennissimos/platform_external_honggfuzz "
},
{
"title": "honggfuzz",
"trust": 0.1,
"url": "https://github.com/r3p3r/nixawk-honggfuzz "
},
{
"title": "honggfuzz",
"trust": 0.1,
"url": "https://github.com/aosp-caf-upstream/platform_external_honggfuzz "
},
{
"title": "honggfuzz",
"trust": 0.1,
"url": "https://github.com/tinkerboard-android/rockchip-android-external-honggfuzz "
},
{
"title": "honggfuzz",
"trust": 0.1,
"url": "https://github.com/jingpad-bsp/android_external_honggfuzz "
},
{
"title": "honggfuzz",
"trust": 0.1,
"url": "https://github.com/tinkeredger-android/external_honggfuzz "
},
{
"title": "honggfuzz",
"trust": 0.1,
"url": "https://github.com/random-aosp-stuff/android_external_honggfuzz "
},
{
"title": "honggfuzz",
"trust": 0.1,
"url": "https://github.com/bananadroid/android_external_honggfuzz "
},
{
"title": "honggfuzz",
"trust": 0.1,
"url": "https://github.com/wave-project/external_honggfuzz "
},
{
"title": "honggfuzz",
"trust": 0.1,
"url": "https://github.com/imbaya2466/honggfuzz_read "
},
{
"title": "honggfuzz",
"trust": 0.1,
"url": "https://github.com/thexperienceproject/android_external_honggfuzz "
},
{
"title": "honggfuzz",
"trust": 0.1,
"url": "https://github.com/forklineageos/external_honggfuzz "
},
{
"title": "honggfuzz",
"trust": 0.1,
"url": "https://github.com/statixos/android_external_honggfuzz "
},
{
"title": "honggfuzz",
"trust": 0.1,
"url": "https://github.com/aosp10-public/external_honggfuzz "
},
{
"title": "honggfuzz",
"trust": 0.1,
"url": "https://github.com/crdroidandroid/android_external_honggfuzz "
},
{
"title": "honggfuzz",
"trust": 0.1,
"url": "https://github.com/tinkerboard2-android/external-honggfuzz "
},
{
"title": "honggfuzz",
"trust": 0.1,
"url": "https://github.com/corvus-r/android_external_honggfuzz "
},
{
"title": "honggfuzz",
"trust": 0.1,
"url": "https://github.com/caf-extended/external_honggfuzz "
},
{
"title": "honggfuzz",
"trust": 0.1,
"url": "https://github.com/protonaosp/android_external_honggfuzz "
},
{
"title": "honggfuzz",
"trust": 0.1,
"url": "https://github.com/protonaosp-platina/android_external_honggfuzz "
},
{
"title": "honggfuzz",
"trust": 0.1,
"url": "https://github.com/havocr/external_honggfuzz "
},
{
"title": "honggfuzz",
"trust": 0.1,
"url": "https://github.com/tomoms/android_external_honggfuzz "
},
{
"title": "Honggfuzz",
"trust": 0.1,
"url": "https://github.com/ep-infosec/50_google_honggfuzz "
},
{
"title": "Honggfuzz",
"trust": 0.1,
"url": "https://github.com/lllnx/lllnx "
},
{
"title": "Honggfuzz",
"trust": 0.1,
"url": "https://github.com/google/honggfuzz "
},
{
"title": "OpenSSL-CVE-lib",
"trust": 0.1,
"url": "https://github.com/chnzzh/openssl-cve-lib "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-6309"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004995"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-598"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-416",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-004995"
},
{
"db": "NVD",
"id": "CVE-2016-6309"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.4,
"url": "https://www.openssl.org/news/secadv/20160926.txt"
},
{
"trust": 1.4,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/bid/93177"
},
{
"trust": 1.1,
"url": "https://bto.bluecoat.com/security-advisory/sa132"
},
{
"trust": 1.1,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10759"
},
{
"trust": 1.1,
"url": "https://www.tenable.com/security/tns-2016-16"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1036885"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"trust": 1.1,
"url": "https://www.tenable.com/security/tns-2016-20"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"trust": 1.1,
"url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03856en_us"
},
{
"trust": 1.1,
"url": "https://git.openssl.org/?p=openssl.git%3ba=commit%3bh=acacbfa7565c78d2273c0b2a2e5e803f44afefeb"
},
{
"trust": 0.9,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160927-openssl"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-6309"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu99474230/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-6309"
},
{
"trust": 0.3,
"url": "http://openssl.org/"
},
{
"trust": 0.3,
"url": "https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-openssl-affect-ibm-worklight-and-ibm-mobilefirst-platform-foundation-2/"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1024507"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21993061"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995129"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995392"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995393"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995691"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21996181"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/416.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=49041"
},
{
"trust": 0.1,
"url": "https://github.com/xinali/articles"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-6309"
},
{
"db": "BID",
"id": "93177"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004995"
},
{
"db": "NVD",
"id": "CVE-2016-6309"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-598"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2016-6309"
},
{
"db": "BID",
"id": "93177"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004995"
},
{
"db": "NVD",
"id": "CVE-2016-6309"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-598"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-09-26T00:00:00",
"db": "VULMON",
"id": "CVE-2016-6309"
},
{
"date": "2016-09-26T00:00:00",
"db": "BID",
"id": "93177"
},
{
"date": "2016-09-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-004995"
},
{
"date": "2016-09-26T19:59:06.393000",
"db": "NVD",
"id": "CVE-2016-6309"
},
{
"date": "2016-09-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201609-598"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2016-6309"
},
{
"date": "2017-05-02T00:06:00",
"db": "BID",
"id": "93177"
},
{
"date": "2016-12-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-004995"
},
{
"date": "2023-11-07T02:33:57.517000",
"db": "NVD",
"id": "CVE-2016-6309"
},
{
"date": "2019-02-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201609-598"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201609-598"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL of statem/statem.c Service disruption in (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-004995"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201609-598"
}
],
"trust": 0.6
}
}
VAR-201609-0031
Vulnerability from variot - Updated: 2023-12-25 20:37The DTLS implementation in OpenSSL before 1.1.0 does not properly restrict the lifetime of queue entries associated with unused out-of-order messages, which allows remote attackers to cause a denial of service (memory consumption) by maintaining many crafted DTLS sessions simultaneously, related to d1_lib.c, statem_dtls.c, statem_lib.c, and statem_srvr.c. OpenSSL is prone to multiple denial-of-service vulnerabilities. An attacker can exploit these issues to cause a denial-of-service condition. Versions prior to OpenSSL 1.1.0 are vulnerable. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: openssl security update Advisory ID: RHSA-2016:1940-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-1940.html Issue date: 2016-09-27 CVE Names: CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-2180 CVE-2016-2181 CVE-2016-2182 CVE-2016-6302 CVE-2016-6304 CVE-2016-6306 =====================================================================
- Summary:
An update for openssl is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
- Description:
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library. A remote attacker could cause a TLS server using OpenSSL to consume an excessive amount of memory and, possibly, exit unexpectedly after exhausting all available memory, if it enabled OCSP stapling support. (CVE-2016-2178)
-
It was discovered that the Datagram TLS (DTLS) implementation could fail to release memory in certain cases. A malicious DTLS client could cause a DTLS server using OpenSSL to consume an excessive amount of memory and, possibly, exit unexpectedly after exhausting all available memory. A remote attacker could possibly use this flaw to make a DTLS server using OpenSSL to reject further packets sent from a DTLS client over an established DTLS connection. (CVE-2016-2181)
-
An out of bounds write flaw was discovered in the OpenSSL BN_bn2dec() function. (CVE-2016-2182)
-
A flaw was found in the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite. (CVE-2016-2183)
This update mitigates the CVE-2016-2183 issue by lowering priority of DES cipher suites so they are not preferred over cipher suites using AES. For compatibility reasons, DES cipher suites remain enabled by default and included in the set of cipher suites identified by the HIGH cipher string. Future updates may move them to MEDIUM or not enable them by default.
-
An integer underflow flaw leading to a buffer over-read was found in the way OpenSSL parsed TLS session tickets. (CVE-2016-6302)
-
Multiple integer overflow flaws were found in the way OpenSSL performed pointer arithmetic. A remote attacker could possibly use these flaws to cause a TLS/SSL server or client using OpenSSL to crash. (CVE-2016-2177)
-
An out of bounds read flaw was found in the way OpenSSL formatted Public Key Infrastructure Time-Stamp Protocol data for printing. An attacker could possibly cause an application using OpenSSL to crash if it printed time stamp data from the attacker. A remote attacker could possibly use these flaws to crash a TLS/SSL server or client using OpenSSL. (CVE-2016-6306)
Red Hat would like to thank the OpenSSL project for reporting CVE-2016-6304 and CVE-2016-6306 and OpenVPN for reporting CVE-2016-2183.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.
- Bugs fixed (https://bugzilla.redhat.com/):
1341705 - CVE-2016-2177 openssl: Possible integer overflow vulnerabilities in codebase 1343400 - CVE-2016-2178 openssl: Non-constant time codepath followed for certain operations in DSA implementation 1359615 - CVE-2016-2180 OpenSSL: OOB read in TS_OBJ_print_bio() 1367340 - CVE-2016-2182 openssl: Out-of-bounds write caused by unchecked errors in BN_bn2dec() 1369113 - CVE-2016-2181 openssl: DTLS replay protection bypass allows DoS against DTLS connection 1369383 - CVE-2016-2183 SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32) 1369504 - CVE-2016-2179 openssl: DTLS memory exhaustion DoS when messages are not removed from fragment buffer 1369855 - CVE-2016-6302 openssl: Insufficient TLS session ticket HMAC length checks 1377594 - CVE-2016-6306 openssl: certificate message OOB reads 1377600 - CVE-2016-6304 openssl: OCSP Status Request extension unbounded memory growth
- Package List:
Red Hat Enterprise Linux Desktop (v. 6):
Source: openssl-1.0.1e-48.el6_8.3.src.rpm
i386: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm
x86_64: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
i386: openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm openssl-perl-1.0.1e-48.el6_8.3.i686.rpm openssl-static-1.0.1e-48.el6_8.3.i686.rpm
x86_64: openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm openssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-static-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source: openssl-1.0.1e-48.el6_8.3.src.rpm
x86_64: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
x86_64: openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm openssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-static-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source: openssl-1.0.1e-48.el6_8.3.src.rpm
i386: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm
ppc64: openssl-1.0.1e-48.el6_8.3.ppc.rpm openssl-1.0.1e-48.el6_8.3.ppc64.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.ppc.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.ppc64.rpm openssl-devel-1.0.1e-48.el6_8.3.ppc.rpm openssl-devel-1.0.1e-48.el6_8.3.ppc64.rpm
s390x: openssl-1.0.1e-48.el6_8.3.s390.rpm openssl-1.0.1e-48.el6_8.3.s390x.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.s390.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.s390x.rpm openssl-devel-1.0.1e-48.el6_8.3.s390.rpm openssl-devel-1.0.1e-48.el6_8.3.s390x.rpm
x86_64: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
i386: openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-perl-1.0.1e-48.el6_8.3.i686.rpm openssl-static-1.0.1e-48.el6_8.3.i686.rpm
ppc64: openssl-debuginfo-1.0.1e-48.el6_8.3.ppc64.rpm openssl-perl-1.0.1e-48.el6_8.3.ppc64.rpm openssl-static-1.0.1e-48.el6_8.3.ppc64.rpm
s390x: openssl-debuginfo-1.0.1e-48.el6_8.3.s390x.rpm openssl-perl-1.0.1e-48.el6_8.3.s390x.rpm openssl-static-1.0.1e-48.el6_8.3.s390x.rpm
x86_64: openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm openssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-static-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source: openssl-1.0.1e-48.el6_8.3.src.rpm
i386: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm
x86_64: openssl-1.0.1e-48.el6_8.3.i686.rpm openssl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm openssl-devel-1.0.1e-48.el6_8.3.i686.rpm openssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
i386: openssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm openssl-perl-1.0.1e-48.el6_8.3.i686.rpm openssl-static-1.0.1e-48.el6_8.3.i686.rpm
x86_64: openssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm openssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm openssl-static-1.0.1e-48.el6_8.3.x86_64.rpm
Red Hat Enterprise Linux Client (v. 7):
Source: openssl-1.0.1e-51.el7_2.7.src.rpm
x86_64: openssl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-libs-1.0.1e-51.el7_2.7.i686.rpm openssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64: openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-devel-1.0.1e-51.el7_2.7.i686.rpm openssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm openssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-static-1.0.1e-51.el7_2.7.i686.rpm openssl-static-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: openssl-1.0.1e-51.el7_2.7.src.rpm
x86_64: openssl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-libs-1.0.1e-51.el7_2.7.i686.rpm openssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
x86_64: openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-devel-1.0.1e-51.el7_2.7.i686.rpm openssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm openssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-static-1.0.1e-51.el7_2.7.i686.rpm openssl-static-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: openssl-1.0.1e-51.el7_2.7.src.rpm
ppc64: openssl-1.0.1e-51.el7_2.7.ppc64.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.ppc.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.ppc64.rpm openssl-devel-1.0.1e-51.el7_2.7.ppc.rpm openssl-devel-1.0.1e-51.el7_2.7.ppc64.rpm openssl-libs-1.0.1e-51.el7_2.7.ppc.rpm openssl-libs-1.0.1e-51.el7_2.7.ppc64.rpm
ppc64le: openssl-1.0.1e-51.el7_2.7.ppc64le.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.ppc64le.rpm openssl-devel-1.0.1e-51.el7_2.7.ppc64le.rpm openssl-libs-1.0.1e-51.el7_2.7.ppc64le.rpm
s390x: openssl-1.0.1e-51.el7_2.7.s390x.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.s390.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.s390x.rpm openssl-devel-1.0.1e-51.el7_2.7.s390.rpm openssl-devel-1.0.1e-51.el7_2.7.s390x.rpm openssl-libs-1.0.1e-51.el7_2.7.s390.rpm openssl-libs-1.0.1e-51.el7_2.7.s390x.rpm
x86_64: openssl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-devel-1.0.1e-51.el7_2.7.i686.rpm openssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm openssl-libs-1.0.1e-51.el7_2.7.i686.rpm openssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64: openssl-debuginfo-1.0.1e-51.el7_2.7.ppc.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.ppc64.rpm openssl-perl-1.0.1e-51.el7_2.7.ppc64.rpm openssl-static-1.0.1e-51.el7_2.7.ppc.rpm openssl-static-1.0.1e-51.el7_2.7.ppc64.rpm
ppc64le: openssl-debuginfo-1.0.1e-51.el7_2.7.ppc64le.rpm openssl-perl-1.0.1e-51.el7_2.7.ppc64le.rpm openssl-static-1.0.1e-51.el7_2.7.ppc64le.rpm
s390x: openssl-debuginfo-1.0.1e-51.el7_2.7.s390.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.s390x.rpm openssl-perl-1.0.1e-51.el7_2.7.s390x.rpm openssl-static-1.0.1e-51.el7_2.7.s390.rpm openssl-static-1.0.1e-51.el7_2.7.s390x.rpm
x86_64: openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-static-1.0.1e-51.el7_2.7.i686.rpm openssl-static-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: openssl-1.0.1e-51.el7_2.7.src.rpm
x86_64: openssl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-devel-1.0.1e-51.el7_2.7.i686.rpm openssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm openssl-libs-1.0.1e-51.el7_2.7.i686.rpm openssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64: openssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm openssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm openssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm openssl-static-1.0.1e-51.el7_2.7.i686.rpm openssl-static-1.0.1e-51.el7_2.7.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2016-2177 https://access.redhat.com/security/cve/CVE-2016-2178 https://access.redhat.com/security/cve/CVE-2016-2179 https://access.redhat.com/security/cve/CVE-2016-2180 https://access.redhat.com/security/cve/CVE-2016-2181 https://access.redhat.com/security/cve/CVE-2016-2182 https://access.redhat.com/security/cve/CVE-2016-6302 https://access.redhat.com/security/cve/CVE-2016-6304 https://access.redhat.com/security/cve/CVE-2016-6306 https://access.redhat.com/security/updates/classification/#important https://www.openssl.org/news/secadv/20160922.txt
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFX6nnFXlSAg2UNWIIRAqklAJ9uGMit/wxZ0CfuGjR7Vi2+AjmGMwCfTpEI xpTW7ApBLmKhVjs49DGYouI= =4VgY -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Additional information can be found at https://www.openssl.org/blog/blog/2016/06/27/undefined-pointer-arithmetic/
CVE-2016-2178
Cesar Pereida, Billy Brumley and Yuval Yarom discovered a timing
leak in the DSA code.
CVE-2016-2179 / CVE-2016-2181
Quan Luo and the OCAP audit team discovered denial of service
vulnerabilities in DTLS.
For the stable distribution (jessie), these problems have been fixed in version 1.0.1t-1+deb8u4.
For the unstable distribution (sid), these problems will be fixed soon. ========================================================================== Ubuntu Security Notice USN-3087-2 September 23, 2016
openssl regression
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary:
USN-3087-1 introduced a regression in OpenSSL. The fix for CVE-2016-2182 was incomplete and caused a regression when parsing certificates. This update fixes the problem.
We apologize for the inconvenience. This issue has only been addressed in Ubuntu 16.04 LTS in this update. (CVE-2016-2178) Quan Luo discovered that OpenSSL did not properly restrict the lifetime of queue entries in the DTLS implementation. (CVE-2016-2181) Shi Lei discovered that OpenSSL incorrectly validated division results. (CVE-2016-2182) Karthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES ciphers were vulnerable to birthday attacks. (CVE-2016-2183) Shi Lei discovered that OpenSSL incorrectly handled certain ticket lengths. (CVE-2016-6303) Shi Lei discovered that OpenSSL incorrectly performed certain message length checks. (CVE-2016-6306)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 16.04 LTS: libssl1.0.0 1.0.2g-1ubuntu4.5
Ubuntu 14.04 LTS: libssl1.0.0 1.0.1f-1ubuntu2.21
Ubuntu 12.04 LTS: libssl1.0.0 1.0.1-4ubuntu5.38
After a standard system update you need to reboot your computer to make all the necessary changes. OpenSSL Security Advisory [22 Sep 2016] ========================================
OCSP Status Request extension unbounded memory growth (CVE-2016-6304)
Severity: High
A malicious client can send an excessively large OCSP Status Request extension. If that client continually requests renegotiation, sending a large OCSP Status Request extension each time, then there will be unbounded memory growth on the server. This will eventually lead to a Denial Of Service attack through memory exhaustion. Servers with a default configuration are vulnerable even if they do not support OCSP. Builds using the "no-ocsp" build time option are not affected.
Servers using OpenSSL versions prior to 1.0.1g are not vulnerable in a default configuration, instead only if an application explicitly enables OCSP stapling support.
OpenSSL 1.1.0 users should upgrade to 1.1.0a OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 29th August 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL development team.
SSL_peek() hang on empty record (CVE-2016-6305)
Severity: Moderate
OpenSSL 1.1.0 SSL/TLS will hang during a call to SSL_peek() if the peer sends an empty record. This could be exploited by a malicious peer in a Denial Of Service attack.
OpenSSL 1.1.0 users should upgrade to 1.1.0a
This issue was reported to OpenSSL on 10th September 2016 by Alex Gaynor. The fix was developed by Matt Caswell of the OpenSSL development team.
SWEET32 Mitigation (CVE-2016-2183)
Severity: Low
SWEET32 (https://sweet32.info) is an attack on older block cipher algorithms that use a block size of 64 bits. In mitigation for the SWEET32 attack DES based ciphersuites have been moved from the HIGH cipherstring group to MEDIUM in OpenSSL 1.0.1 and OpenSSL 1.0.2. OpenSSL 1.1.0 since release has had these ciphersuites disabled by default.
OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 16th August 2016 by Karthikeyan Bhargavan and Gaetan Leurent (INRIA). The fix was developed by Rich Salz of the OpenSSL development team.
OOB write in MDC2_Update() (CVE-2016-6303)
Severity: Low
An overflow can occur in MDC2_Update() either if called directly or through the EVP_DigestUpdate() function using MDC2. If an attacker is able to supply very large amounts of input data after a previous call to EVP_EncryptUpdate() with a partial block then a length check can overflow resulting in a heap corruption.
The amount of data needed is comparable to SIZE_MAX which is impractical on most platforms.
OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 11th August 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL development team.
Malformed SHA512 ticket DoS (CVE-2016-6302)
Severity: Low
If a server uses SHA512 for TLS session ticket HMAC it is vulnerable to a DoS attack where a malformed ticket will result in an OOB read which will ultimately crash.
The use of SHA512 in TLS session tickets is comparatively rare as it requires a custom server callback and ticket lookup mechanism.
OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 19th August 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL development team.
OOB write in BN_bn2dec() (CVE-2016-2182)
Severity: Low
The function BN_bn2dec() does not check the return value of BN_div_word(). This can cause an OOB write if an application uses this function with an overly large BIGNUM. This could be a problem if an overly large certificate or CRL is printed out from an untrusted source. TLS is not affected because record limits will reject an oversized certificate before it is parsed.
OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 2nd August 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL development team.
OOB read in TS_OBJ_print_bio() (CVE-2016-2180)
Severity: Low
The function TS_OBJ_print_bio() misuses OBJ_obj2txt(): the return value is the total length the OID text representation would use and not the amount of data written. This will result in OOB reads when large OIDs are presented.
OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 21st July 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL development team.
Pointer arithmetic undefined behaviour (CVE-2016-2177)
Severity: Low
Avoid some undefined pointer arithmetic
A common idiom in the codebase is to check limits in the following manner: "p + len > limit"
Where "p" points to some malloc'd data of SIZE bytes and limit == p + SIZE
"len" here could be from some externally supplied data (e.g. from a TLS message).
The rules of C pointer arithmetic are such that "p + len" is only well defined where len <= SIZE. Therefore the above idiom is actually undefined behaviour.
For example this could cause problems if some malloc implementation provides an address for "p" such that "p + len" actually overflows for values of len that are too big and therefore p + len < limit.
OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 4th May 2016 by Guido Vranken. The fix was developed by Matt Caswell of the OpenSSL development team.
Constant time flag not preserved in DSA signing (CVE-2016-2178)
Severity: Low
Operations in the DSA signing algorithm should run in constant time in order to avoid side channel attacks. A flaw in the OpenSSL DSA implementation means that a non-constant time codepath is followed for certain operations. This has been demonstrated through a cache-timing attack to be sufficient for an attacker to recover the private DSA key.
OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 23rd May 2016 by César Pereida (Aalto University), Billy Brumley (Tampere University of Technology), and Yuval Yarom (The University of Adelaide and NICTA). The fix was developed by César Pereida.
DTLS buffered message DoS (CVE-2016-2179)
Severity: Low
In a DTLS connection where handshake messages are delivered out-of-order those messages that OpenSSL is not yet ready to process will be buffered for later use. Under certain circumstances, a flaw in the logic means that those messages do not get removed from the buffer even though the handshake has been completed. An attacker could force up to approx. 15 messages to remain in the buffer when they are no longer required. These messages will be cleared when the DTLS connection is closed. The default maximum size for a message is 100k. Therefore the attacker could force an additional 1500k to be consumed per connection. By opening many simulataneous connections an attacker could cause a DoS attack through memory exhaustion.
OpenSSL 1.0.2 DTLS users should upgrade to 1.0.2i OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 22nd June 2016 by Quan Luo. The fix was developed by Matt Caswell of the OpenSSL development team.
DTLS replay protection DoS (CVE-2016-2181)
Severity: Low
A flaw in the DTLS replay attack protection mechanism means that records that arrive for future epochs update the replay protection "window" before the MAC for the record has been validated. This could be exploited by an attacker by sending a record for the next epoch (which does not have to decrypt or have a valid MAC), with a very large sequence number. This means that all subsequent legitimate packets are dropped causing a denial of service for a specific DTLS connection.
OpenSSL 1.0.2 DTLS users should upgrade to 1.0.2i OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 21st November 2015 by the OCAP audit team. The fix was developed by Matt Caswell of the OpenSSL development team.
Certificate message OOB reads (CVE-2016-6306)
Severity: Low
In OpenSSL 1.0.2 and earlier some missing message length checks can result in OOB reads of up to 2 bytes beyond an allocated buffer. There is a theoretical DoS risk but this has not been observed in practice on common platforms.
The messages affected are client certificate, client certificate request and server certificate. As a result the attack can only be performed against a client or a server which enables client authentication.
OpenSSL 1.1.0 is not affected.
OpenSSL 1.0.2 users should upgrade to 1.0.2i OpenSSL 1.0.1 users should upgrade to 1.0.1u
This issue was reported to OpenSSL on 22nd August 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL development team.
Excessive allocation of memory in tls_get_message_header() (CVE-2016-6307)
Severity: Low
A TLS message includes 3 bytes for its length in the header for the message. This would allow for messages up to 16Mb in length. Messages of this length are excessive and OpenSSL includes a check to ensure that a peer is sending reasonably sized messages in order to avoid too much memory being consumed to service a connection. A flaw in the logic of version 1.1.0 means that memory for the message is allocated too early, prior to the excessive message length check. Due to way memory is allocated in OpenSSL this could mean an attacker could force up to 21Mb to be allocated to service a connection. This could lead to a Denial of Service through memory exhaustion. However, the excessive message length check still takes place, and this would cause the connection to immediately fail. Assuming that the application calls SSL_free() on the failed conneciton in a timely manner then the 21Mb of allocated memory will then be immediately freed again. Therefore the excessive memory allocation will be transitory in nature. This then means that there is only a security impact if:
1) The application does not call SSL_free() in a timely manner in the event that the connection fails or 2) The application is working in a constrained environment where there is very little free memory or 3) The attacker initiates multiple connection attempts such that there are multiple connections in a state where memory has been allocated for the connection; SSL_free() has not yet been called; and there is insufficient memory to service the multiple requests.
Except in the instance of (1) above any Denial Of Service is likely to be transitory because as soon as the connection fails the memory is subsequently freed again in the SSL_free() call. However there is an increased risk during this period of application crashes due to the lack of memory - which would then mean a more serious Denial of Service.
This issue does not affect DTLS users.
OpenSSL 1.1.0 TLS users should upgrade to 1.1.0a
This issue was reported to OpenSSL on 18th September 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL development team.
Excessive allocation of memory in dtls1_preprocess_fragment() (CVE-2016-6308)
Severity: Low
This issue is very similar to CVE-2016-6307. The underlying defect is different but the security analysis and impacts are the same except that it impacts DTLS.
A DTLS message includes 3 bytes for its length in the header for the message. This would allow for messages up to 16Mb in length. Messages of this length are excessive and OpenSSL includes a check to ensure that a peer is sending reasonably sized messages in order to avoid too much memory being consumed to service a connection. A flaw in the logic of version 1.1.0 means that memory for the message is allocated too early, prior to the excessive message length check. Due to way memory is allocated in OpenSSL this could mean an attacker could force up to 21Mb to be allocated to service a connection. This could lead to a Denial of Service through memory exhaustion. However, the excessive message length check still takes place, and this would cause the connection to immediately fail. Assuming that the application calls SSL_free() on the failed conneciton in a timely manner then the 21Mb of allocated memory will then be immediately freed again. Therefore the excessive memory allocation will be transitory in nature. This then means that there is only a security impact if:
1) The application does not call SSL_free() in a timely manner in the event that the connection fails or 2) The application is working in a constrained environment where there is very little free memory or 3) The attacker initiates multiple connection attempts such that there are multiple connections in a state where memory has been allocated for the connection; SSL_free() has not yet been called; and there is insufficient memory to service the multiple requests.
Except in the instance of (1) above any Denial Of Service is likely to be transitory because as soon as the connection fails the memory is subsequently freed again in the SSL_free() call. However there is an increased risk during this period of application crashes due to the lack of memory - which would then mean a more serious Denial of Service.
This issue does not affect TLS users.
OpenSSL 1.1.0 DTLS users should upgrade to 1.1.0a
This issue was reported to OpenSSL on 18th September 2016 by Shi Lei (Gear Team, Qihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL development team.
Note
As per our previous announcements and our Release Strategy (https://www.openssl.org/policies/releasestrat.html), support for OpenSSL version 1.0.1 will cease on 31st December 2016. No security updates for that version will be provided after that date. Users of 1.0.1 are advised to upgrade.
Support for versions 0.9.8 and 1.0.0 ended on 31st December 2015. Those versions are no longer receiving security updates.
References
URL for this Security Advisory: https://www.openssl.org/news/secadv/20160922.txt
Note: the online version of the advisory may be updated with additional details over time.
For details of OpenSSL severity classifications please see: https://www.openssl.org/policies/secpolicy.html
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201609-0031",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.1e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.1i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.1b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.1g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.1c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.1d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.1a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.1h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "1.0.1f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1q"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "7"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2f"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "6"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1m"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1s"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1l"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1t"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1r"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1p"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1o"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1n"
},
{
"model": "openssl",
"scope": "lt",
"trust": 0.8,
"vendor": "openssl",
"version": "1.1.0"
},
{
"model": "capssuite",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v3.0 to v4.0"
},
{
"model": "enterpriseidentitymanager",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "esmpro/serveragentservice",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "(linux edition )"
},
{
"model": "express5800",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "sg3600 all series"
},
{
"model": "ix1000 series",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "ix2000 series",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "ix3000 series",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "secureware/pki application development kit",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "ver3.2"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "enterprise v8.2 to v9.4"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "express v8.2 to v9.4"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "foundation v8.2 to v8.5"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "standard v8.2 to v9.4"
},
{
"model": "webotx enterprise service bus",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v8.2 to v8.5"
},
{
"model": "webotx portal",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v8.2 to v9.1"
},
{
"model": "stealthwatch udp director",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "0"
},
{
"model": "cloud web security",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 0.9.8m",
"scope": null,
"trust": 0.6,
"vendor": "openssl",
"version": null
},
{
"model": "paging server",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 0.9.8n",
"scope": null,
"trust": 0.6,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.0a",
"scope": null,
"trust": 0.6,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 0.9.8o",
"scope": null,
"trust": 0.6,
"vendor": "openssl",
"version": null
},
{
"model": "webex centers t32",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "sterling connect:express for unix ifix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.13150-13"
},
{
"model": "clean access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified contact center enterprise live data server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "nexus series blade switches 4.1 e1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4000"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.9"
},
{
"model": "telepresence content server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "proactive network operations center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 0.9.8f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.5"
},
{
"model": "project openssl 1.0.2i",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "69010"
},
{
"model": "anyconnect secure mobility client for linux",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.7"
},
{
"model": "ucs central software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance media server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 1.0.0d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.13"
},
{
"model": "stealthwatch management console",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 1.0.1e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "tivoli provisioning manager for os deployment 5.1.fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"model": "ios and cisco ios xe software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "16.2"
},
{
"model": "anyconnect secure mobility client for android",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.7"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.5"
},
{
"model": "project openssl 1.0.2g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 0.9.8u",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0"
},
{
"model": "jabber software development kit",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"model": "project openssl 1.0.1a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "computer telephony integration object server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified workforce optimization",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "industrial router 1.2.1rb4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "910"
},
{
"model": "nexus intercloud for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1000v0"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6"
},
{
"model": "powerkvm",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.14"
},
{
"model": "ip interoperability and collaboration system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "asr series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50000"
},
{
"model": "edge digital media player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3400"
},
{
"model": "project openssl 1.0.0g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "nexus series switches standalone nx-os mode",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9000-0"
},
{
"model": "unified contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network protection",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.3.1"
},
{
"model": "nexus series switches standalone nx-os mode 7.0 i5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9000-"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.11"
},
{
"model": "intelligent automation for cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus series switches 5.2.8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7000"
},
{
"model": "anyconnect secure mobility client for desktop platforms",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.26"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"model": "smartcloud entry appliance fi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.4"
},
{
"model": "jabber guest",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime license manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance ptz ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.9"
},
{
"model": "series digital media players 5.3.6 rb3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4300"
},
{
"model": "stealthwatch flowcollector sflow",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "visual quality experience server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.11"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2.2"
},
{
"model": "jd edwards enterpriseone tools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.1.1"
},
{
"model": "video surveillance series ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "60002.9"
},
{
"model": "content security management appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime collaboration provisioning",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6"
},
{
"model": "agent for openflow",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.3"
},
{
"model": "anyconnect secure mobility client for desktop platforms",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.4"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.8"
},
{
"model": "ons series multiservice provisioning platforms",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.15"
},
{
"model": "telepresence sx series ce8.2.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "prime collaboration assurance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "asa next-generation firewall services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "email security appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10.0.1"
},
{
"model": "project openssl 0.9.8w",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8200"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.9"
},
{
"model": "unified communications manager im \u0026 presence service (formerly c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ios and cisco ios xe software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "16.3"
},
{
"model": "webex meetings for blackberry",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.5"
},
{
"model": "lancope stealthwatch flowcollector sflow",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 1.0.1g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "9"
},
{
"model": "infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "10.1"
},
{
"model": "prime lan management solution",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "10.2"
},
{
"model": "security virtual server protection for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.1"
},
{
"model": "infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "10"
},
{
"model": "firesight system software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.0.1.3"
},
{
"model": "anyconnect secure mobility client for mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x4.0.7"
},
{
"model": "common services platform collector",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.11"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"model": "partner support service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "media services interface",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus intercloud",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1000v0"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.9"
},
{
"model": "project openssl 1.0.1i",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "prime collaboration assurance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6"
},
{
"model": "jabber for iphone and ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0"
},
{
"model": "email gateway 7.6.2h968406",
"scope": null,
"trust": 0.3,
"vendor": "mcafee",
"version": null
},
{
"model": "unified attendant console advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "common services platform collector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "anyconnect secure mobility client for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence mx series ce8.2.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "webex meetings client on-premises",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "unified wireless ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 1.0.1s",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "unified intelligence center",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6(1)"
},
{
"model": "services provisioning platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ucs b-series blade servers",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1.3"
},
{
"model": "nac appliance clean access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.6"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10000"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "tivoli provisioning manager for os deployment build",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.20290.1"
},
{
"model": "jabber for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "asa next-generation firewall services",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1.2"
},
{
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3.0.0"
},
{
"model": "unified sip proxy",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.405"
},
{
"model": "unified attendant console premium edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "api gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1.2.4.0"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.5"
},
{
"model": "services provisioning platform sfp1.1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "project openssl 0.9.8r",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "small business spa300 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.8"
},
{
"model": "mediasense",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mysql workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.1.5"
},
{
"model": "video surveillance series high-definition ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40000"
},
{
"model": "jabber for android",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"model": "anyconnect secure mobility client for desktop platforms",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3.4"
},
{
"model": "infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "12"
},
{
"model": "video surveillance series ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30002.9"
},
{
"model": "series digital media players 5.3.6 rb3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4400"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.20"
},
{
"model": "project openssl 1.0.1r",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "mysql workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.3.8"
},
{
"model": "project openssl 0.9.8y",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "cognos metrics manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"model": "stealthwatch identity",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "aironet series access points",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "270016.2"
},
{
"model": "application policy infrastructure controller",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2(1)"
},
{
"model": "general parallel file system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.0"
},
{
"model": "aironet series access points",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "270016.1"
},
{
"model": "unified workforce optimization quality management solution 11.5 su1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "show and share",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence system ex series tc7.3.7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "universal small cell iuh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.2"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.5"
},
{
"model": "infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "11.1"
},
{
"model": "tivoli provisioning manager for images",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.19"
},
{
"model": "ucs director",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tivoli provisioning manager for images build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.20280.6"
},
{
"model": "infinity",
"scope": "ne",
"trust": 0.3,
"vendor": "pexip",
"version": "13"
},
{
"model": "jabber client framework components",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"model": "project openssl 0.9.8p",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "telepresence isdn link",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence profile series tc7.3.7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings client on-premises t32",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "dcm series d9900 digital content manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70006.2.19"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.5.1"
},
{
"model": "unified attendant console business edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "aironet series access points",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "270016.4"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.54"
},
{
"model": "powerkvm",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "enterprise manager ops center",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1.4"
},
{
"model": "mds series multilayer switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"model": "prime network services controller 1.01u",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "oss support tools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.9.15.9.8"
},
{
"model": "firesight system software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.4.0.10"
},
{
"model": "worklight consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.0"
},
{
"model": "universal small cell series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50000"
},
{
"model": "nexus series switches 5.2 sv3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1000v"
},
{
"model": "telepresence system tx1310",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified communications domain manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence server on multiparty media and",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3103204.4"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.4"
},
{
"model": "tivoli provisioning manager for os deployment build",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1051.08"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.10"
},
{
"model": "project openssl 1.0.2h",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "nac guest server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "enterprise content delivery system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.11"
},
{
"model": "anyconnect secure mobility client for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.1"
},
{
"model": "telepresence system ex series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime collaboration deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex business suite",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "dx series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ios and cisco ios xe software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "15.5(3)"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.18"
},
{
"model": "anyconnect secure mobility client for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus series blade switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40000"
},
{
"model": "project openssl 0.9.8q",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.11"
},
{
"model": "telepresence system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "500-376.1"
},
{
"model": "jabber for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"model": "telepresence profile series ce8.2.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "enterprise manager base platform",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "13.1.0.0"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.10"
},
{
"model": "ace30 application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.28"
},
{
"model": "edge digital media player 1.6rb5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "300"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.12"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "69450"
},
{
"model": "telepresence isdn gateway mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83210"
},
{
"model": "wireless lan controller",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.4"
},
{
"model": "jabber software development kit",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "uc integration for microsoft lync",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6.3"
},
{
"model": "unified contact center enterprise",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6.1"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.404"
},
{
"model": "telepresence system tx1310",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1"
},
{
"model": "spa112 2-port phone adapter",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.4.2"
},
{
"model": "tivoli provisioning manager for os deployment build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.151.05"
},
{
"model": "connected grid routers",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.3"
},
{
"model": "transportation management",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.4.1.2"
},
{
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3"
},
{
"model": "enterprise manager base platform",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.33"
},
{
"model": "telepresence mx series tc7.3.7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ip interoperability and collaboration system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0(1)"
},
{
"model": "project openssl 1.0.1c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "spa122 analog telephone adapter with router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "universal small cell series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "50003.5.12.23"
},
{
"model": "universal small cell series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50003.4.2.0"
},
{
"model": "connected grid routers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "uc integration for microsoft lync",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0.1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8v"
},
{
"model": "project openssl 1.0.1f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.401"
},
{
"model": "project openssl 1.0.2a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.8"
},
{
"model": "unity express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.7"
},
{
"model": "project openssl 1.0.2f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.21"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "13000"
},
{
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.0"
},
{
"model": "tivoli provisioning manager for images",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.0"
},
{
"model": "tandberg codian isdn gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "email gateway 7.6.405h1165239",
"scope": null,
"trust": 0.3,
"vendor": "mcafee",
"version": null
},
{
"model": "jabber guest",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11"
},
{
"model": "project openssl 0.9.8g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.9"
},
{
"model": "business intelligence enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1.1.9.0"
},
{
"model": "digital media manager 5.3.6 rb3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "series digital media players",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44000"
},
{
"model": "ata series analog terminal adaptors",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1901.3"
},
{
"model": "prime network services controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ata series analog terminal adaptors",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1900"
},
{
"model": "asr series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "500021.2"
},
{
"model": "project openssl 1.0.1t",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500-37"
},
{
"model": "ons series multiservice provisioning platforms",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1545410.7"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.12"
},
{
"model": "telepresence system series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "cognos metrics manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"model": "broadband access center telco and wireless",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.19"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2.3"
},
{
"model": "worklight consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.2"
},
{
"model": "hosted collaboration mediation fulfillment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified communications manager session management edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.19"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.2"
},
{
"model": "security guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.2"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.25"
},
{
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.0"
},
{
"model": "webex meetings server multimedia platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "unified ip conference phone 10.3.1sr4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8831"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.7"
},
{
"model": "prime network registrar",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.3.5"
},
{
"model": "project openssl 1.0.2d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "series stackable managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"model": "prime access registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "onepk all-in-one vm",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified intelligent contact management enterprise",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6.1"
},
{
"model": "stealthwatch flowcollector netflow",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.3.2"
},
{
"model": "ucs manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.11"
},
{
"model": "prime optical",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "network analysis module",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2(2)"
},
{
"model": "series stackable",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"model": "video surveillance 4300e and 4500e high-definition ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified attendant console department edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ip series phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "78000"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "27000"
},
{
"model": "onepk all-in-one virtual machine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "industrial router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9100"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.1"
},
{
"model": "unified intelligence center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "11"
},
{
"model": "video distribution suite for internet streaming",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "13006.1"
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.116"
},
{
"model": "cloupia unified infrastructure controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 0.9.8l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50000"
},
{
"model": "telepresence system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11006.1"
},
{
"model": "agent desktop for cisco unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "packaged contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.0"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"model": "adaptive security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.2"
},
{
"model": "telepresence sx series tc7.3.7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "project openssl 1.0.1u",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "cognos metrics manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "project openssl 1.0.1n",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "nac appliance clean access server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "project openssl 1.0.1o",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"model": "firesight system software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1.0.1"
},
{
"model": "webex meetings for windows phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "80"
},
{
"model": "spa232d multi-line dect analog telephone adapter",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime optical for service providers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smart care",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "8"
},
{
"model": "security network protection",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.11"
},
{
"model": "project openssl 1.0.0i",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "universal small cell cloudbase factory recovery root filesystem",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.99.4"
},
{
"model": "edge digital media player 1.2rb1.0.3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "340"
},
{
"model": "network performance analysis",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "60006.2.19"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.55"
},
{
"model": "unified ip conference phone for third-party call control",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "project openssl 1.0.2e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "webex meetings for windows phone",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "82.8"
},
{
"model": "security guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "project openssl 1.0.1q",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "universal small cell cloudbase factory recovery root filesystem",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.7"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.0"
},
{
"model": "secure access control system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.8.0.32.7"
},
{
"model": "telepresence integrator c series ce8.2.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "agent desktop",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "tivoli provisioning manager for os deployment intirim fix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.133"
},
{
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.3"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2"
},
{
"model": "webex meetings client hosted",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.13"
},
{
"model": "content security management appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1.140"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.8"
},
{
"model": "security virtual server protection for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"model": "nexus series switches 5.2.8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6000"
},
{
"model": "intrusion prevention system solutions",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified ip conference phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"model": "project openssl 1.0.0e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2.1"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.14"
},
{
"model": "smartcloud entry appliance fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.4"
},
{
"model": "jabber client framework components",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime ip express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified sip proxy software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10"
},
{
"model": "telepresence system tx9000",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"model": "mysql workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.1.4"
},
{
"model": "security manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jabber for mac",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"model": "netflow generation appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.403"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8x"
},
{
"model": "unified sip proxy software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mysql enterprise monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.1.4.7895"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "99510"
},
{
"model": "mobility services engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89450"
},
{
"model": "telepresence supervisor mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "80500"
},
{
"model": "tivoli provisioning manager for os deployment build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.20280.6"
},
{
"model": "telepresence server and mse",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "701087104.4"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.10"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.6"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.12"
},
{
"model": "ucs series and series fabric interconnects",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "620063000"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2.2"
},
{
"model": "webex meeting center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.11"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.4"
},
{
"model": "project openssl 0.9.8t",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "lotus protector for mail security",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.8.3.0"
},
{
"model": "netflow generation appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.1(1)"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.13"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.6"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.5.2"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2.2"
},
{
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.71"
},
{
"model": "socialminer",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "powerkvm update",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.1.3-6513"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.28"
},
{
"model": "project openssl 1.0.0c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "spa112 2-port phone adapter",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance series high-definition ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "40002.9"
},
{
"model": "intracer",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.29"
},
{
"model": "tivoli provisioning manager for os deployment build",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1051.07"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.3"
},
{
"model": "spa51x ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jabber for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "oss support tools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.8.15.7.15"
},
{
"model": "transportation management",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.1"
},
{
"model": "business intelligence enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.2.1.3.0"
},
{
"model": "prime infrastructure",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "telepresence video communication server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "9.1"
},
{
"model": "video surveillance 4300e and 4500e high-definition ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.9"
},
{
"model": "powerkvm update",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1.0.23"
},
{
"model": "computer telephony integration object server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6.1"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11000"
},
{
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "7"
},
{
"model": "telepresence sx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence server on multiparty media and",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3103200"
},
{
"model": "small business series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3000"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.24"
},
{
"model": "content security appliance update servers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified attendant console",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 1.0.0f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "99710"
},
{
"model": "videoscape anyres live",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9.7.2"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.6"
},
{
"model": "security guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.0.2"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.4"
},
{
"model": "firesight system software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.4.1.9"
},
{
"model": "universal small cell iuh",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.17.3"
},
{
"model": "ata analog telephone adaptor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1870"
},
{
"model": "project openssl 1.0.0j",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.0b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.2"
},
{
"model": "project openssl 1.0.1m",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "ios and cisco ios xe software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "16.4"
},
{
"model": "telepresence system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "500-326.1"
},
{
"model": "unity express",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10"
},
{
"model": "expressway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "virtualization experience media edition",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"model": "vm virtualbox",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "5.1.8"
},
{
"model": "small business series managed switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3000"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.3.1"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.6"
},
{
"model": "telepresence system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "10006.1"
},
{
"model": "telepresence isdn gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32410"
},
{
"model": "telepresence mcu",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "edge digital media player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3000"
},
{
"model": "series smart plus switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2200"
},
{
"model": "enterprise manager ops center",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.2.2"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"model": "smartcloud entry appliance fi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4.0.4"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1000v0"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.6"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "virtual security gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mysql enterprise monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.4.1102"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.5"
},
{
"model": "telepresence tx9000 series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smartcloud entry appliance fp",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2.0.4"
},
{
"model": "project openssl 1.0.1j",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.0x"
},
{
"model": "series digital media players",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "43000"
},
{
"model": "telepresence system series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30006.1"
},
{
"model": "universal small cell series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70003.4.2.0"
},
{
"model": "unity connection",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.4"
},
{
"model": "one portal",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.13"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.12"
},
{
"model": "ucs b-series blade servers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"model": "unified attendant console standard",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ucs standalone c-series rack server integrated management cont",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "security network protection",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2.5"
},
{
"model": "telepresence integrator c series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 1.0.1d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.32"
},
{
"model": "enterprise content delivery system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.9"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.5.1"
},
{
"model": "infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "7"
},
{
"model": "mds series multilayer switches 5.2.8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9000"
},
{
"model": "series digital media players 5.4.1 rb4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4300"
},
{
"model": "ucs standalone c-series rack server integrated management cont",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "-3.0"
},
{
"model": "ios and cisco ios xe software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "16.1"
},
{
"model": "infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "4"
},
{
"model": "prime network",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence tx9000 series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1"
},
{
"model": "prime performance manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smart net total care local collector appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "prime collaboration provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "connected grid routers",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "15.8.9"
},
{
"model": "network analysis module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "commerce experience manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.5.2"
},
{
"model": "nexus series fabric switches aci mode",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9000-0"
},
{
"model": "prime performance manager sp1611",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.7"
},
{
"model": "worklight consumer edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.1"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.12"
},
{
"model": "lancope stealthwatch flowcollector netflow",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.22"
},
{
"model": "unified ip phone 9.3 sr3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6901"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.23"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.16"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.10"
},
{
"model": "telepresence server and mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "701087100"
},
{
"model": "infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "12.2"
},
{
"model": "mds series multilayer switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "90006.2.19"
},
{
"model": "aironet series access points",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "270015.5(3)"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500-32"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.30"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.4"
},
{
"model": "telepresence server on virtual machine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mysql enterprise monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.3.0.1098"
},
{
"model": "webex meetings for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus series switches 5.2.8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"model": "digital media manager 5.4.1 rb4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "unified workforce optimization quality management solution",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "-0"
},
{
"model": "telepresence integrator c series tc7.3.7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.3"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.13"
},
{
"model": "spa122 analog telephone adapter with router",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.4.2"
},
{
"model": "cloud object storage",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.5"
},
{
"model": "rrdi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.1"
},
{
"model": "project openssl 1.0.0h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0"
},
{
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.2"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.14"
},
{
"model": "ios xr software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.3"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.4"
},
{
"model": "project openssl",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "1.1"
},
{
"model": "unified intelligent contact management enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2.4"
},
{
"model": "application and content networking system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 1.0.1k",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "anyconnect secure mobility client for ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "business intelligence enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1.1.7.0"
},
{
"model": "ace application control engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "47100"
},
{
"model": "oss support tools",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "8.15.17.3.14"
},
{
"model": "anyconnect secure mobility client for mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x0"
},
{
"model": "business intelligence enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.2.1.2.0"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.4.1.2"
},
{
"model": "tivoli provisioning manager for images build",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.20290.1"
},
{
"model": "project openssl 1.0.0k",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.2"
},
{
"model": "prime infrastructure plug and play standalone gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "virtual security gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1.6"
},
{
"model": "nexus series switches",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "50006.2.19"
},
{
"model": "telepresence conductor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.3"
},
{
"model": "application policy infrastructure controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jabber for mac",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "8.1"
},
{
"model": "jabber for iphone and ipad",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.8"
},
{
"model": "prime network registrar",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.3"
},
{
"model": "cognos metrics manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2"
},
{
"model": "infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "12.1"
},
{
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "worklight enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.1"
},
{
"model": "telepresence video communication server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x8.8.3"
},
{
"model": "connected analytics for collaboration",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.16"
},
{
"model": "series digital media players 5.4.1 rb4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4400"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0"
},
{
"model": "multicast manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "aironet series access points",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "270016.3"
},
{
"model": "sterling b2b integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"model": "anyconnect secure mobility client for ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.7"
},
{
"model": "infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "5"
},
{
"model": "secure access control system",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.8.0.32.8"
},
{
"model": "webex node for mcs",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence mcu",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5(1.89)"
},
{
"model": "management appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "anyconnect secure mobility client for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.7"
},
{
"model": "videoscape anyres live",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance ptz ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video distribution suite for internet streaming",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.003(002)"
},
{
"model": "project openssl 0.9.8s",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.31"
},
{
"model": "telepresence serial gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence server on multiparty media",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8204.4"
},
{
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "project openssl 1.0.2c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.13"
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.400"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89610"
},
{
"model": "expressway series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x8.8.3"
},
{
"model": "commerce guided search",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.3"
},
{
"model": "prime network",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "431"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500-320"
},
{
"model": "unified attendant console enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "small business spa500 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0.26"
},
{
"model": "tivoli provisioning manager for os deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"model": "network analysis module 6.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "telepresence system ex series ce8.2.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "prime data center network manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mxe series media experience engines",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "35000"
},
{
"model": "project openssl 1.0.2b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "universal small cell cloudbase factory recovery root filesystem",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.17.3"
},
{
"model": "videoscape control suite",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tandberg codian mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83200"
},
{
"model": "ip series phones vpn feature",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8800-0"
},
{
"model": "mobilefirst platform foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.0"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.9"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.3"
},
{
"model": "emergency responder",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.27"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.17"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.18"
},
{
"model": "enterprise manager base platform",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "13.2.0.0"
},
{
"model": "unified meetingplace 8.6mr1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "email gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.406-3402.103"
},
{
"model": "telepresence mx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tapi service provider",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance series ip cameras",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70002.9"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500-370"
},
{
"model": "spa525g 5-line ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence profile series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "secure access control system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.22"
},
{
"model": "unified ip conference phone for third-party call control 9.3 sr3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8831"
},
{
"model": "unified ip series phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "79000"
},
{
"model": "spa232d multi-line dect analog telephone adapter",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.4.2"
},
{
"model": "nexus series fabric switches aci mode",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9000-0"
},
{
"model": "visual quality experience tools server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "virtualization experience media edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "enterprise manager ops center",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.3.2"
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "email gateway 7.6.405h1157986",
"scope": null,
"trust": 0.3,
"vendor": "mcafee",
"version": null
},
{
"model": "project openssl 1.0.1l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "registered envelope service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "universal small cell series",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "70003.5.12.23"
},
{
"model": "firesight system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smartcloud entry appliance fi",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.0.4"
},
{
"model": "webex meetings client hosted t32",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.7.15"
},
{
"model": "unified meetingplace",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security virtual server protection for vmware",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1"
},
{
"model": "unified contact center express",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.6"
},
{
"model": "infinity",
"scope": "eq",
"trust": 0.3,
"vendor": "pexip",
"version": "6"
},
{
"model": "tivoli provisioning manager for images system edition",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x7.1.1.0"
},
{
"model": "webex meetings server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.1.30"
},
{
"model": "project openssl 1.0.1h",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "email gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.6.402"
},
{
"model": "project openssl 1.0.1p",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "92987"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004778"
},
{
"db": "NVD",
"id": "CVE-2016-2179"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-103"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1m:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1j:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1h:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1r:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2g:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2h:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1t:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1p:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1k:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1n:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1q:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1l:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1o:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1i:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.2d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-2179"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201609-103"
}
],
"trust": 0.6
},
"cve": "CVE-2016-2179",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2016-2179",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2016-2179",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-2179",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201609-103",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2016-2179",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-2179"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004778"
},
{
"db": "NVD",
"id": "CVE-2016-2179"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-103"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The DTLS implementation in OpenSSL before 1.1.0 does not properly restrict the lifetime of queue entries associated with unused out-of-order messages, which allows remote attackers to cause a denial of service (memory consumption) by maintaining many crafted DTLS sessions simultaneously, related to d1_lib.c, statem_dtls.c, statem_lib.c, and statem_srvr.c. OpenSSL is prone to multiple denial-of-service vulnerabilities. \nAn attacker can exploit these issues to cause a denial-of-service condition. \nVersions prior to OpenSSL 1.1.0 are vulnerable. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: openssl security update\nAdvisory ID: RHSA-2016:1940-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2016-1940.html\nIssue date: 2016-09-27\nCVE Names: CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 \n CVE-2016-2180 CVE-2016-2181 CVE-2016-2182 \n CVE-2016-6302 CVE-2016-6304 CVE-2016-6306 \n=====================================================================\n\n1. Summary:\n\nAn update for openssl is now available for Red Hat Enterprise Linux 6 and\nRed Hat Enterprise Linux 7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Desktop (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux HPC Node (v. 6) - x86_64\nRed Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64\nRed Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - x86_64\n\n3. Description:\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and\nTransport Layer Security (TLS) protocols, as well as a full-strength\ngeneral-purpose cryptography library. A remote attacker\ncould cause a TLS server using OpenSSL to consume an excessive amount of\nmemory and, possibly, exit unexpectedly after exhausting all available\nmemory, if it enabled OCSP stapling support. \n(CVE-2016-2178)\n\n* It was discovered that the Datagram TLS (DTLS) implementation could fail\nto release memory in certain cases. A malicious DTLS client could cause a\nDTLS server using OpenSSL to consume an excessive amount of memory and,\npossibly, exit unexpectedly after exhausting all available memory. A remote attacker could possibly use this flaw\nto make a DTLS server using OpenSSL to reject further packets sent from a\nDTLS client over an established DTLS connection. (CVE-2016-2181)\n\n* An out of bounds write flaw was discovered in the OpenSSL BN_bn2dec()\nfunction. (CVE-2016-2182)\n\n* A flaw was found in the DES/3DES cipher was used as part of the TLS/SSL\nprotocol. A man-in-the-middle attacker could use this flaw to recover some\nplaintext data by capturing large amounts of encrypted traffic between\nTLS/SSL server and client if the communication used a DES/3DES based\nciphersuite. (CVE-2016-2183)\n\nThis update mitigates the CVE-2016-2183 issue by lowering priority of DES\ncipher suites so they are not preferred over cipher suites using AES. For\ncompatibility reasons, DES cipher suites remain enabled by default and\nincluded in the set of cipher suites identified by the HIGH cipher string. \nFuture updates may move them to MEDIUM or not enable them by default. \n\n* An integer underflow flaw leading to a buffer over-read was found in the\nway OpenSSL parsed TLS session tickets. (CVE-2016-6302)\n\n* Multiple integer overflow flaws were found in the way OpenSSL performed\npointer arithmetic. A remote attacker could possibly use these flaws to\ncause a TLS/SSL server or client using OpenSSL to crash. (CVE-2016-2177)\n\n* An out of bounds read flaw was found in the way OpenSSL formatted Public\nKey Infrastructure Time-Stamp Protocol data for printing. An attacker could\npossibly cause an application using OpenSSL to crash if it printed time\nstamp data from the attacker. A remote attacker could\npossibly use these flaws to crash a TLS/SSL server or client using OpenSSL. \n(CVE-2016-6306)\n\nRed Hat would like to thank the OpenSSL project for reporting CVE-2016-6304\nand CVE-2016-6306 and OpenVPN for reporting CVE-2016-2183. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library\nmust be restarted, or the system rebooted. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1341705 - CVE-2016-2177 openssl: Possible integer overflow vulnerabilities in codebase\n1343400 - CVE-2016-2178 openssl: Non-constant time codepath followed for certain operations in DSA implementation\n1359615 - CVE-2016-2180 OpenSSL: OOB read in TS_OBJ_print_bio()\n1367340 - CVE-2016-2182 openssl: Out-of-bounds write caused by unchecked errors in BN_bn2dec()\n1369113 - CVE-2016-2181 openssl: DTLS replay protection bypass allows DoS against DTLS connection\n1369383 - CVE-2016-2183 SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)\n1369504 - CVE-2016-2179 openssl: DTLS memory exhaustion DoS when messages are not removed from fragment buffer\n1369855 - CVE-2016-6302 openssl: Insufficient TLS session ticket HMAC length checks\n1377594 - CVE-2016-6306 openssl: certificate message OOB reads\n1377600 - CVE-2016-6304 openssl: OCSP Status Request extension unbounded memory growth\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 6):\n\nSource:\nopenssl-1.0.1e-48.el6_8.3.src.rpm\n\ni386:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\n\nx86_64:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Optional (v. 6):\n\ni386:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-static-1.0.1e-48.el6_8.3.i686.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-static-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node (v. 6):\n\nSource:\nopenssl-1.0.1e-48.el6_8.3.src.rpm\n\nx86_64:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Optional (v. 6):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-static-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 6):\n\nSource:\nopenssl-1.0.1e-48.el6_8.3.src.rpm\n\ni386:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\n\nppc64:\nopenssl-1.0.1e-48.el6_8.3.ppc.rpm\nopenssl-1.0.1e-48.el6_8.3.ppc64.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.ppc.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.ppc64.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.ppc.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.ppc64.rpm\n\ns390x:\nopenssl-1.0.1e-48.el6_8.3.s390.rpm\nopenssl-1.0.1e-48.el6_8.3.s390x.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.s390.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.s390x.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.s390.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.s390x.rpm\n\nx86_64:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 6):\n\ni386:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-static-1.0.1e-48.el6_8.3.i686.rpm\n\nppc64:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.ppc64.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.ppc64.rpm\nopenssl-static-1.0.1e-48.el6_8.3.ppc64.rpm\n\ns390x:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.s390x.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.s390x.rpm\nopenssl-static-1.0.1e-48.el6_8.3.s390x.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-static-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 6):\n\nSource:\nopenssl-1.0.1e-48.el6_8.3.src.rpm\n\ni386:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\n\nx86_64:\nopenssl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-devel-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 6):\n\ni386:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.i686.rpm\nopenssl-static-1.0.1e-48.el6_8.3.i686.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-perl-1.0.1e-48.el6_8.3.x86_64.rpm\nopenssl-static-1.0.1e-48.el6_8.3.x86_64.rpm\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nopenssl-1.0.1e-51.el7_2.7.src.rpm\n\nx86_64:\nopenssl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-static-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-static-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nopenssl-1.0.1e-51.el7_2.7.src.rpm\n\nx86_64:\nopenssl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-static-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-static-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nopenssl-1.0.1e-51.el7_2.7.src.rpm\n\nppc64:\nopenssl-1.0.1e-51.el7_2.7.ppc64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.ppc.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.ppc64.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.ppc.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.ppc64.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.ppc.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.ppc64.rpm\n\nppc64le:\nopenssl-1.0.1e-51.el7_2.7.ppc64le.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.ppc64le.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.ppc64le.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.ppc64le.rpm\n\ns390x:\nopenssl-1.0.1e-51.el7_2.7.s390x.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.s390.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.s390x.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.s390.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.s390x.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.s390.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.s390x.rpm\n\nx86_64:\nopenssl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.ppc.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.ppc64.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.ppc64.rpm\nopenssl-static-1.0.1e-51.el7_2.7.ppc.rpm\nopenssl-static-1.0.1e-51.el7_2.7.ppc64.rpm\n\nppc64le:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.ppc64le.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.ppc64le.rpm\nopenssl-static-1.0.1e-51.el7_2.7.ppc64le.rpm\n\ns390x:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.s390.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.s390x.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.s390x.rpm\nopenssl-static-1.0.1e-51.el7_2.7.s390.rpm\nopenssl-static-1.0.1e-51.el7_2.7.s390x.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-static-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-static-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nopenssl-1.0.1e-51.el7_2.7.src.rpm\n\nx86_64:\nopenssl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-devel-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-libs-1.0.1e-51.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-debuginfo-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-perl-1.0.1e-51.el7_2.7.x86_64.rpm\nopenssl-static-1.0.1e-51.el7_2.7.i686.rpm\nopenssl-static-1.0.1e-51.el7_2.7.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2016-2177\nhttps://access.redhat.com/security/cve/CVE-2016-2178\nhttps://access.redhat.com/security/cve/CVE-2016-2179\nhttps://access.redhat.com/security/cve/CVE-2016-2180\nhttps://access.redhat.com/security/cve/CVE-2016-2181\nhttps://access.redhat.com/security/cve/CVE-2016-2182\nhttps://access.redhat.com/security/cve/CVE-2016-6302\nhttps://access.redhat.com/security/cve/CVE-2016-6304\nhttps://access.redhat.com/security/cve/CVE-2016-6306\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://www.openssl.org/news/secadv/20160922.txt\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFX6nnFXlSAg2UNWIIRAqklAJ9uGMit/wxZ0CfuGjR7Vi2+AjmGMwCfTpEI\nxpTW7ApBLmKhVjs49DGYouI=\n=4VgY\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. Additional information can be found at\n https://www.openssl.org/blog/blog/2016/06/27/undefined-pointer-arithmetic/ \n\nCVE-2016-2178\n\n Cesar Pereida, Billy Brumley and Yuval Yarom discovered a timing\n leak in the DSA code. \n\nCVE-2016-2179 / CVE-2016-2181\n\n Quan Luo and the OCAP audit team discovered denial of service\n vulnerabilities in DTLS. \n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 1.0.1t-1+deb8u4. \n\nFor the unstable distribution (sid), these problems will be fixed soon. ==========================================================================\nUbuntu Security Notice USN-3087-2\nSeptember 23, 2016\n\nopenssl regression\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 16.04 LTS\n- Ubuntu 14.04 LTS\n- Ubuntu 12.04 LTS\n\nSummary:\n\nUSN-3087-1 introduced a regression in OpenSSL. The fix for CVE-2016-2182 was\nincomplete and caused a regression when parsing certificates. This update\nfixes the problem. \n\nWe apologize for the inconvenience. This\n issue has only been addressed in Ubuntu 16.04 LTS in this update. (CVE-2016-2178)\n Quan Luo discovered that OpenSSL did not properly restrict the lifetime\n of queue entries in the DTLS implementation. (CVE-2016-2181)\n Shi Lei discovered that OpenSSL incorrectly validated division results. \n (CVE-2016-2182)\n Karthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES\n ciphers were vulnerable to birthday attacks. \n (CVE-2016-2183)\n Shi Lei discovered that OpenSSL incorrectly handled certain ticket lengths. (CVE-2016-6303)\n Shi Lei discovered that OpenSSL incorrectly performed certain message\n length checks. (CVE-2016-6306)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 16.04 LTS:\n libssl1.0.0 1.0.2g-1ubuntu4.5\n\nUbuntu 14.04 LTS:\n libssl1.0.0 1.0.1f-1ubuntu2.21\n\nUbuntu 12.04 LTS:\n libssl1.0.0 1.0.1-4ubuntu5.38\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. \nOpenSSL Security Advisory [22 Sep 2016]\n========================================\n\nOCSP Status Request extension unbounded memory growth (CVE-2016-6304)\n=====================================================================\n\nSeverity: High\n\nA malicious client can send an excessively large OCSP Status Request extension. \nIf that client continually requests renegotiation, sending a large OCSP Status\nRequest extension each time, then there will be unbounded memory growth on the\nserver. This will eventually lead to a Denial Of Service attack through memory\nexhaustion. Servers with a default configuration are vulnerable even if they do\nnot support OCSP. Builds using the \"no-ocsp\" build time option are not affected. \n\nServers using OpenSSL versions prior to 1.0.1g are not vulnerable in a default\nconfiguration, instead only if an application explicitly enables OCSP stapling\nsupport. \n\nOpenSSL 1.1.0 users should upgrade to 1.1.0a\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 29th August 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL\ndevelopment team. \n\nSSL_peek() hang on empty record (CVE-2016-6305)\n===============================================\n\nSeverity: Moderate\n\nOpenSSL 1.1.0 SSL/TLS will hang during a call to SSL_peek() if the peer sends an\nempty record. This could be exploited by a malicious peer in a Denial Of Service\nattack. \n\nOpenSSL 1.1.0 users should upgrade to 1.1.0a\n\nThis issue was reported to OpenSSL on 10th September 2016 by Alex Gaynor. The\nfix was developed by Matt Caswell of the OpenSSL development team. \n\nSWEET32 Mitigation (CVE-2016-2183)\n==================================\n\nSeverity: Low\n\nSWEET32 (https://sweet32.info) is an attack on older block cipher algorithms\nthat use a block size of 64 bits. In mitigation for the SWEET32 attack DES based\nciphersuites have been moved from the HIGH cipherstring group to MEDIUM in\nOpenSSL 1.0.1 and OpenSSL 1.0.2. OpenSSL 1.1.0 since release has had these\nciphersuites disabled by default. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 16th August 2016 by Karthikeyan\nBhargavan and Gaetan Leurent (INRIA). The fix was developed by Rich Salz of the\nOpenSSL development team. \n\nOOB write in MDC2_Update() (CVE-2016-6303)\n==========================================\n\nSeverity: Low\n\nAn overflow can occur in MDC2_Update() either if called directly or\nthrough the EVP_DigestUpdate() function using MDC2. If an attacker\nis able to supply very large amounts of input data after a previous\ncall to EVP_EncryptUpdate() with a partial block then a length check\ncan overflow resulting in a heap corruption. \n\nThe amount of data needed is comparable to SIZE_MAX which is impractical\non most platforms. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 11th August 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL\ndevelopment team. \n\nMalformed SHA512 ticket DoS (CVE-2016-6302)\n===========================================\n\nSeverity: Low\n\nIf a server uses SHA512 for TLS session ticket HMAC it is vulnerable to a\nDoS attack where a malformed ticket will result in an OOB read which will\nultimately crash. \n\nThe use of SHA512 in TLS session tickets is comparatively rare as it requires\na custom server callback and ticket lookup mechanism. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 19th August 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL\ndevelopment team. \n\nOOB write in BN_bn2dec() (CVE-2016-2182)\n========================================\n\nSeverity: Low\n\nThe function BN_bn2dec() does not check the return value of BN_div_word(). \nThis can cause an OOB write if an application uses this function with an\noverly large BIGNUM. This could be a problem if an overly large certificate\nor CRL is printed out from an untrusted source. TLS is not affected because\nrecord limits will reject an oversized certificate before it is parsed. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 2nd August 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL\ndevelopment team. \n\nOOB read in TS_OBJ_print_bio() (CVE-2016-2180)\n==============================================\n\nSeverity: Low\n\nThe function TS_OBJ_print_bio() misuses OBJ_obj2txt(): the return value is\nthe total length the OID text representation would use and not the amount\nof data written. This will result in OOB reads when large OIDs are presented. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 21st July 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL\ndevelopment team. \n\nPointer arithmetic undefined behaviour (CVE-2016-2177)\n======================================================\n\nSeverity: Low\n\nAvoid some undefined pointer arithmetic\n\nA common idiom in the codebase is to check limits in the following manner:\n\"p + len \u003e limit\"\n\nWhere \"p\" points to some malloc\u0027d data of SIZE bytes and\nlimit == p + SIZE\n\n\"len\" here could be from some externally supplied data (e.g. from a TLS\nmessage). \n\nThe rules of C pointer arithmetic are such that \"p + len\" is only well\ndefined where len \u003c= SIZE. Therefore the above idiom is actually\nundefined behaviour. \n\nFor example this could cause problems if some malloc implementation\nprovides an address for \"p\" such that \"p + len\" actually overflows for\nvalues of len that are too big and therefore p + len \u003c limit. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 4th May 2016 by Guido Vranken. The\nfix was developed by Matt Caswell of the OpenSSL development team. \n\nConstant time flag not preserved in DSA signing (CVE-2016-2178)\n===============================================================\n\nSeverity: Low\n\nOperations in the DSA signing algorithm should run in constant time in order to\navoid side channel attacks. A flaw in the OpenSSL DSA implementation means that\na non-constant time codepath is followed for certain operations. This has been\ndemonstrated through a cache-timing attack to be sufficient for an attacker to\nrecover the private DSA key. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 23rd May 2016 by C\u00e9sar Pereida (Aalto\nUniversity), Billy Brumley (Tampere University of Technology), and Yuval Yarom\n(The University of Adelaide and NICTA). The fix was developed by C\u00e9sar Pereida. \n\nDTLS buffered message DoS (CVE-2016-2179)\n=========================================\n\nSeverity: Low\n\nIn a DTLS connection where handshake messages are delivered out-of-order those\nmessages that OpenSSL is not yet ready to process will be buffered for later\nuse. Under certain circumstances, a flaw in the logic means that those messages\ndo not get removed from the buffer even though the handshake has been completed. \nAn attacker could force up to approx. 15 messages to remain in the buffer when\nthey are no longer required. These messages will be cleared when the DTLS\nconnection is closed. The default maximum size for a message is 100k. Therefore\nthe attacker could force an additional 1500k to be consumed per connection. By\nopening many simulataneous connections an attacker could cause a DoS attack\nthrough memory exhaustion. \n\nOpenSSL 1.0.2 DTLS users should upgrade to 1.0.2i\nOpenSSL 1.0.1 DTLS users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 22nd June 2016 by Quan Luo. The fix was\ndeveloped by Matt Caswell of the OpenSSL development team. \n\nDTLS replay protection DoS (CVE-2016-2181)\n==========================================\n\nSeverity: Low\n\nA flaw in the DTLS replay attack protection mechanism means that records that\narrive for future epochs update the replay protection \"window\" before the MAC\nfor the record has been validated. This could be exploited by an attacker by\nsending a record for the next epoch (which does not have to decrypt or have a\nvalid MAC), with a very large sequence number. This means that all subsequent\nlegitimate packets are dropped causing a denial of service for a specific\nDTLS connection. \n\nOpenSSL 1.0.2 DTLS users should upgrade to 1.0.2i\nOpenSSL 1.0.1 DTLS users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 21st November 2015 by the OCAP audit team. \nThe fix was developed by Matt Caswell of the OpenSSL development team. \n\nCertificate message OOB reads (CVE-2016-6306)\n=============================================\n\nSeverity: Low\n\nIn OpenSSL 1.0.2 and earlier some missing message length checks can result in\nOOB reads of up to 2 bytes beyond an allocated buffer. There is a theoretical\nDoS risk but this has not been observed in practice on common platforms. \n\nThe messages affected are client certificate, client certificate request and\nserver certificate. As a result the attack can only be performed against\na client or a server which enables client authentication. \n\nOpenSSL 1.1.0 is not affected. \n\nOpenSSL 1.0.2 users should upgrade to 1.0.2i\nOpenSSL 1.0.1 users should upgrade to 1.0.1u\n\nThis issue was reported to OpenSSL on 22nd August 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Stephen Henson of the OpenSSL\ndevelopment team. \n\nExcessive allocation of memory in tls_get_message_header() (CVE-2016-6307)\n==========================================================================\n\nSeverity: Low\n\nA TLS message includes 3 bytes for its length in the header for the message. \nThis would allow for messages up to 16Mb in length. Messages of this length are\nexcessive and OpenSSL includes a check to ensure that a peer is sending\nreasonably sized messages in order to avoid too much memory being consumed to\nservice a connection. A flaw in the logic of version 1.1.0 means that memory for\nthe message is allocated too early, prior to the excessive message length\ncheck. Due to way memory is allocated in OpenSSL this could mean an attacker\ncould force up to 21Mb to be allocated to service a connection. This could lead\nto a Denial of Service through memory exhaustion. However, the excessive message\nlength check still takes place, and this would cause the connection to\nimmediately fail. Assuming that the application calls SSL_free() on the failed\nconneciton in a timely manner then the 21Mb of allocated memory will then be\nimmediately freed again. Therefore the excessive memory allocation will be\ntransitory in nature. This then means that there is only a security impact if:\n\n1) The application does not call SSL_free() in a timely manner in the\nevent that the connection fails\nor\n2) The application is working in a constrained environment where there\nis very little free memory\nor\n3) The attacker initiates multiple connection attempts such that there\nare multiple connections in a state where memory has been allocated for\nthe connection; SSL_free() has not yet been called; and there is\ninsufficient memory to service the multiple requests. \n\nExcept in the instance of (1) above any Denial Of Service is likely to\nbe transitory because as soon as the connection fails the memory is\nsubsequently freed again in the SSL_free() call. However there is an\nincreased risk during this period of application crashes due to the lack\nof memory - which would then mean a more serious Denial of Service. \n\nThis issue does not affect DTLS users. \n\nOpenSSL 1.1.0 TLS users should upgrade to 1.1.0a\n\nThis issue was reported to OpenSSL on 18th September 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL\ndevelopment team. \n\nExcessive allocation of memory in dtls1_preprocess_fragment() (CVE-2016-6308)\n=============================================================================\n\nSeverity: Low\n\nThis issue is very similar to CVE-2016-6307. The underlying defect is different\nbut the security analysis and impacts are the same except that it impacts DTLS. \n\nA DTLS message includes 3 bytes for its length in the header for the message. \nThis would allow for messages up to 16Mb in length. Messages of this length are\nexcessive and OpenSSL includes a check to ensure that a peer is sending\nreasonably sized messages in order to avoid too much memory being consumed to\nservice a connection. A flaw in the logic of version 1.1.0 means that memory for\nthe message is allocated too early, prior to the excessive message length\ncheck. Due to way memory is allocated in OpenSSL this could mean an attacker\ncould force up to 21Mb to be allocated to service a connection. This could lead\nto a Denial of Service through memory exhaustion. However, the excessive message\nlength check still takes place, and this would cause the connection to\nimmediately fail. Assuming that the application calls SSL_free() on the failed\nconneciton in a timely manner then the 21Mb of allocated memory will then be\nimmediately freed again. Therefore the excessive memory allocation will be\ntransitory in nature. This then means that there is only a security impact if:\n\n1) The application does not call SSL_free() in a timely manner in the\nevent that the connection fails\nor\n2) The application is working in a constrained environment where there\nis very little free memory\nor\n3) The attacker initiates multiple connection attempts such that there\nare multiple connections in a state where memory has been allocated for\nthe connection; SSL_free() has not yet been called; and there is\ninsufficient memory to service the multiple requests. \n\nExcept in the instance of (1) above any Denial Of Service is likely to\nbe transitory because as soon as the connection fails the memory is\nsubsequently freed again in the SSL_free() call. However there is an\nincreased risk during this period of application crashes due to the lack\nof memory - which would then mean a more serious Denial of Service. \n\nThis issue does not affect TLS users. \n\nOpenSSL 1.1.0 DTLS users should upgrade to 1.1.0a\n\nThis issue was reported to OpenSSL on 18th September 2016 by Shi Lei (Gear Team,\nQihoo 360 Inc.). The fix was developed by Matt Caswell of the OpenSSL\ndevelopment team. \n\nNote\n====\n\nAs per our previous announcements and our Release Strategy\n(https://www.openssl.org/policies/releasestrat.html), support for OpenSSL\nversion 1.0.1 will cease on 31st December 2016. No security updates for that\nversion will be provided after that date. Users of 1.0.1 are advised to\nupgrade. \n\nSupport for versions 0.9.8 and 1.0.0 ended on 31st December 2015. Those\nversions are no longer receiving security updates. \n\nReferences\n==========\n\nURL for this Security Advisory:\nhttps://www.openssl.org/news/secadv/20160922.txt\n\nNote: the online version of the advisory may be updated with additional details\nover time. \n\nFor details of OpenSSL severity classifications please see:\nhttps://www.openssl.org/policies/secpolicy.html\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-2179"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004778"
},
{
"db": "BID",
"id": "92987"
},
{
"db": "VULMON",
"id": "CVE-2016-2179"
},
{
"db": "PACKETSTORM",
"id": "138870"
},
{
"db": "PACKETSTORM",
"id": "138817"
},
{
"db": "PACKETSTORM",
"id": "138820"
},
{
"db": "PACKETSTORM",
"id": "138826"
},
{
"db": "PACKETSTORM",
"id": "169633"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-2179",
"trust": 3.3
},
{
"db": "BID",
"id": "92987",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1036689",
"trust": 1.7
},
{
"db": "SIEMENS",
"id": "SSA-412672",
"trust": 1.7
},
{
"db": "TENABLE",
"id": "TNS-2016-21",
"trust": 1.7
},
{
"db": "TENABLE",
"id": "TNS-2016-20",
"trust": 1.7
},
{
"db": "TENABLE",
"id": "TNS-2016-16",
"trust": 1.7
},
{
"db": "JUNIPER",
"id": "JSA10759",
"trust": 1.7
},
{
"db": "PULSESECURE",
"id": "SA40312",
"trust": 1.7
},
{
"db": "JVN",
"id": "JVNVU98667810",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004778",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2022.0696",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201609-103",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-22-349-21",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-2179",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "138870",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "138817",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "138820",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "138826",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169633",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-2179"
},
{
"db": "BID",
"id": "92987"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004778"
},
{
"db": "PACKETSTORM",
"id": "138870"
},
{
"db": "PACKETSTORM",
"id": "138817"
},
{
"db": "PACKETSTORM",
"id": "138820"
},
{
"db": "PACKETSTORM",
"id": "138826"
},
{
"db": "PACKETSTORM",
"id": "169633"
},
{
"db": "NVD",
"id": "CVE-2016-2179"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-103"
}
]
},
"id": "VAR-201609-0031",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.41024942
},
"last_update_date": "2023-12-25T20:37:50.294000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20160927-openssl",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160927-openssl"
},
{
"title": "1995039",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039"
},
{
"title": "NV17-001",
"trust": 0.8,
"url": "http://jpn.nec.com/security-info/secinfo/nv17-001.html"
},
{
"title": "OpenSSL 1.0.2 Series Release Notes",
"trust": 0.8,
"url": "https://www.openssl.org/news/openssl-1.0.2-notes.html"
},
{
"title": "OpenSSL 1.0.1 Series Release Notes",
"trust": 0.8,
"url": "https://www.openssl.org/news/openssl-1.0.1-notes.html"
},
{
"title": "Fix DTLS buffered message DoS attack",
"trust": 0.8,
"url": "https://git.openssl.org/?p=openssl.git;a=commit;h=f5c7f5dfbaf0d2f7d946d0fe86f08e6bcb36ed0d"
},
{
"title": "Oracle Critical Patch Update Advisory - October 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"title": "Oracle Linux Bulletin - October 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html"
},
{
"title": "Oracle VM Server for x86 Bulletin - October 2016",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html"
},
{
"title": "SA40312",
"trust": 0.8,
"url": "https://kb.pulsesecure.net/articles/pulse_security_advisories/sa40312"
},
{
"title": "SA132",
"trust": 0.8,
"url": "https://bto.bluecoat.com/security-advisory/sa132"
},
{
"title": "JSA10759",
"trust": 0.8,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10759"
},
{
"title": "Splunk Enterprise 6.4.5 addresses multiple vulnerabilities",
"trust": 0.8,
"url": "http://www.splunk.com/view/sp-caaapue"
},
{
"title": "Splunk Enterprise 6.5.1 addresses multiple OpenSSL vulnerabilities",
"trust": 0.8,
"url": "http://www.splunk.com/view/sp-caaapsv"
},
{
"title": "TNS-2016-16",
"trust": 0.8,
"url": "https://www.tenable.com/security/tns-2016-16"
},
{
"title": "OpenSSL Security vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=63926"
},
{
"title": "Red Hat: Important: openssl security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20161940 - security advisory"
},
{
"title": "Arch Linux Issues: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=cve-2016-2179"
},
{
"title": "Red Hat: CVE-2016-2179",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2016-2179"
},
{
"title": "Ubuntu Security Notice: openssl vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3087-1"
},
{
"title": "Ubuntu Security Notice: openssl regression",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3087-2"
},
{
"title": "Amazon Linux AMI: ALAS-2016-755",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2016-755"
},
{
"title": "Arch Linux Advisories: [ASA-201609-23] openssl: multiple issues",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=asa-201609-23"
},
{
"title": "Arch Linux Advisories: [ASA-201609-24] lib32-openssl: multiple issues",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=asa-201609-24"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - January 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=69e9536e77203a3c76b24dd89f4f9300"
},
{
"title": "Tenable Security Advisories: [R7] Nessus 6.9 Fixes Multiple Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=tns-2016-16"
},
{
"title": "Symantec Security Advisories: SA132 : OpenSSL Vulnerabilities 22-Sep-2016 and 26-Sep-2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=1e6dcaf5dac6ef96a7d917a8c1393040"
},
{
"title": "Cisco: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: September 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20160927-openssl"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=05aabe19d38058b7814ef5514aab4c0c"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - July 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=ac5af5dd99788925425f5747ec672707"
},
{
"title": "Tenable Security Advisories: [R3] PVS 5.2.0 Fixes Multiple Third-party Library Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=tns-2016-20"
},
{
"title": "Tenable Security Advisories: [R2] LCE 4.8.2 Fixes Multiple Third-party Library Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=tns-2016-21"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - July 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=586e6062440cdd312211d748e028164e"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - October 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=6839c4d3fd328571c675c335d58b5591"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - July 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=2f446a7e1ea263c0c3a365776c6713f2"
},
{
"title": "Forcepoint Security Advisories: CVE-2016-2180 to -2183, -6302 to -6309, -2179, -7052 OpenSSL Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=forcepoint_security_advisories\u0026qid=a9dd8a175d084c7432b7ad47715ac50c"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - April 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=a31bff03e9909229fd67996884614fdf"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - January 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=e2a7f287e9acc8c64ab3df71130bc64d"
},
{
"title": "Oracle VM Server for x86 Bulletins: Oracle VM Server for x86 Bulletin - October 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_vm_server_for_x86_bulletins\u0026qid=21c0efa2643d707e2f50a501209eb75c"
},
{
"title": "Oracle Linux Bulletins: Oracle Linux Bulletin - October 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=13f3551b67d913fba90df4b2c0dae0bf"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - April 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=4019ca77f50c7a34e4d97833e6f3321e"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - April 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=143b3fb255063c81571469eaa3cf0a87"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=523d3f220a64ff01dd95e064bd37566a"
},
{
"title": "CVE Scanning of Alpine base images using Multi Stage builds in Docker 17.05\nSummary",
"trust": 0.1,
"url": "https://github.com/tomwillfixit/alpine-cvecheck "
},
{
"title": "OpenSSL-CVE-lib",
"trust": 0.1,
"url": "https://github.com/chnzzh/openssl-cve-lib "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-2179"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004778"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-103"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-004778"
},
{
"db": "NVD",
"id": "CVE-2016-2179"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039"
},
{
"trust": 1.8,
"url": "http://rhn.redhat.com/errata/rhsa-2016-1940.html"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/92987"
},
{
"trust": 1.7,
"url": "http://www.splunk.com/view/sp-caaapue"
},
{
"trust": 1.7,
"url": "http://www.splunk.com/view/sp-caaapsv"
},
{
"trust": 1.7,
"url": "https://kb.pulsesecure.net/articles/pulse_security_advisories/sa40312"
},
{
"trust": 1.7,
"url": "https://bto.bluecoat.com/security-advisory/sa132"
},
{
"trust": 1.7,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10759"
},
{
"trust": 1.7,
"url": "https://www.tenable.com/security/tns-2016-16"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1036689"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"trust": 1.7,
"url": "https://www.tenable.com/security/tns-2016-21"
},
{
"trust": 1.7,
"url": "https://www.tenable.com/security/tns-2016-20"
},
{
"trust": 1.7,
"url": "https://security.freebsd.org/advisories/freebsd-sa-16:26.openssl.asc"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"trust": 1.7,
"url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03856en_us"
},
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
},
{
"trust": 1.1,
"url": "https://git.openssl.org/?p=openssl.git%3ba=commit%3bh=f5c7f5dfbaf0d2f7d946d0fe86f08e6bcb36ed0d"
},
{
"trust": 0.9,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160927-openssl"
},
{
"trust": 0.9,
"url": "https://git.openssl.org/?p=openssl.git;a=commit;h=f5c7f5dfbaf0d2f7d946d0fe86f08e6bcb36ed0d"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2179"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu98667810/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-2179"
},
{
"trust": 0.8,
"url": "http://www.bizmobile.co.jp/news_02.php?id=4069\u0026nc=1"
},
{
"trust": 0.6,
"url": "https://www.openssl.org/news/vulnerabilities.html#y2017"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2182"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2178"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6302"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2179"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2177"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2181"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6306"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6304"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2180"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6303"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2183"
},
{
"trust": 0.3,
"url": "http://www.openssl.org"
},
{
"trust": 0.3,
"url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory21.asc"
},
{
"trust": 0.3,
"url": "https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-openssl-affect-ibm-worklight-and-ibm-mobilefirst-platform-foundation-2/"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1024394"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=isg3t1024401"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1024648"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1021643"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
},
{
"trust": 0.3,
"url": "https://kc.mcafee.com/resources/sites/mcafee/content/live/product_documentation/27000/pd27128/en_us/meg_7_6_406_3402_103_release_notes_en_us.pdf"
},
{
"trust": 0.3,
"url": "https://www.pexip.com/sites/pexip/files/pexip_security_bulletin_2016-10-07.pdf"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21991724"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21992348"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21992898"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21993061"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21993856"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21993875"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995392"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995393"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995691"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995886"
},
{
"trust": 0.2,
"url": "https://www.openssl.org/news/secadv/20160922.txt"
},
{
"trust": 0.2,
"url": "http://www.ubuntu.com/usn/usn-3087-1"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/399.html"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=48598"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/3087-1/"
},
{
"trust": 0.1,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-21"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2180"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-6306"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2177"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2181"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-6304"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2179"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2182"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-6302"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-2178"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/blog/blog/2016/06/27/undefined-pointer-arithmetic/"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1-4ubuntu5.37"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu2.20"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.2g-1ubuntu4.4"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu2.21"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1-4ubuntu5.38"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.2g-1ubuntu4.5"
},
{
"trust": 0.1,
"url": "https://launchpad.net/bugs/1626883"
},
{
"trust": 0.1,
"url": "http://www.ubuntu.com/usn/usn-3087-2"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6308"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/policies/secpolicy.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6305"
},
{
"trust": 0.1,
"url": "https://sweet32.info)"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/policies/releasestrat.html),"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6307"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-2179"
},
{
"db": "BID",
"id": "92987"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004778"
},
{
"db": "PACKETSTORM",
"id": "138870"
},
{
"db": "PACKETSTORM",
"id": "138817"
},
{
"db": "PACKETSTORM",
"id": "138820"
},
{
"db": "PACKETSTORM",
"id": "138826"
},
{
"db": "PACKETSTORM",
"id": "169633"
},
{
"db": "NVD",
"id": "CVE-2016-2179"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-103"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2016-2179"
},
{
"db": "BID",
"id": "92987"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004778"
},
{
"db": "PACKETSTORM",
"id": "138870"
},
{
"db": "PACKETSTORM",
"id": "138817"
},
{
"db": "PACKETSTORM",
"id": "138820"
},
{
"db": "PACKETSTORM",
"id": "138826"
},
{
"db": "PACKETSTORM",
"id": "169633"
},
{
"db": "NVD",
"id": "CVE-2016-2179"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-103"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-09-16T00:00:00",
"db": "VULMON",
"id": "CVE-2016-2179"
},
{
"date": "2016-06-30T00:00:00",
"db": "BID",
"id": "92987"
},
{
"date": "2016-09-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-004778"
},
{
"date": "2016-09-27T19:32:00",
"db": "PACKETSTORM",
"id": "138870"
},
{
"date": "2016-09-22T22:22:00",
"db": "PACKETSTORM",
"id": "138817"
},
{
"date": "2016-09-22T22:25:00",
"db": "PACKETSTORM",
"id": "138820"
},
{
"date": "2016-09-23T19:19:00",
"db": "PACKETSTORM",
"id": "138826"
},
{
"date": "2016-09-22T12:12:12",
"db": "PACKETSTORM",
"id": "169633"
},
{
"date": "2016-09-16T05:59:00.143000",
"db": "NVD",
"id": "CVE-2016-2179"
},
{
"date": "2016-08-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201609-103"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2016-2179"
},
{
"date": "2018-01-18T12:00:00",
"db": "BID",
"id": "92987"
},
{
"date": "2017-10-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-004778"
},
{
"date": "2023-11-07T02:31:01.590000",
"db": "NVD",
"id": "CVE-2016-2179"
},
{
"date": "2022-12-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201609-103"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "138870"
},
{
"db": "PACKETSTORM",
"id": "138820"
},
{
"db": "PACKETSTORM",
"id": "138826"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-103"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL of DTLS Service disruption in implementations (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-004778"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201609-103"
}
],
"trust": 0.6
}
}